![]() This update to Sigcheck, a command-line utility that reports detailed information about images, including their signatures and VirusTotal status, as well as certificate stores, now cleanses newline and other characters from CSV output to prevent line breaks. Procdump, a utility for capturing process dump files based on CPU, memory, and other triggers, has improved support for lightweight reflection dumps on Windows 7 and Windows 8, now creates a named event that can be signaled by another process to gracefully terminate it, does more intelligent default path searches for the debugging tools libraries, and makes trigger timing and repeat behaviors consistent across trigger types. This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, introduces more powerful filtering capabilities, allowing for both include and exclude rules to be specified for specific events types, as well as complex matching on different event fields. This release of AccessChk, a command-line utility that reports effective and actual access for many different object types including files, registry keys, and services, now handles accounts with long names, fixes a bug that prevented reporting of kernel object accesses when run elevated, and fixes the inadvertent creation of a registry key when querying a non-existent key. ![]() This release of Autoruns, a comprehensive autostart entry manager, fixes a WMI command-line parsing bug, emits a UNICODE BOM in the file generated when saving results to a text file, and adds back the ability to selectively verify the signing status of individual entries. NET threads when viewed via the stack dialog. Process Explorer now includes a column in the handle view that reports the text version of handle access masks, as well as several bug fixes including one that would result in the suspension of. Thanks to David Magnotti for the contribution. This release of Sysmon, a background service that logs security-relevant process and network activity to the Windows event log, now has the option of logging raw disk and volume accesses, operations commonly performed by malicious toolkits to read information by bypassing higher-level security features. It also adds the ability to take image information captured from Sigcheck on a system disconnected from the Internet and obtain VirusTotal status from one that’s connected. For those who are looking for more features like knowing if a process is safe or not and a better way to kill processes would be better to use another task manager like Auslogics Task Manager.This update to Sigcheck, a powerful command-line utility that reports image file and signing information, as well as information on certificates, now has an option that will report any certificates installed on the system that do not chain to one of the certificates in the Microsoft certificate trust list (CTL). It also doesn't do as good of a job at killing processes that some of the other alternatives do.Process Explorer is best for those who want a basic task manager replacement without wanting to install another piece of software on their computers. The only complaints I have with Process Explorer is it doesn't show you which processes are safe and which aren't. It also doesn't need to be installed to replace the task manager like the others do. ![]() It doesn't have all the features some of t he other task manager alternatives have but it has the basic features most need. Process Explorer is a good free basic task manager replacement.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |