%3CLINGO-SUB%20id%3D%22lingo-sub-725957%22%20slang%3D%22en-US%22%3EUpdates%3A%20Process%20Monitor%20v2.95%2C%20TCPView%20v3.04%2C%20Autoruns%20v10.07%2C%20and%20a%20new%20blog%20post%20and%20webcast%20from%20Mark.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-725957%22%20slang%3D%22en-US%22%3E%0A%20%26lt%3Bmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DUTF-8%22%20%2F%26gt%3B%3CSTRONG%3E%20First%20published%20on%20TechNet%20on%20Apr%2013%2C%202011%20%3C%2FSTRONG%3E%20%3CBR%20%2F%3E%3CP%3E%3CSPAN%20style%3D%22line-height%3A%20115%25%3B%20font-family%3A%20'Calibri'%2C'sans-serif'%3B%20font-size%3A%2011pt%3B%20mso-ascii-theme-font%3A%20minor-latin%3B%20mso-fareast-font-family%3A%20Calibri%3B%20mso-fareast-theme-font%3A%20minor-latin%3B%20mso-hansi-theme-font%3A%20minor-latin%3B%20mso-bidi-font-family%3A%20'Times%20New%20Roman'%3B%20mso-bidi-theme-font%3A%20minor-bidi%3B%20mso-ansi-language%3A%20EN-US%3B%20mso-fareast-language%3A%20EN-US%3B%20mso-bidi-language%3A%20AR-SA%3B%22%3E%20%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CP%20class%3D%22MsoNormal%22%3E%3CSPAN%20class%3D%22MsoHyperlink%22%3E%20%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fbb896645%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20color%3A%20%230000ff%3B%20font-size%3A%20small%3B%22%3E%20Process%20Monitor%20v2.95%20%3C%2FSPAN%3E%20%3C%2FA%3E%20%3C%2FSPAN%3E%20%3CSPAN%3E%20%3C%2FSPAN%3E%20%3CSPAN%20style%3D%22line-height%3A%20115%25%3B%20font-family%3A%20'Arial'%2C'sans-serif'%3B%20color%3A%20black%3B%20font-size%3A%209pt%3B%22%3E%20%3A%20%3C%2FSPAN%3E%20%3CSPAN%20style%3D%22font-size%3A%20small%3B%22%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%22%3E%20%3CSPAN%20style%3D%22color%3A%20black%3B%22%3E%20This%20update%20to%20Process%20Monitor%20reports%20the%20write-through%20flag%20on%20file%20I%2FO%2C%20shows%20DLL%20version%20information%20on%20the%20process%20page%20of%20the%20event%20properties%20dialog%2C%20automatically%20launches%20the%20correct%20version%20of%20Process%20Monitor%20to%20match%20the%20bitness%20(32%20or%2064)%20of%20a%20logfile%2C%20and%20fixes%20several%20bugs.%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CSPAN%20style%3D%22line-height%3A%20115%25%3B%20font-family%3A%20'Arial'%2C'sans-serif'%3B%20color%3A%20black%3B%20font-size%3A%209pt%3B%22%3E%3CP%3E%3C%2FP%3E%3C%2FSPAN%3E%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%20class%3D%22MsoNormal%22%3E%3CSPAN%20style%3D%22color%3A%20black%3B%22%3E%20%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fbb897437%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20%3CSPAN%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20color%3A%20%230000ff%3B%20font-size%3A%20small%3B%22%3E%20TCPView%20v3.04%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FA%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20font-size%3A%20small%3B%22%3E%20%3A%20Tcpview%20better%20handles%20refreshing%20the%20display%20when%20there%20are%20large%20numbers%20of%20active%20endpoints.%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CSPAN%20style%3D%22line-height%3A%20115%25%3B%20font-family%3A%20'Times%20New%20Roman'%2C'serif'%3B%20color%3A%20black%3B%20font-size%3A%2012pt%3B%22%3E%3CP%3E%3C%2FP%3E%3C%2FSPAN%3E%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%20class%3D%22MsoNormal%22%3E%3CSPAN%20style%3D%22color%3A%20black%3B%22%3E%20%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsysinternals%2Fbb963902%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20%3CSPAN%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20color%3A%20%230000ff%3B%20font-size%3A%20small%3B%22%3E%20Autoruns%20v10.07%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FA%3E%20%3CSPAN%20style%3D%22font-size%3A%20small%3B%22%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%22%3E%20%3A%20%3CSPAN%3E%20%3CSPAN%3E%20This%20release%20fixes%20a%20bug%20in%20the%20Process%20Explorer%20integration%20on%2064-bit%20Windows%20and%20properly%20escapes%20XML%20characters%20in%20Autorunsc.exe%20output.%20%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3C%2FP%3E%0A%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%3CP%3E%3C%2FP%3E%0A%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%0A%20%20%20%20%20%0A%20%20%20%20%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%20class%3D%22MsoNormal%22%3E%3C%2FP%3E%3CP%3E%3C%2FP%3E%3CSPAN%20style%3D%22color%3A%20black%3B%22%3E%20%3CA%20href%3D%22http%3A%2F%2Fblogs.technet.com%2Fb%2Fmarkrussinovich%2Farchive%2F2011%2F03%2F30%2F3416253.aspx%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20%3CSPAN%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20color%3A%20%230000ff%3B%20font-size%3A%20small%3B%22%3E%20Mark%E2%80%99s%20Blog%3A%20Analyzing%20a%20Stuxnet%20Infection%20with%20the%20Sysinternals%20Tools%2C%20Part%201%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FA%3E%20%3CSPAN%20style%3D%22font-size%3A%20small%3B%22%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%22%3E%20%3A%20Mark%E2%80%99s%20latest%20blog%20post%20demonstrates%20the%20malware%20analysis%20capabilities%20of%20the%20Sysinternals%20tools%20on%20an%20infection%20of%20the%20infamous%20Stuxnet%20virus.%3CP%3E%3C%2FP%3E%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%3CP%3E%3C%2FP%3E%0A%20%20%20%20%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%20class%3D%22MsoNormal%22%3E%3CSPAN%20style%3D%22color%3A%20black%3B%22%3E%20%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fwindows%2Fgg985318%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%20%3CSPAN%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%20color%3A%20%230000ff%3B%20font-size%3A%20small%3B%22%3E%20Mark%20Hosts%20the%20Windows%20Intune%20Technology%20Tune-up%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FA%3E%20%3CSPAN%20style%3D%22font-size%3A%20small%3B%22%3E%20%3CSPAN%20style%3D%22font-family%3A%20Calibri%3B%22%3E%20%3A%20Tune%20into%20this%20recorded%20webcast%20of%20Mark%20and%20a%20panel%20of%20IT%20professionals%20and%20representatives%20of%20the%20Windows%20Intune%20team%20as%20they%20discuss%20the%20challenges%20of%20managing%20PCs%20and%20the%20ways%20that%20Windows%20Intune%20can%20help.%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%20%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%20class%3D%22MsoNormal%22%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3C%2FP%3E%0A%20%0A%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-725957%22%20slang%3D%22en-US%22%3EFirst%20published%20on%20TechNet%20on%20Apr%2013%2C%202011%20Process%20Monitor%20v2.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-725957%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eautoruns%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eprocess%20monitor%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Estuxnet%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Etcpview%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Ewindows%20intune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft
First published on TechNet on Apr 13, 2011



Process Monitor v2.95 : This update to Process Monitor reports the write-through flag on file I/O, shows DLL version information on the process page of the event properties dialog, automatically launches the correct version of Process Monitor to match the bitness (32 or 64) of a logfile, and fixes several bugs.


TCPView v3.04 : Tcpview better handles refreshing the display when there are large numbers of active endpoints.


Autoruns v10.07 : This release fixes a bug in the Process Explorer integration on 64-bit Windows and properly escapes XML characters in Autorunsc.exe output.


Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, P... : Mark’s latest blog post demonstrates the malware analysis capabilities of the Sysinternals tools on an infection of the infamous Stuxnet virus.


Mark Hosts the Windows Intune Technology Tune-up : Tune into this recorded webcast of Mark and a panel of IT professionals and representatives of the Windows Intune team as they discuss the challenges of managing PCs and the ways that Windows Intune can help.