Updates: ProcDump v4.0, Process Monitor v2.96, Process Explorer v15.02, Mark’s Blog: The Case of the Hung Game Launcher, and Zero Day Malware Cleaning with the Sysinternals Tools

ProcDump v4.0: This update for ProcDump, a trigger-based process dump capture utility, enables you to control the contents of the dump with your own minidump callback DLL and adds a new switch, -w, that has ProcDump wait for a specified process to start. Process Monitor v2.96: This release changes the appearance of its tooltips to…

Updates: VMMap v3.1, RAMMap v1.11, Handle v3.46, Process Explorer v14.12 and Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 3

? VMMap v3.1: VMMap, a process virtual and physical memory analyzer, now shows the ASLR status of images and reports “unusable” virtual memory regions. RAMMap v1.11: This update to RAMMap, a system memory usage analyzer, adds command-line options for loading files and exporting scans, creates a file association and fixes several bugs. Handle v3.46: This update…

Mark’s Blog Nominated for “Niney Award”

Mark’s Blog Nominated for “Niney Award”: The first annual Niney Awards nominations are out and Mark’s Blog is nominated in the Favorite Blog About Microsoft category. Vote early and vote often!

Updates: ProcDump v3.02, Contig v1.6, TCPView v3.03 and a New Mark’s Blog Post

ProcDump v3.02: This update to ProcDump, a command-line utility that can capture process dumps based on performance or behavioral triggers, adds more information to the minidump plus dump type, and ignores breakpoint exceptions unless overridden with the new -b switch. It also leverages the installed Debugging Tools for Windows debug DLL, enabling it to save…

New Mark’s Blog post: Happy Holidays with a Festive Bluescreen of Death

Mark’s Blog: Happy Holidays with a Festive Bluescreen of Death: Mark’s latest blog post shows you how to change the colors of the infamous “bluescreen of death”, complete with a screenshot and instructions on how to make one that’s colored for the holiday season.

Updates: ProcDump v3.0, AccessChk v5.01 and a new Mark’s Blog Post

ProcDump v3.0: This update to ProcDump, a flexible command-line utility for capturing process dumps based on time, CPU, memory, or performance counter thresholds, adds a new dump type, Minidump Plus, that uses heuristics to create the equivalent of full dumps for very large processes, but with large data sections and caches omitted. This has been…

Updates: LiveKd v5.0 – and a related Mark’s Blog post, Disk2vhd v1.63, Sigcheck v1.71

LiveKd v5.0: LiveKd, a tool that enables live kernel debugging of Windows systems, can now debug and generate kernel dump files of Hyper-V Windows virtual machines from the parent partition without having to boot the target virtual machine in debug mode. See Mark’s most recent blog post, “Debugging Virtual Machines with LiveKd” for more information….

Updates: ProcDump v2.0, Process Monitor v2.92, and a new Mark’s Blog Post

ProcDump v2.0: This major update to ProcDump, a tool that captures process dumps based on process CPU usage, memory consumption, and other behaviors, can now be configured to generate dumps based on the values of system performance counters. Process Monitor v2.92: This update adds a toolbar button that makes the process tree dialog more accessible….

Updates: Process Monitor v2.9, Process Explorer v12.02, Testlimit v5.02 | A new Mark’s blog post and Mark to speak at the Windows Summit and TechEd US

Process Monitor v2.9: This update to Process Monitor adds translations for more error codes, the ability to disable individual filter entries, and a debugging API so that developers can insert debug output into the Process Monitor event stream (John Robbins has implemented helper classes for generating process monitor debug output from native and managed applications)….