Download Process Explorer 16.20

Process Explorer can be seen as a comprehensive Task Manager for Windows. The program shows which handles and files an active process is calling and which dlls are in use. Process Explorer also offers a slightly more extensive performance tab, which also shows the various processes in the graphs. The developers have released a new version with version number 16.20. The corresponding announcement looks like this:

Sysmon v5, Process Explorer v16.20, Procdump v8.2, LiveKd v5.6

Sysmon v5
This major update to Sysmon, a background monitor that records activity to the event log for use in security incident detection and forensics, introduces file create and registry modification logging. These event types make it possible to configure filters that capture updates to critical system configuration as well as changes to autostart entry points used by malware.

Process Explorer v16.20
This release of Process Explorer, a powerful process management and diagnostic utility, adds reporting of process Control Flow Guard (CFG) status and dynamically updates to reflect changes to process Data Execution Prevention (DEP) configuration.

Product dump v8.2
Procdump, a command-line utility that generates process dumps on demand or based on triggers that include memory, CPU, exception and performance counter thresholds, adds a -kill option that terminates a process after its dump completes rather than allowing an exception to pass to Windows Error Reporting (WER), and a -wer switch to copy dumps to the WER queue.

LiveKd v5.6
LiveKd, a tool that enables interactive kernel debugger analysis of a live system or virtual machine, includes a batch-mode option designed for scripted analysis that omits the prompt to re-execute LiveKD after a debugger session terminates.