Process Monitor v3.82, TCPView v4.12, Process Explorer v16.42 and Sysmon v13.21

Published 06-01-2021 08:21 AM 2,232 Views
Microsoft

Process Monitor v3.82

This update to Process Monitor fixes "go to event" from context menu and introduces some UI improvements for the dark theme.
 

TCPView v4.12

This update to TCPView fixes a bug where columns would be drawn twice.
 

Process Explorer v16.42

This update to Process Explorer fixes a bug with signature checks.
 

Sysmon v13.21

This update to Sysmon fixes a rare crash on process startup on x86 systems.
 
5 Comments
Microsoft

Hey Timothy,

 

should have been fixed in the past release, v13.20, already. v13.21 further improves on the events with multiple ids under the same name (Pipe, Registry, WMI) so please, let us know if you're still getting unexpected results with your setup.

Occasional Visitor

Since the update, I cannot set Process Monitor to run on startup.

 

Getting the following error:

 

AlexO15_0-1624119393007.png

Process explorer shows no errors.

 

Occasional Visitor

Can you make Process Explorer Disk History (also Network History) Tray Icon tooltip show the usage rate?

gigym_1-1624225740363.png

 

Occasional Visitor

Whaddayknow, that fixed it.

%3CLINGO-SUB%20id%3D%22lingo-sub-2404570%22%20slang%3D%22en-US%22%3EProcess%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2404570%22%20slang%3D%22en-US%22%3E%3CDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fprocmon%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3EProcess%20Monitor%20v3.82%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Process%20Monitor%20fixes%20%22go%20to%20event%22%20from%20context%20menu%20and%20introduces%20some%20UI%20improvements%20for%20the%20dark%20theme.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Ftcpview%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3ETCPView%20v4.12%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20TCPView%20fixes%20a%20bug%20where%20columns%20would%20be%20drawn%20twice.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fprocess-explorer%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3EProcess%20Explorer%20v16.42%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Process%20Explorer%20fixes%20a%20bug%20with%20signature%20checks.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fsysmon%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3ESysmon%20v13.21%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Sysmon%20fixes%20a%20rare%20crash%20on%20process%20startup%20on%20x86%20systems.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2404570%22%20slang%3D%22en-US%22%3E%3CDIV%3E%0A%3CDIV%3E%3CSPAN%3ELearn%26nbsp%3Babout%26nbsp%3Bthe%26nbsp%3Blatest%26nbsp%3Bupdates%26nbsp%3Bto%26nbsp%3BProcess%26nbsp%3BMonitor%26nbsp%3Bv3.82%2C%26nbsp%3BTCPView%26nbsp%3Bv4.12%2C%26nbsp%3BProcess%26nbsp%3BExplorer%26nbsp%3Bv16.42%26nbsp%3Band%26nbsp%3BSysmon%26nbsp%3Bv13.21%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%3C%2FLINGO-TEASER%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2404651%22%20slang%3D%22en-US%22%3ERe%3A%20Process%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2404651%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20can%20we%20expect%20fixes%20for%20sysmon%20%22and%22%20%2F%20%22or%22%20filtering%20bug%20and%20the%20EID%2013%20%22Details%22%20bug%3F%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F401499%2Fsysmon-possible-andor-in-rulegroup-issue.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F401499%2Fsysmon-possible-andor-in-rulegroup-issue.html%3C%2FA%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F332062%2Fsysmon-help-im-unable-to-filter-on-eid-13-data-nam.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F332062%2Fsysmon-help-im-unable-to-filter-on-eid-13-data-nam.html%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%2C%20Team!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2407644%22%20slang%3D%22en-US%22%3ERe%3A%20Process%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2407644%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Timothy%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eshould%20have%20been%20fixed%20in%20the%20past%20release%2C%20v13.20%2C%20already.%20v13.21%20further%20improves%20on%20the%20events%20with%20multiple%20ids%20under%20the%20same%20name%20(Pipe%2C%20Registry%2C%20WMI)%20so%20please%2C%20let%20us%20know%20if%20you're%20still%20getting%20unexpected%20results%20with%20your%20setup.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎Jun 01 2021 08:21 AM
Updated by: