Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Three Sysinternals Tools Improved: Sysmon, Autoruns, and RegJump
Three Sysinternals utilities have been updated, providing new enhancements to Sysmon, Autoruns, and RegJump.
Rod Trent
April 21, 2015
1 Min Read
Sysinternals utilities, the invention of Mark Russinovich who now serves as the CTO of Azure for Microsoft, has a long and stable lineage, providing fantastic capabilities and value for IT Pros. The suite of tools sees constant updates to improve functionality.
Yesterday, three of the tools were updated with new capabilities. Here's what's available:
Sysmon – now at version 3.0, Sysmon is used for monitoring system activities that could be considered potential security intrusions. New features:
Process name added to process terminate events
Remote thread creation events reporting
Simplicity and flexibility of filter settings improved
Autoruns – bumping the version to 13.3, Autoruns queries and displays drivers, DLLs, and other files that are to automatically run when the computer boots.
Reporting of GP extension DLLs added
The target of hosting processes like cmd.exe and rundll32.exe available for viewing
RegJump – a minor surge to version 1.1, RegJump is a registry editor tool that allows you to "jump" to specific areas in the Windows registry.
A new -c command-line switch to enable jumping directly to the path stored in the copy/paste clipboard
You can grab the individual updates or the entire stack of 46 utilities from the Sysinternals Suite page: Sysinternals Suite
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
