MR Mark Russinovich a mis a jour 4 des outils les plus utilises en debugage : http://blogs.technet.com/b/sysinternals/archive/2015/04/21/update-sysmon-v3-0-autornus-v13-3-regjump-v1-1-process-monitor-v3-11.aspx

Sysmon v3.0 This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, adds the process to process terminate events, reports remote thread creation events, and improves the simplicity and flexibility of filter settings.

Autoruns v13.3 Autoruns, a utility that shows what processes, DLLs, and drivers are configured to automatically load, adds reporting of GP extension DLLs and now shows the target of hosting processes like cmd.exe and rundll32.exe.

Regjump v1.1 Regjump, a command-line utility that navigates Regedit to the registry path specified as a parameter, adds the -c option to jump to the path stored in the copy/paste clipboard.

Process Monitor v3.11 This update to Process Monitor, an interactive system activity monitoring utility, fixes a bug that could cause a crash in the stack summary dialog and a bug that could prevent boot monitoring from working on Windows 10.

Récupérez les ici: https://download.sysinternals.com/files/SysinternalsSuite.zip

Bon debug!

Pierre