Recommended Posts

Autoruns v12.0: This release of Autoruns, a Windows application and command-line utility for viewing autostart entries, now reports the presence of batch file and executable image entries in the WMI database, a vector used by some types of malware.

http://blogs.technet.com/b/sysinternals/archive/2014/05/13/updates-autoruns-v12-0-procdump-v7-0.aspx

Länk till inlägg
Dela på andra webbplatser
  • 2 months later...
Autoruns v12.01: This update to Autoruns, a utility that comes in Windows application and command-line forms, has numerous bug fixes, adds a profile attribute/column to CSV and XML output, and interprets the CodeBase value for COM object registrations.

http://blogs.technet.com/b/sysinternals/archive/2014/08/08/new-sysmon-v1-0-updates-autoruns-v12-01-coreinfo-v3-3-procexp-v16-03.aspx

Länk till inlägg
Dela på andra webbplatser
  • 2 weeks later...
Autoruns v12.02: This fixes a bug that could cause Autoruns to crash on startup, updates the image path parsing for Installed Components to remove false positive file-not-found entries, and correctly reports image entry timestamps in local time instead of UTC.

http://blogs.technet.com/b/sysinternals/archive/2014/08/19/updates-autoruns-v12-02-coreinfo-v3-31-sysmon-v1-01-whois-v1-12.aspx

Länk till inlägg
Dela på andra webbplatser
  • 4 weeks later...
Autoruns v12.03: This update to Autoruns adds the registered HTML file extension, fixes a bug that could cause disabling of specific entry types to fail with a “path not found” error, and addresses another that could prevent the Jump-to-image function from opening the selected image on 64-bit Windows.

http://blogs.technet.com/b/sysinternals/archive/2014/09/12/updates-handle-v4-0-procdump-v7-01-procexp-v16-04-regjump-v1-02-autoruns-v12-03.aspx

Länk till inlägg
Dela på andra webbplatser
  • 4 months later...
 
This major update to Autoruns, an autostart execution point (ASEP) manager, now has integration with Virustotal.com to show the status of entries with respect to scans by over four dozen antimalware engines. It also includes a revamped scanning architecture that supports dynamic filters, including a free-form text filter, a greatly improved compare feature that highlights not just new items but deleted ones as well, and file saving and loading that preserves all the information of a scan

http://blogs.technet.com/b/sysinternals/archive/2015/01/29/update-autoruns-v13-0.aspx

 

Länk till inlägg
Dela på andra webbplatser
  • 2 weeks later...
  • 4 weeks later...
In addition to bug fixes to CSV and XML output, Autorunsc introduces import-hash reporting, and Autoruns now excludes command-line and other host processes from the Microsoft and Windows filters.

http://blogs.technet.com/b/sysinternals/archive/2015/03/10/update-livekd-v5-4-autoruns-v13-2-sigcheck-v2-2-process-explorer-v16-05.aspx

 

Länk till inlägg
Dela på andra webbplatser
  • 1 month later...
Autoruns, a utility that shows what processes, DLLs, and drivers are configured to automatically load, adds reporting of GP extension DLLs and now shows the target of hosting processes like cmd.exe and rundll32.exe.

http://blogs.technet.com/b/sysinternals/archive/2015/04/21/update-sysmon-v3-0-autornus-v13-3-regjump-v1-1-process-monitor-v3-11.aspx

 

Länk till inlägg
Dela på andra webbplatser
  • 6 months later...
Citat
This update to Autoruns, the most comprehensive autostart viewer and manager available for Windows, now shows 32-bit Office addins and font drivers, and enables resubmission of known images to Virus Total for a new scan.

https://blogs.technet.com/b/sysinternals/archive/2015/10/27/update-autoruns-v13-5-sigcheck-v2-3-rammap-v1-4-bginfo-v4-21-sysmon-v3-11-adinsight-v1-2.aspx

Citat

Autoruns v13.4

Autoruns, the most comprehensive utility available for showing what executables, DLLs, and drivers are configured to automatically start and load, now reports Office addins, adds several additional autostart locations, and no longer hides hosting executables like cmd.exe, powershell.exe and others when Windows and Microsoft filters are in effect.

 

Länk till inlägg
Dela på andra webbplatser
Citat

Autoruns v13.7
Autoruns, an autostart entry point management utility, now reports print providers, registrations in the WMI\Default namespace, fixes a KnownDLLs enumeration bug, and has improved toolbar usability on high-DPI displays.

https://blogs.technet.microsoft.com/sysinternals/2017/02/17/update-sysmon-v6-autoruns-v13-7-accesschk-v6-1-process-monitor-v3-32-process-explorer-v16-2-livekd-v5-61-and-bginfo-v4-21/

Länk till inlägg
Dela på andra webbplatser
Citat

Autoruns v13.71
This update to Autoruns, a comprehensive autostart execution point manager, adds Microsoft HTML Application Host (mshta.exe) as hosting image so it displays the hosted image details, and now doesn’t apply filters to hosting images.

https://blogs.technet.microsoft.com/sysinternals/2017/05/16/sysinternals-update-procdump-v9-autoruns-v13-71-bginfo-v4-22-livekd-v5-62-process-monitor-v3-33-process-explorer-v16-21/

Länk till inlägg
Dela på andra webbplatser
Citat

Autoruns v13.80
This release of Autoruns, a utility for viewing and managing autostart execution points (ASEPs), adds additional autostart entry points, has asynchronous file saving, fixes a bug parsing 32-bit paths on 64-bit Windows, shows the display name for drivers and services, and fixes a bug in offline Virus Total scanning.

https://blogs.technet.microsoft.com/sysinternals/2017/09/12/sysinternals-update-sysmon-v6-1-process-monitor-v3-4-autoruns-v13-8-accesschk-v6-11/

Länk till inlägg
Dela på andra webbplatser
Citat

Autoruns v13.81: This update to Autoruns fixes a Wow64 bug in Autorunsc that could cause 32-bit paths to result in ‘file not found’ errors, and expands the set of images not considered part of Windows for the Windows filter in order to reveal malicious files masquerading as Windows images.

https://blogs.technet.microsoft.com/sysinternals/2017/12/12/autoruns-v13-81-bginfo-v423-handle-v4-11/

Länk till inlägg
Dela på andra webbplatser
  • JoWa changed the title to Autoruns 13.90
  • JoWa changed the title to Autoruns 13.93
Citat

Autoruns 13.93
This Autoruns update fixes a bug that prevented UserInitMprLogonScript from being scanned and by-default enables HCKU scanning for the console version.

bloggen står det 13.93, och på nedladdningssidan 13.91. :wacko:

Eftersom Process Explorer-tråden nu är arkiverad, får PE hänga med här:

Citat

ProcessExplorer 16.22
This Process Explorer release fixes a race condition that could cause a bluescreen.

 

Länk till inlägg
Dela på andra webbplatser
  • JoWa changed the title to Autoruns 13.94
  • JoWa changed the title to Autoruns 13.95

Arkiverat

Detta ämne är nu arkiverat och det går inte längre svara i det.

  • Liknande innehåll

    • Av JoWa
      Process Explorer har uppdaterats till version 12.0.

      Nytt i version 12:
      http://blogs.technet...elete-v1-7.aspx

      Utgivare: Microsoft Corporation
      Typ: Processinformation
      Länk: https://technet.microsoft.com/en-us/sysinternals/bb896653
      Forum: http://forum.sysinte...rer_forum2.html

      I menyn Options finns Replace Task Manager, som gör att Process Explorer öppnas istället för Aktivitetshanteraren. I samma meny finns Verify Image Signatures, som verifierar digitala signaturer för alla processer samt laddade dll-filer. Processer visas i ett ”träd”, så att man ser vilken process som har startat en annan.
       
    • Av Andreas Stenhall
      Sysinternals (Microsoft) har släppt version 15 av Process Explorer. Bland nyheterna i verktyget som används som en mer avancerad aktivitetshanterare (Task Manager) finns övervakning av grafikprocessorer och minne. Andra nyheter innefattar att det är optimerat för att ta så lite resurser som möjligt, ett renare gränssnitt och att det nu är möjligt att starta om tjänster inifrån verktyget.
      Ladda hem Process Explorer 15