new version of Process Explorer

Yesterday Sysinternals released the new version of their famous Tool “Process Explorer”…

New in this version:

  • x64 and x86 executables are in a single binary
  • x64 kernel and user-mode stack support
  • New Verified Company column shows image signer information
  • Strings tab in process properties dialog has in-memory image scan option
  • Highlighting for images that are packed (have compressed or encrypted code, which is common in malware)
  • Window menu on process context menu allows for minmizing, maximizing, and restoring windows