Thanks to Mark Russinovich for tweating this (and making it also, by the way).

Une mise à jour de certains outils (dont le petit dernier SysMon) est disponible en téléchargement, pour reprendre la page d’annonce: voila les 3 outils mis à jour et les liens de téléchargement (gratuit bien sur) ci dessous….

Sysmon v2.0
This major update to Sysmon, a service that records process activity to the Windows event log for use by incident detection and forensic analysis, includes driver load and image load events with signature information, configurable hashing algorithm reporting, flexible filters for including and excluding events, and support for supplying configuration via a configuration file instead of the command line.

AccessChk v5.21
This update to Accesschk, a command-line utility that shows effective and actual permissions for registry keys, files, services, kernel objects, and more, adds an option to report permissions as SDDL strings, adds new process permission types, and fixes a bug with showing process security descriptors.

RU v1.1
RU (Registry Usage), a command-line tool that shows registry usage by key, now supports loading hive files (with the side-effect of compressioning them when done) and reports last write timestamp in CSV output.

et hop! dans la boite à outil-USB!

PierrE