Sysmon v3.0This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, adds the process name to process terminate events, reports remote thread creation events, and improves the simplicity and flexibility of filter settings. Autoruns v13.3Autoruns, a utility that shows what processes, DLLs, and drivers are configured to automatically load, adds reporting of GP extension DLLs and now shows the target of hosting processes like cmd.exe and rundll32.exe. Regjump v1.1Regjump, a command-line utility that navigates Regedit to the registry path specified as a parameter, adds the -c option to jump to the path stored in the copy/paste clipboard. Process Monitor v3.11This update to Process Monitor, an interactive system activity monitoring utility, fixes a bug that could cause a crash in the stack summary dialog and a bug that could prevent boot monitoring from working on Windows 10.
LiveKd v5.4This update to Livekd, a tool that enables live kernel debugging for Windows systems and Hyper-V guest Windows virtual machines, now includes ‘live dump’ support for generating fast-snapshot crash-consistent kernel dump files using support introduced in Windows 8.1 and Windows Server 2012 R2. Autoruns v13.2In addition to bug fixes to CSV and XML output, Autorunsc introduces import-hash reporting, and Autoruns now excludes command-line and other host processes from the Microsoft and Windows filters. Sigcheck v2.2This release of Sigcheck, a command-line tool that reports file version, code signing, and hash information, introduces import-hash reporting and support for files larger than 4 GB. Process Explorer v16.05Process Explorer now includes a Protection column that shows process protection status.
Autoruns v13.01 This release fixes a bug in v13 that caused autostart entry lines not to show when you enter a filter string into the toolbar's filter control
Autoruns v13.0 This major update to Autoruns, an autostart execution point (ASEP) manager, now has integration with Virustotal.com to show the status of entries with respect to scans by over four dozen antimalware engines. It also includes a revamped scanning architecture that supports dynamic filters, including a free-form text filter, a greatly improved compare feature that highlights not just new items but deleted ones as well, and file saving and loading that preserves all the information of a scan