The authors of these programs do not offer code-signed builds. So I compiled my own version from source after verifying the source and code-signed them myself. The installer for SuRun and the archive for PuTTY are also signed with GPG.
Download them here.
PS: verify the executables with Sysinternals
sigcheck.exe from Microsoft Technet. If you can, also verify the GPG signature (my key ID is