Process Monitor v3.82, TCPView v4.12, Process Explorer v16.42 and Sysmon v13.21

Published Jun 01 2021 08:21 AM 3,457 Views
Microsoft

Process Monitor v3.82

This update to Process Monitor fixes "go to event" from context menu and introduces some UI improvements for the dark theme.
 

TCPView v4.12

This update to TCPView fixes a bug where columns would be drawn twice.
 

Process Explorer v16.42

This update to Process Explorer fixes a bug with signature checks.
 

Sysmon v13.21

This update to Sysmon fixes a rare crash on process startup on x86 systems.
 
6 Comments
Frequent Visitor
Microsoft

Hey Timothy,

 

should have been fixed in the past release, v13.20, already. v13.21 further improves on the events with multiple ids under the same name (Pipe, Registry, WMI) so please, let us know if you're still getting unexpected results with your setup.

Frequent Visitor

Since the update, I cannot set Process Monitor to run on startup.

 

Getting the following error:

 

AlexO15_0-1624119393007.png

Process explorer shows no errors.

 

Visitor

Can you make Process Explorer Disk History (also Network History) Tray Icon tooltip show the usage rate?

gigym_1-1624225740363.png

 

Frequent Visitor

Whaddayknow, that fixed it.

Occasional Contributor

Hi Alex,

Hi Mark,

 

i would like to ask you the following things.

 

1. Why do the information regarding the system load caused by "Context Switches" in the Process Explorer sometimes deviate very seriously from the values,
that I get to see through the performance monitor?

 

2. It used to be called that a system load of more than 2000 "Context Switches/s" is already to be regarded as critical.
However, I see much higher values ​​with current systems.
At what value does the load from "context switches" become critical in newer systems?

 

Many thanks and best regards from Germany

 

Alex

%3CLINGO-SUB%20id%3D%22lingo-sub-2404570%22%20slang%3D%22en-US%22%3EProcess%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2404570%22%20slang%3D%22en-US%22%3E%3CDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fprocmon%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3EProcess%20Monitor%20v3.82%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Process%20Monitor%20fixes%20%22go%20to%20event%22%20from%20context%20menu%20and%20introduces%20some%20UI%20improvements%20for%20the%20dark%20theme.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Ftcpview%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3ETCPView%20v4.12%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20TCPView%20fixes%20a%20bug%20where%20columns%20would%20be%20drawn%20twice.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fprocess-explorer%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3EProcess%20Explorer%20v16.42%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Process%20Explorer%20fixes%20a%20bug%20with%20signature%20checks.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsysinternals%2Fdownloads%2Fsysmon%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%3ESysmon%20v13.21%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CDIV%3E%3CSPAN%3EThis%20update%20to%20Sysmon%20fixes%20a%20rare%20crash%20on%20process%20startup%20on%20x86%20systems.%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2404570%22%20slang%3D%22en-US%22%3E%3CDIV%3E%0A%3CDIV%3E%3CSPAN%3ELearn%26nbsp%3Babout%26nbsp%3Bthe%26nbsp%3Blatest%26nbsp%3Bupdates%26nbsp%3Bto%26nbsp%3BProcess%26nbsp%3BMonitor%26nbsp%3Bv3.82%2C%26nbsp%3BTCPView%26nbsp%3Bv4.12%2C%26nbsp%3BProcess%26nbsp%3BExplorer%26nbsp%3Bv16.42%26nbsp%3Band%26nbsp%3BSysmon%26nbsp%3Bv13.21%3C%2FSPAN%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%3C%2FLINGO-TEASER%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2404651%22%20slang%3D%22en-US%22%3ERe%3A%20Process%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2404651%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20can%20we%20expect%20fixes%20for%20sysmon%20%22and%22%20%2F%20%22or%22%20filtering%20bug%20and%20the%20EID%2013%20%22Details%22%20bug%3F%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F401499%2Fsysmon-possible-andor-in-rulegroup-issue.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F401499%2Fsysmon-possible-andor-in-rulegroup-issue.html%3C%2FA%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F332062%2Fsysmon-help-im-unable-to-filter-on-eid-13-data-nam.html%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fanswers%2Fquestions%2F332062%2Fsysmon-help-im-unable-to-filter-on-eid-13-data-nam.html%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%2C%20Team!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2407644%22%20slang%3D%22en-US%22%3ERe%3A%20Process%20Monitor%20v3.82%2C%20TCPView%20v4.12%2C%20Process%20Explorer%20v16.42%20and%20Sysmon%20v13.21%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2407644%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Timothy%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Eshould%20have%20been%20fixed%20in%20the%20past%20release%2C%20v13.20%2C%20already.%20v13.21%20further%20improves%20on%20the%20events%20with%20multiple%20ids%20under%20the%20same%20name%20(Pipe%2C%20Registry%2C%20WMI)%20so%20please%2C%20let%20us%20know%20if%20you're%20still%20getting%20unexpected%20results%20with%20your%20setup.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎Jun 01 2021 08:21 AM
Updated by:
www.000webhost.com