Resource icon

Process Explorer v16.05

Microsoft has updated the free Process Monitor system monitoring utility to Version 3.04. This version provides support for new Windows 8 file information query types as well as bug fixes.
 
Microsoft has updated the free Process Monitor system monitoring utility to Version 3.05. This version adds a context-menu entry that opens the filter edit dialog with contents prepopulated with the specified row and column value.
 
Microsoft has released Version 15.31 of the free Process Explorer utility, which is a more detailed version of Task Manager. This update adds an option to disable the heatmap display in the process view, and has a bug fix.
 
Microsoft has released Version 15.40 of the free Process Explorer utility, which is a more detailed version of Task Manager. This version adds the ability to show WMI providers hosted in Wmiprvse processes, along with a new process view column showing process DPI awareness support on Windows 8.1.
 
Mike submitted a new resource:

Process Explorer / Process Monitor (procmon) - Part of Sysinternals by Microsoft Corporation

Introduction
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that...

Read more about this resource...
 
Process Explorer v16.0

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

This version adds VirusTotal integration, an online antivirus analysis service. If enabled, Process Explorer sends the hashes of images and files shown in the process and DLL view to VirusTotal.com, reporting on whether they are possibly malicious.

http://technet.microsoft.com/en-us/sysinternals/bb896653
 
The app has been recently updated:

Process Monitor v3.1
By Mark Russinovich and Bryce Cogswell

Published: March 7, 2014

Introduction

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Overview of Process Monitor Capabilities
Process Monitor includes powerful monitoring and filtering capabilities, including:

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
  • Process tree tool shows relationship of all processes referenced in a trace
  • Native log format preserves all data for loading in a different Process Monitor instance
  • Process tooltip for easy viewing of process image information
  • Detail tooltip allows convenient access to formatted data that doesn't fit in the column
  • Cancellable search
  • Boot time logging of all operations
The best way to become familiar with Process Monitor's features is to read through the help file and then visit each of its menu items and options on a live system.

http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
 
Another excellent app updated:

Process Explorer v16.02
By Mark Russinovich

Published: March 7, 2014

Introduction

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

http://technet.microsoft.com/en-us/sysinternals/bb896653
 
Process Explorer v16.03
By Mark Russinovich

Published: August 5, 2014

Download Process Explorer

(1,161 KB)




Introduction
Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
 
Process Explorer v16.04
Microsoft has released Version 16.04 of the free Process Explorer utility, which is a more detailed version of Task Manager. This version now shows Windows Store package names on the Image page of the process properties dialog, and fixes a Virus Total file submission bug.
 
Microsoft has updated the free Process Monitor system monitoring utility to Version 3.11. This version fixes a crash bug, as well as a Windows 10 bug.
 
Microsoft has updated the free Process Monitor system monitoring utility to Version 3.2.
Process Monitor includes powerful monitoring and filtering capabilities, including:

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
  • Process tree tool shows relationship of all processes referenced in a trace
  • Native log format preserves all data for loading in a different Process Monitor instance
  • Process tooltip for easy viewing of process image information
  • Detail tooltip allows convenient access to formatted data that doesn't fit in the column
  • Cancellable search
  • Boot time logging of all operations
The best way to become familiar with Process Monitor's features is to read through the help file and then visit each of its menu items and options on a live system.
 
Microsoft has released Version 16.1 of the free Process Explorer utility, which is a more detailed version of Task Manager.
 
Microsoft has released Version 16.11 of the free Process Explorer utility, which is a more detailed version of Task Manager. This version fixes an image path length bug.
 
Microsoft has released Version 16.2 of the free Process Explorer utility, which is a more detailed version of Task Manager.
 
Microsoft has updated the free Process Monitor system monitoring utility to Version 3.33.
Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Overview of Process Monitor Capabilities
Process Monitor includes powerful monitoring and filtering capabilities, including:

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
  • Process tree tool shows relationship of all processes referenced in a trace
  • Native log format preserves all data for loading in a different Process Monitor instance
  • Process tooltip for easy viewing of process image information
  • Detail tooltip allows convenient access to formatted data that doesn't fit in the column
  • Cancellable search
  • Boot time logging of all operations
 
Microsoft has released Version 16.21 of the free Process Explorer utility which fixes an intermittent bug in the Virus Total scanning logic.
 
Microsoft has updated the free Process Monitor system monitoring utility to Version 3.40.
Adds a runtime switch for terminating monitoring after a specified amount of time, shows process tree process IDs in hexadecimal when in hex mode, and fixes an automated boot log conversion bug.
 
Back
Top Bottom