Version history for Sysinternals Suite
Changes for June 14, 2017 - Sep 12 2017
- Sysmon v6.1
- This update to Sysmon, a background monitor that records activity to the event log for use in security incident detection and forensics, adds monitoring of WMI filters and consumers, an autostart mechanism commonly used by malware, and fixes a bug in image load filtering.
- Process Monitor v3.4
- Process Monitor, a file system registry, process and network real-time monitor, now includes a /runtime switch for terminating monitoring after a specified amount of time, when in hexadecimal mode shows process tree process IDs in hexadecimal, and fixes a bug in automated boot log conversion.
- Autotuns v13.8
- This release of Autoruns, a utility for viewing and managing autostart execution points (ASEPs), adds additional autostart entry points, has asynchronous file saving, fixes a bug parsing 32-bit paths on 64-bit Windows, shows the display name for drivers and services, and fixes a bug in offline Virus Total scanning.
- AccessChk v6.11
- This update to AccessChk, a command-line utility that reports effective access and can dump access control lists, adds a cache to improve queries that enumerate multiple objects, and has the -s switch start container enumeration at the specified container when -d is specified.
Changes for February 17, 2017 - May 16, 2017
- ProcDump v9
- Autoruns v13.71
- BgInfo v4.22
- LiveKd v5.62
- Process Monitor v3.33
- Process Explorer v16.21
Changes for May 23, 2012 - June 6, 2012
- Process Explorer v15.2, Testlimit v5.21, Pskill v1.14
Changes for January 12, 2012 - Feb 16, 2012
- Coreinfo v3.04: Coreinfo, a tool that dumps information about a system’s processor topology and capabilities, adds a fix for a bug that sometimes misreported the presence of hyperthreading
- DebugView v4.78: This update to DebugView, a utility for capturing and logging user-mode and kernel-mode debug output messages, can now capture output generated by Metro applications on Windows 8.
- LiveKd v5.1: LiveKd, a utility for leveraging kernel debuggers to analyze live physical systems or Hyper-V virtual machines, now supports newer Intel processors that implement the XSAVE instruction.
- Process Explorer v15.13: This Process Explorer release adds Background priority to the process context menu, which sets the CPU, memory and I/O priorities of a process to low, and includes a bug fix for restoring user-entered process comments.
Changes for December 15, 2011 - January 12, 2012
- This update to Autoruns fixes a number of minor bugs, including one that could result in a crash when certain scheduled tasks are configured.