Sysinternals Suite


Sysinternals Suite

  • benne  Male
  • Elitni građanin
  • Pridružio: 14 Okt 2010
  • Poruke: 2272
  • Gde živiš: From Bissau to Palau

Napisano: 04 Maj 2011 12:43

Sysinternals Suite 03.05.2011

· ZoomIt v4.2: This update to ZoomIt, a screen magnification and annotation utility, now adjusts the drawing pen size when you enter drawing mode from live zoom to match the static zoom pen size.
· Process Explorer v14.11: Process Explorer v14.11 includes the ability to configure network and disk activity icons in the tray.
· ProcDump v3.04: This update to ProcDump’s miniplus dump type (-mp) includes heuristics that include thread stack memory.

Dopuna: 19 Maj 2011 13:59

Sysinternals Suite 18.05.2011

VMMap v3.1: VMMap, a process virtual and physical memory analyzer, now shows the ASLR status of images and reports “unusable” virtual memory regions.
RAMMap v1.11: This update to RAMMap, a system memory usage analyzer, adds command-line options for loading files and exporting scans, creates a file association and fixes several bugs.
Handle v3.46: This update has Handle use the same helper driver as Process Explorer.
Process Explorer v14.12: This update fixes a bug that prevents removal of tray icons under certain conditions.

Dopuna: 19 Jul 2011 2:36

Sysinternals Suite 18.07.2011

Process Explorer v15: Process Explorer v15 celebrates the release of the Sysinternals Administrator Reference and the upcoming 15th anniversary of Sysinternals. This major update to Process Explorer, a powerful tool for inspecting and controlling processes, threads, loaded DLLs, and more, adds GPU utilization and memory monitoring on Vista and higher. It also adds the ability to restart services, has a smaller memory footprint, and has visually cleaner performance graphs.
Listdlls v3.1: Listdlls, a command-line utility for listing and searching for loaded DLLs, now dumps full file version information, including digital signatures. It also adds a new option designed to aid in malware hunting that filters output to include only unsigned DLLs.
Findlinks v1: This new command-line utility lists the hard links associated with a specified file.

Dopuna: 26 Jul 2011 18:35

Sysinternals Suite 25.07.2011

Process Explorer v15.01: This update adds the ability to select a custom graph background color, adds paged and nonpaged pool quota columns to the process view, fixes incorrect information on the disk and network process properties dialog on 32-bit Windows, and fixes a GPU tray icon bug.
TCPView v3.05: This update fixes a bug when sorting by the state column.

Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
  • Rogi  Male
  • Mod u pemziji
  • Najbolji košarkaš koji
  • je ikada igrao ovu igru
  • Pridružio: 31 Avg 2005
  • Poruke: 11687

Sysinternals Suite August 18, 2011

· ProcDump v4.0: This update for ProcDump, a trigger-based process dump capture utility, enables you to control the contents of the dump with your own minidump callback DLL and adds a new switch, -w, that has ProcDump wait for a specified process to start.
· Process Monitor v2.96: This release changes the appearance of its tooltips to the default theme, fixes a drawing bug in the treeview, and updates the graphs to match the style introduced in Process Explorer v15.
· Process Explorer v15.02: Process Explorer v15.02 includes minor updates to the drawing routines.


  • benne  Male
  • Elitni građanin
  • Pridružio: 14 Okt 2010
  • Poruke: 2272
  • Gde živiš: From Bissau to Palau

Napisano: 14 Nov 2011 0:42

Sysinternals Suite 2011.11.10

Autoruns v11.1: This update to Autoruns adds several new autostart locations, reports the active filter in the status bar, and highlights unsigned images and those with no company name or description to make them easy to spot.
AccessChk v5.02: This AccessChk release includes improved error messages, reports registry key delete permission, and includes a manifest.
Coreinfo v3.02: This minor update to Coreinfo, a command-line tool that reports supported CPU features and topology, includes Microsoft’s SLAT term for Intel’s Extended Page Table and AMD’s Nested Paging virtualization features.
Microsoft Security Intelligence Report v11: Microsoft’s regular report on the state of malware covering January through June of 2011 is out and includes a primer by Mark on using the Sysinternals tools to identify and clean malware.

Dopuna: 25 Mar 2012 12:26

Sysinternals Suite 2012.03.23

· Autoruns 11.22
· Process Monitor 3.0: This update to Process Monitor, a real-time file, registry, process and network monitor, adds bookmark support so that you can flag specific lines in a trace for easy reference later. Shortcut keys enable you to move quickly between bookmarks and you can even add bookmarks to existing trace files. You can also convert a highlight filter to an include filter and shortcut keys move between highlighted lines. Additional features include process create events add the complete contents of the new process environment block as well as the starting current directory. Finally, process Monitor now records process environment variables and current working directory for process create events (thanks to Dmitri Davydok for his contribution) and displays the names of new Windows 8 file system control codes.

Dopuna: 18 Apr 2012 2:07

Sysinternals Suite 2012.04.16

NotMyFault: Notmyfault is a tool used in the Windows Internals books to show how common device driver bugs affect a system. This update includes numerous enhancements contributed by Dan Pearson, including new crash types, a revamped user interface, and it reports of the amount of pool it has leaked.
Process Monitor v3.01: This update to Process Monitor, a real-time file, registry, process and network monitor, adds decoding of several new Windows 8 file system control codes, including offload read and write, and now obtains image version information for 32-bit DLLs when run on 64-bit Windows.
TestLimit v5.2: Testlimit, a demonstration tool used in the Windows Internals books to illustrate resource usage concepts, has minor enhancements including filling memory that it allocates with an identifiable string.
Mark’s Webcasts - Zero Day: A Non-Fiction View: Mark makes the case for how his hit cyberthriller, Zero Day, is likely to be realized in non-fiction form in this 20-minute short version of his popular RSA Conference session.
Windows Internals 6th Edition, Part 1: We’re excited to announce that Part 1 of Windows Internals, 6th Edition, is now available for order in hard copy and multiple ebook formats. This edition, like previous ones, makes heavy use of the Sysinternals to demonstrate key concepts. It covers Windows 7 and Windows Server 2008 R2 and the amount of new material required splitting the book into two volumes (Part 2 will be available soon). The first volume includes system concepts; architecture overview; system mechanisms; management mechanisms; processes, threads and jobs; security; and networking.

Dopuna: 15 Maj 2012 13:53

Sysinternals Suite 2012.05.14

Autoruns v11.3: This update to Autoruns, a utility that shows the executables, drivers, and DLLs configured to autostart, adds several new autostart locations, sets a file association for its log file extension, reports the target of Rundll32 and other host executables, and fixes several bugs.
LiveKd v5.2: LiveKd, a command-line utility for performing live read-only debugging of the local system and virtual machines, now includes an option that has it generate a fully-consistent kernel dump file of a running system.
Strings v2.5: Strings, a command-line utility that dumps a file’s printable UNICODE and ASCII strings, adds an option to specify the starting offset in the file from where it will scan for strings.

Dopuna: 08 Jun 2012 10:02

Sysinternals Suite 2012.06.06

Process Explorer v15.2: This major update to Process Explorer, a Task Manager replacement, merges Autoruns functionality by adding a new Autostart Location column and property to the process and DLL views that indicates where an image is configured to automatically start or load. It also adds .NET stack walking support to the thread stack dialog, adds a process timeline column that graphically depicts a process’s lifetime relative other processes, and uses the Windows 8 private ETW logger which enables better coexistence with other ETW-based tools.
Testlimit v5.21:This update clarifies some of the output messages.
Pskill v1.14: This release to PsKill, a command-line tool for terminating processes, includes some minor bug fixes.

  • benne  Male
  • Elitni građanin
  • Pridružio: 14 Okt 2010
  • Poruke: 2272
  • Gde živiš: From Bissau to Palau

Napisano: 12 Sep 2012 14:22

Sysinternals Suite 2012.09.10

Autoruns v11.34: This release of Autoruns fixes a bug that caused it to not show some Internet Explorer extensions.
ProcDump v5.0: Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and exceptions. Version 5.0 is a major upgrade that adds the ability to configure exception filters based on managed and native exception types, extends support to Windows 8 modern applications, and integrates with Process Monitor’s debug output logging.
Sigcheck v1.8: This update to Sigcheck, a command-line file version and digital signature verification utility, shows detailed certificate information such as certificate usage, validity dates, and thumbprints, and also shows a file’s counter-signing chain if it has one.
VMMap v3.11: VMMap, a utility that shows detailed information about a process’ virtual and physical memory usage, now reports commit usage instead of working set in its timeline view and fixes a bug that enables export of captures of 32-bit processes.

Dopuna: 04 Okt 2012 14:36

Sysinternals Suite 2012.10.03

PsPing v1.0: PsPing is a new Sysinternals PsTools command-line utility for measuring network performance. In addition to standard ICMP ping functionality, it can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available to a connection between systems. Besides obtaining min, max, and average values in 0.01ms resolution, you can also use PsPing to generate histograms of the results that are easy to import into spreadsheets.
DebugView v4.8: This release of DebugView, a debug output monitoring utility, addresses a bug that could cause DebugView to blue screen on “checked build” (debug) versions of Windows.
Process Explorer v15.23: This update to Process Explorer adds the ability to view the process token of protected processes, fixes a bug that causes a crash when viewing thread stacks on Windows XP, and fixes a bug that causes a crash when running on Windows PE.
Sigcheck v1.81: This update to Sigcheck, a command-line utility for analyzing the digital signatures of executable images, fixes a bug that could cause it to crash when reporting the signing status of images that have invalid signatures.

  • benne  Male
  • Elitni građanin
  • Pridružio: 14 Okt 2010
  • Poruke: 2272
  • Gde živiš: From Bissau to Palau

Napisano: 21 Okt 2012 3:16

Sysinternals Suite 17.10.2012.

Coreinfo v3.1: This update to Coreinfo, a command line utility that reports detailed information about a system’s processor topology, CPU features, and cache topology, fixes a bug affecting the calculation of NUMA node costs and adds support for several more processor features, including RDRAND, LAHF/SAHF, Prefetchw and Intel Speedstep.
Desktops v2.0: Desktops, a virtual desktop utility for Windows that lets you create up to three additional workspaces, is now compatible with Windows 8, properly supporting Winkey hotkey sequences (like Winkey+R to bring up the Run dialog) on alternate desktops and switching back to the primary desktop’s start screen when you hit Winkey.
Livekd v5.3: LiveKd, a command-line utility that enables you to use the Windows kernel debuggers to examine live systems as well as virtual machines, now support Windows 8.
PsPasswd v1.23: PsPasswd, a Pstools utility for remoting changing local machine passwords, now includes support for changing domain account passwords.
Testlimit v5.22: This release of TestLimit, an educational tool for testing the way Windows handles exhaustion of various resource types such as system commit, fixes an output formatting bug that could have it report KB instead of MB.
Whois v1.11: Whois v1.11, a tool for looking up domain name registration information, includes bug fixes that could cause it to crash if provided with malformed domain name input strings.

Dopuna: 13 Jan 2013 2:47

Sysinternals Suite 11.01.2013

Autoruns v11.4: Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug.
Procdump v5.12: This Procdump update fixes a bug introduced in v5.11 where it doesn’t save information required by the !runaway debugger command.
SDelete v1.61: SDelete v1.61 fixes drive letter syntax consistency in its parsing of command line arguments.

  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Sysinternals Suite 2013-03-27

Changes in 2013-03-27:

Arrow Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.

Arrow Disk Usage (Du) v1.5: Du, a command-line utility for reporting the disk space consumed by directories and their files, has expanded CSV output that includes file and directory counts, as well as an option for tab-delimiting, which is a format more convenient for import into Excel than comma-delimited.

Arrow ProcDump v5.14: This release of Procdump, a command-line utility that enables the capture of process dumps based on numerous trigger types including on-demand, doesnt report process exceptions unless the exception trigger is specified.

Arrow Process Monitor v3.04: Procmon, a power system activity monitor, now includes support for new Windows 8 file information query types and fixes a bug in the tooltip handling.

Arrow Registry Usage (RU) v1.0: Ru (Registry Usage) is a new command-line utility that reports the size, value and subkey counts of registry keys. Like its Sysinternals Du (Disk Usage) counterpart, Ru can help you find the keys that contribute to registry bloat.


  • Aco  Male
  • Moderator foruma
  • Aleksandar
  • Pridružio: 12 Maj 2006
  • Poruke: 16823
  • Gde živiš: /home/aco

Sysinternals Suite 2013.05.16

What's New:

ProcDump v6.0
Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and exceptions. Version 6.0 is a major upgrade that adds the ability to specify multiple filters, attach to a process by service name, and display/filter-on the message text of a CLR or JScript exception.

  • Pridružio: 12 Feb 2007
  • Poruke: 1221

Napisano: 03 Feb 2017 18:34

Sysinternals Suite 18. 11. 2016.

Dopuna: 13 Jul 2018 7:47

Sysinternals Suite 05.06.2018

  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 15928

Microsoft Sysinternals Suite December, 2019

Ko je trenutno na forumu

Ukupno su 892 korisnika na forumu :: 36 registrovanih, 3 sakrivenih i 853 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AK - 230, bato, bojank2, BraneS, branko72, BSD2, caesar, damirZR, Djokkinen, dragonserbia, Drug Platov, flash12, ibssa, ILGromovnik, Insan, Jethro, kovac9mm, Kubovac, kvcali, Libertas, Lošmi, mercedesamg, mgaji21, Mihajlo2, mikrimaus2, Milan A. Nikolic, milekNS, ruseskij, ruso2, SAA fan, slonic_tonic, Srna, Uciteljgoran, voja64, yamato, zlatkoa987