What's New (March 21, 2013)
Autoruns v11.5
This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.
Registry Usage (RU) v1.0
Ru (Registry Usage) is a new command-line utility that reports the size, value and subkey counts of registry keys. Like its Sysinternals Du (Disk Usage) counterpart, Ru can help you find the keys that contribute to registry bloat.
What's New (February 5, 2013)
Process Explorer v15.3
This major Process Explorer release includes heat-map display for process CPU, private bytes, working set and GPU columns, sortable security groups in the process properties security page, and tooltip reporting of tasks executing in Windows 8 Taskhostex processes. It also creates dump files that match the bitness of the target process and works around a bug introduced in Windows 8 disk counter reporting.
What's New (January 24, 2013)
Procdump v5.13
This update to Procdump, a command-line utility that generates on-demand and trigger-based process crash dump files, now supports triggers for when process CPU usage, memory consumption or arbitrary performance counters fall below a specified value.
Sigcheck v1.9
Sigcheck, a command-line file-version and signature verification tool, now reports certificate publisher names, capitalizes hash values, and fixes a certificate chain validation bug.
What's New (January 11, 2013)
Mark’s Blog: Hunting Down and Killing Ransomware
In Mark’s latest post he takes you behind the scenes of the current ransomware scourge, showing examples of how they try and coerce users to paying, explaining how they work and detailing how you can use Sysinternals tools to clean them from an infected system.
Autoruns v11.4
Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug.
What's New (December 4, 2012)
ZoomIt v4.41
This update to ZoomIt, a screen magnification and annotation utility, includes smoother zooming behavior, adds the ability to specify the initial zoom level, and maintains the window focus when initiating live zooming.
What's New (November15, 2012)
Contig v1.7
Contig is a command-line file defragmentation and fragmentation analysis utility. v1.7 has more detailed fragmentation analysis reporting, fixes a bug that enables creation of contiguous files larger than 8GB, and adds support for setting the valid data length on files to avoid zero-fill overhead.
CoreInfo v3.2
Coreinfo, a command-line utility that dumps processor topology and feature support, now reports the presence of many additional features, including SMAP, RDSEED, BMI1, ADX, HLE, RTM, and INVPCID.
ProcDump v5.1
This major update to Procdump, a command-line utility for creating process crash dump files based on triggers or on-demand, adds support for Silverlight applications and the ability to register Procdump as the just-in-time (JIT) debugger for more advanced scenarios.