Sysinternals Update: ProcDump v9, Autoruns v13.71, BgInfo v4.22, LiveKd v5.62, Process Monitor v3.33, Process Explorer v16.21

ProcDump v9 This major update to ProcDump, a utility that enables process dump capture based on a variety of triggers, introduces the ability to take capture multiple dumps sizes. This is particularly useful when capturing crash dumps of applications susceptible to termination due to unresponsiveness (e.g. IIS Ping killing w3wp.exe). This release also adds support…


Updates: Handle v4.0. Procdump v7.01, Procexp v16.04, Regjump v1.02, Autoruns v12.03

Handle v4: Handle is a command-line utility that can show which processes have a handle to a file or other resource open, or show all open handles. Version 4 now works with standard-user rights, allowing standard users to identify the handles open by their processes.   ProcDump v7.01: This release fixes several bugs, including one…

0

Updates: Autoruns v12.0, Procdump v7.0

Autoruns v12.0: This release of Autoruns, a Windows application and command-line utility for viewing autostart entries, now reports the presence of batch file and executable image entries in the WMI database, a vector used by some types of malware. Procdump v7.0: Procdump, a utility for capturing process dump files based on CPU, memory, and other triggers,…

0

Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51

AccessChk v5.11: AccessChk, a command line utility fordumping the effective permissions and security descriptors for files, registrykeys, processes, tokens, object manager objects, now prefixes Windows 8application container SIDs with the word “Package”, and includes several minor bug fixes. Procdump v6.0: Procdump is an advanced utility forcapturing process memory dumps based on a variety of triggers…

0

Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0

Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory. Disk Usage…

0

Updates: Autoruns v11.41, Handle v3.51, Movefile v1.01, Procdump v5.13, Sigcheck v1.9

Autoruns v11.41: This Autoruns update reports the hosting image target of link shortcut references. Handle v3.51: This minor update to Handle, a command-line utility that dumps process handle tables, fixes a bug in its file share drive letter formatting. Movefile v1.01: Movefile, a utility for scheduling file delete and rename operations for when the system…

0

Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61

Autoruns v11.4: Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug. Procdump v5.12: This Procdump update fixes a bug introduced in v5.11 where it doesn’t save information required by the !runaway debugger command. SDelete v1.61: SDelete…

0

Updates: DebugView v4.81, ProcDump v5.11, ZoomIt v4.4

DebugView v4.81: Version 4.81 of DebugView, a utility that logs user and kernel-modedebug output messages,  fixes a bug that could cause it on some executionsto fail to capture debug output and enter a CPU-bound loop. ProcDump v5.11: This release of ProcDump fixes a bug introduced in version 5.1 thatprevented it from working on 32-bit Windows…

0

Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1

AdExplorer v1.44: This release fixes a bug that caused AdExplorer to crash when it encountered corrupted extended rights schemas. Contig v1.7: Contig is a command-line file defragmentation and fragmentation analysis utility. v1.7 has more detailed fragmentation analysis reporting, fixes a bug that enables creation of contiguous files larger than 8GB, and adds support for setting…

0

Updates: Autoruns v11.34, ProcDump v5.0, Sigcheck v1.8, VMMap v3.11

Autoruns v11.34: This release of Autoruns fixes a bug that caused it to not show some Internet Explorer extensions. ProcDump v5.0: Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and exceptions. Version 5.0 is a major upgrade that adds…

0