Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51

AccessChk v5.11: AccessChk, a command line utility fordumping the effective permissions and security descriptors for files, registrykeys, processes, tokens, object manager objects, now prefixes Windows 8application container SIDs with the word “Package”, and includes several minor bug fixes. Procdump v6.0: Procdump is an advanced utility forcapturing process memory dumps based on a variety of triggers…


Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0

Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory. Disk Usage…


Updates: Autoruns v11.41, Handle v3.51, Movefile v1.01, Procdump v5.13, Sigcheck v1.9

Autoruns v11.41: This Autoruns update reports the hosting image target of link shortcut references. Handle v3.51: This minor update to Handle, a command-line utility that dumps process handle tables, fixes a bug in its file share drive letter formatting. Movefile v1.01: Movefile, a utility for scheduling file delete and rename operations for when the system…


Updates: Autoruns v11.4, ProcDump v5.12, SDelete v1.61

Autoruns v11.4: Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug. Procdump v5.12: This Procdump update fixes a bug introduced in v5.11 where it doesn’t save information required by the !runaway debugger command. SDelete v1.61: SDelete…


Updates: DebugView v4.81, ProcDump v5.11, ZoomIt v4.4

DebugView v4.81: Version 4.81 of DebugView, a utility that logs user and kernel-modedebug output messages,  fixes a bug that could cause it on some executionsto fail to capture debug output and enter a CPU-bound loop. ProcDump v5.11: This release of ProcDump fixes a bug introduced in version 5.1 thatprevented it from working on 32-bit Windows…


Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1

AdExplorer v1.44: This release fixes a bug that caused AdExplorer to crash when it encountered corrupted extended rights schemas. Contig v1.7: Contig is a command-line file defragmentation and fragmentation analysis utility. v1.7 has more detailed fragmentation analysis reporting, fixes a bug that enables creation of contiguous files larger than 8GB, and adds support for setting…


Updates: Autoruns v11.34, ProcDump v5.0, Sigcheck v1.8, VMMap v3.11

Autoruns v11.34: This release of Autoruns fixes a bug that caused it to not show some Internet Explorer extensions. ProcDump v5.0: Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and exceptions. Version 5.0 is a major upgrade that adds…