Download Sysinternals Suite 2015-01-19

Microsoft has released a new version of the Sysinternals Suite, with the date as the version number. This package is a collection of useful tools for managing systems and obtaining comprehensive information about the computer. In this way, all kinds of problems can be detected and solved.

The individual tools are developed by Mark Russinovich and Bryce Cogswell, initially for Sysinternals and since 2006 for Microsoft. Some examples are Process Explorer, Bginfo, contig and disk mon. In total it concerns a collection of 70 different tools. By the way, the latest versions of the individual programs can also be here are being found. Since the previous edition, the following parts of the Suite have been updated:

Sysmon v2.0
This major update to Sysmon, a service that records process activity to the Windows event log for use by incident detection and forensic analysis, includes driver load and image load events with signature information, configurable hashing algorithm reporting, flexible filters for including and excluding events, and support for supplying configuration via a configuration file instead of the command line.

AccessChk v5.21
This update to Accesschk, a command-line utility that shows effective and actual permissions for registry keys, files, services, kernel objects, and more, adds an option to report permissions as SDDL strings, adds new process permission types, and fixes a bug with showing process security descriptors.

RU v1.1
RU (Registry Usage), a command-line tool that shows registry usage by key, now supports loading hive files (with the side-effect of compressing them when done) and reports last write timestamp in CSV output.