Update: Sysmon v3.0, Autornus v13.3, Regjump v1.1, Process Monitor v3.11
This release of Sysmon, an advanced background monitor that records process-related activity to the event log for use in intrusion detection and forensics, adds the process name to process terminate events, reports remote thread creation events, and improves the simplicity and flexibility of filter settings.
Autoruns, a utility that shows what processes, DLLs, and drivers are configured to automatically load, adds reporting of GP extension DLLs and now shows the target of hosting processes like cmd.exe and rundll32.exe.
Regjump, a command-line utility that navigates Regedit to the registry path specified as a parameter, adds the -c option to jump to the path stored in the copy/paste clipboard.
Process Monitor v3.11
This update to Process Monitor, an interactive system activity monitoring utility, fixes a bug that could cause a crash in the stack summary dialog and a bug that could prevent boot monitoring from working on Windows 10.