Windows Sysinternals Suite (Build January 29, 2015)

Microsoft has released an update version (January 29, 2015) of Windows Sysinternals Suite. This new release contains an updated version of Autoruns.

Overview
The Windows Sysinternals troubleshooting utilities have been rolled up into a single suite of tools. These utilities can help you to manage, troubleshoot and diagnose your Windows systems and applications. Each file contains the individual troubleshooting tools and help files.

Note: Windows Sysinternals does not contain non-troubleshooting tools like the BSOD Screen Saver or NotMyFault.

What's new in this version?
Windows Sysinternals Suite (January 29, 2015) contains following updates:

Autoruns v13.0:
This major update to Autoruns, an autostart execution point (ASEP) manager, now has integration with Virustotal.com to show the status of entries with respect to scans by over four dozen antimalware engines. It also includes a revamped scanning architecture that supports dynamic filters, including a free-form text filter, a greatly improved compare feature that highlights not just new items but deleted ones as well, and file saving and loading that preserves all the information of a scan.

Windows Sysinternals Suite Update
Build 20150119 includes:

Sysmon v2.0:
This major update to Sysmon, a service that records process activity to the Windows event log for use by incident detection and forensic analysis, includes driver load and image load events with signature information, configurable hashing algorithm reporting, flexible filters for including and excluding events, and support for supplying configuration via a configuration file instead of the command line.

AccessChk v5.21:
This update to Accesschk, a command-line utility that shows effective and actual permissions for registry keys, files, services, kernel objects, and more, adds an option to report permissions as SDDL strings, adds new process permission types, and fixes a bug with showing process security descriptors.

RU v1.1:
RU (Registry Usage), a command-line tool that shows registry usage by key, now supports loading hive files (with the side-effect of compressioning them when done) and reports last write timestamp in CSV output.

Download Windows Sysinternals Suite
Windows Sysinternals Suite is available for download from following website:

Sysinternals Live:
Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as http://live.sysinternals.com/[toolname] or \\live.sysinternals.com\tools\[toolname].

You can view the entire Sysinternals Live tools directory in a browser at http://live.sysinternals.com.

Reference:
Windows Sysinternals

No comments: