It should be no secret that I am a big fan of Sysinternals tools. Several have been updated with some nice new features.
The great thing is that you can now use Process Explorer on a Terminal Server and right from Process Explorer connect to a session hosted on that machine to see the rogue process that you are investigating (for example). Anyway, here are the updates to the sysinternals tools.
Process Explorer v14.1: This update to Process Explorer introduces cycle-based CPU usage on Windows 7, shows usage for processes that consume less than 0.01% CPU, shows thread ideal processors on Windows 7, and adds the ability to remote control and connect to other logon sessions.
VMMap v3.03: This release to VMMap, a process memory analysis utility, adds a count of free blocks and fixes bugs that prevented the 32-bit process fragmentation view from showing on 64-bit Windows.
ProcDump v3.03: ProcDump, a command-line process dump generation tool, has an algorithm for generating minidump plus dumps that improves capture time by up to ten times and fixes a bug with the way arguments are processed for the -x option.
Oh, and if you missed it, Marc Russinovich has also now written a book. Not a book I should say but a novel. Yes, that is right. Not a tech book but an actual novel. A thriller called “Zero Day”.