6 replies to this topic

[1PW]

The Sysinternals Troubleshooting Utilities have been rolled up into a single Suite of tools. This file contains the individual troubleshooting tools and help files. It does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.

The Sysinternals Suite collects all the Windows Sysinternals troubleshooting tools into a single file.
This includes Autoruns, for instance, still the most detailed way to view all the programs that are configured to launch when Windows and various system applications load.
You get Process Explorer, a supercharged version of Task Manager that shows you a huge amount of information about the programs running on your PC, what they're doing, and the resources they're consuming.
Process Monitor offers a powerful way to zoom in on a particular application. Have you ever run into problems with a program that keeps crashing for no apparent reason, say? Process Monitor can log all its hard drive, Registry and other actions, often helping you figure out the cause, and maybe get it fixed.

Product Info: Sysinternals Suite

[Anchor Page for Sysinternals Topic]

[ShyWriter]

.
.

Sysinternals Suites Update

By Mark Russinovich
Updated: January 10th, 2013

Download Sysinternals Suite
all utilities included)
(12.9 MB)

Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61

Changes from 4&6 Dec 2012 to
safarr_msft1
10/11 Jan 2013 16:58 PM

What's New

What's New (January 11, 2013)

• Mark’s Blog: Hunting Down and Killing Ransomware
  In Mark’s latest post he takes you behind the scenes of the current ransomware scourge, showing examples of how they try and coerce users to paying, explaining how they work and detailing how you can use Sysinternals tools to clean them from an infected system.

Autoruns v11.4:
Adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug.

Procdump v5.12:
This Procdump update fixes a bug introduced in v5.11 where it doesn’t save information required by the !runaway debugger command.

SDelete v1.61:
SDelete v1.61 fixes drive letter syntax consistency in its parsing of command line arguments.

SOURCE: TechNet Blogs > Sysinternals Site Discussion > Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61

Steve

[ShyWriter]

..

Sysinternals Suites Update

By Mark Russinovich
Updated: January 24th, 2013

Download Sysinternals Suite
all utilities included)
(12.9 MB)

What's New

What's New (January 24th, 2013)
[since January 11th, 2013]

safarr_msft1
24 Jan 2013 12:36 PM

Updates: Autoruns v11.41, Handle v3.51, Movefile v1.01, Procdump v5.13, Sigcheck v1.9

Autoruns v11.41:
This Autoruns update reports the hosting image target of link shortcut references.

Handle v3.51:
This minor update to Handle, a command-line utility that dumps process handle tables, fixes a bug in its file share drive letter formatting.

Movefile v1.01:
Movefile, a utility for scheduling file delete and rename operations for when the system reboots, now correctly handles 64-bit system paths.

Procdump v5.13:
This update to Procdump, a command-line utility that generates on-demand and trigger-based process crash dump files, now supports triggers for when process CPU usage, memory consumption or arbitrary performance counters fall below a specified value.

Sigcheck v1.9:
Sigcheck, a command-line file-version and signature verification tool, now reports certificate publisher names, capitalizes hash values, and fixes a certificate chain validation bug.

SOURCE:
TechNet Blogs > Sysinternals Site Discussion > Updates: Autoruns v11.41, Handle v3.51, Movefile v1.01, Procdump v5.13, Sigcheck v1.9

Steve

[ShyWriter]

Jan 30, 2013 - Maintenance Update

TechNet Blogs > Sysinternals Site Discussion > Update: Autoruns v11.42

Update: Autoruns v11.42

safarr_msft1
30 Jan 2013 11:15 PM

Autoruns v11.42:
This release fixes a bug in the parsing of network file paths introduced in v11.41.

Steve

[ShyWriter]

.

Sysinternals Suites Update

By Mark Russinovich
Updated: February 4th, 2013

Download Sysinternals Suite
all utilities included)
(12.5 MB / ZIP)

What's New

What's New (February 4th, 2013)
[since January 24th, 2013]

Updates: Pendmoves v1.2, Process Explorer v15.3, Sigcheck v1.91, Zoomit v4.42

safarr_msft1
4 Feb 2013 11:17 PM

Pendmoves v1.2:
This update to Pendmoves adds support for 64-bit directories.

Process Explorer v15.3:
This major Process Explorer release includes heat-map display for process CPU, private bytes, working set and GPU columns, sortable security groups in the process properties security page, and tooltip reporting of tasks executing in Windows 8 Taskhostex processes. It also creates dump files that match the bitness of the target process and works around a bug introduced in Windows 8 disk counter reporting.

Sigcheck v1.91:
This update to Sigcheck prints the link time for executable files instead of the file last-modified time, and fixes a bug introduced in 1.9 where the –q switch didn’t suppress the print out of the banner.

Zoomit v4.42:
Zoomit now includes an option to suppress zoom-in and zoom-out animation to better support remote RDP sessions and fixes a bug that caused static zoom to snap to the top and left side of the screen in some cases.

SOURCE:
TechNet Blogs > Sysinternals Site Discussion > Updates: Pendmoves v1.2, Process Explorer v15.3, Sigcheck v1.91, Zoomit v4.42


Steve

[ShyWriter]

.

Sysinternals Suites Update

By Mark Russinovich
Updated: March 27th, 2013

Download Sysinternals Suite
all utilities included)
(12.5 MB / ZIP)

What's New

What's New (March 27th, 2013)
[since February 4th, 2013]

Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0

safarr_msft1
27 Mar 2013 4:23 PM

Autoruns v11.5:
This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.

Disk Usage (Du) v1.5:
Du, a command-line utility for reporting the disk space consumed by directories and their files, has expanded CSV output that includes file and directory counts, as well as an option for tab-delimiting, which is a format more convenient for import into Excel than comma-delimited.

ProcDump v5.14:
This release of Procdump, a command-line utility that enables the capture of process dumps based on numerous trigger types including on-demand, doesn’t report process exceptions unless the exception trigger is specified.

Process Monitor v3.04:
Procmon, a power system activity monitor, now includes support for new Windows 8 file information query types and fixes a bug in the tooltip handling.

Registry Usage (RU) v1.0:
Ru (Registry Usage) is a new command-line utility that reports the size, value and subkey counts of registry keys. Like its Sysinternals Du (Disk Usage) counterpart, Ru can help you find the keys that contribute to registry bloat.

SOURCE:
TechNet Blogs > Sysinternals Site Discussion > Updates: Pendmoves v1.2, Process Explorer v15.3, Sigcheck v1.91, Zoomit v4.42

Steve

[ShyWriter]

.

Sysinternals Suites Update

By Mark Russinovich
Updated: May 17th, 2013

Download Sysinternals Suite
all utilities included)
(12.5 MB / ZIP)

What's New
(May 17th, 2013)
[since March 27th, 2013]

Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51

safarr_msft1
17 May 2013 2:47 PM

AccessChk v5.11:
AccessChk, a command line utility for
dumping the effective permissions and security descriptors for files, registry
keys, processes, tokens, object manager objects, now prefixes Windows 8
application container SIDs with the word “Package”, and includes minor several
bug fixes.

Procdump v6.0:
Procdump is an advanced utility for
capturing process memory dumps based on a variety of triggers including CPU
usage, memory usage, performance counter values, and exceptions. Version 6.0 is
a major upgrade that adds the ability to specify multiple filters, attach to a
process by service name, and display/filter on the message text of a CLR or
JScript exception.

RAMMap v1.22:
RAMMap is a graphic utility that shows
the breakdown of physical memory usage across different dimensions. This
release fixes a bug that could cause a crash when accessing the cached files
page when a cached file’s name exceeded a certain length.

Strings v2.51: This update to Strings, a command-line
utility that prints a file’s embedded Unicode and ASCII strings, fixes a signed
file offset printing bug.

SOURCE:
TechNet Blogs > Sysinternals Site Discussion > Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51

Steve