Updates: Coreinfo v3.21, Disk2vhd v2.0, LiveKd v5.31

Coreinfo v3.21: CoreInfo is a command-line tool for reporting processor topology, NUMA performance, and processor features. The v3.21 release adds microcode reporting. Disk2vhd v2.0: Disk2vhd, a utility for performing physical-to-virtual conversion of Windows systems, adds support for VHDX-formatted VHDs (thanks to Brendan Gruber for contributions), now supports WinRE volumes, can capture removable media, and includes…

0

Updates: RAMMap v1.32, Sigcheck v2.01

RAMMap v1.32: This fixes a bug in v1.30 that caused RAMMap to fail on Windows 8. Sigcheck v2.01: This update fixes a bug in the handling of the -u option that sometimes resulted in Sigcheck reporting signed files.

0

Update: RAMMap v1.31

RAMMap v1.31: This update fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.

0

Updates: PsExec v2.0, RAMMap v1.3, Sigcheck v2.0

PsExec v2.0: PsExec, a popular utility for executing processes on remote systems, introduces a new option, -r, that specifies the name PsExec assigns to its remote service. This can improve performance when multiple users are interacting concurrently with a system, since each will have a dedicated PsExec service. RAMMap v1.3: RAMMap, a graphical utility that…

0

Autoruns v11.70, Bginfo v4.20, Disk2vhd v1.64, Process Explorer v15.40

Autoruns v11.70: This release of Autoruns, a powerful utility for scanning and disabling autostart code, adds a new option to have it show only per-user locations, something that is useful when analyzing the autostarts of different accounts than the one thatAutoruns is running under. Bginfo v4.20: BgInfo, a utility that creates custom desktop backgrounds that…

0

Update: Autoruns v11.62

Autoruns v11.62: This release fixes a bug in version 11.61’s jump-to-image functionality.  

0

Updates: Mark’s TechEd Sessions, Autoruns v11.61, Strings v2.52, ZoomIt v4.5

Mark’s TechEd Sessions Available On-Demand:  Mark delivered four top-rated sessions at Microsoft’s TechEd US conference two weeks ago, and the recordings are available now for on-demand viewing. In Windows Azure Infrastructure Services, he gives an overview of the deployment and operation of Virtual Machines and Virtual Networks; in Windows Azure Internals Mark goes under the…

0

Updates: Autoruns v11.6, Procexp v15.31, Procmon v3.05, Sigcheck v1.92

Autoruns v11.6: Autoruns is a utility for enumerating and disabling executables and DLLs configured to activate in dozens of autostart registration points.  This update fixes some minor bugs and adds Authenticode SHA1 and SHA256 hash reporting to Autorunsc output. Sigcheck v1.92: Sigcheck is a command-line utility for reporting image version and signature information.  With this…

0

Updates: Accesschk v5.11, Procdump v6.0, RAMMap v1.22, Strings v2.51

AccessChk v5.11: AccessChk, a command line utility fordumping the effective permissions and security descriptors for files, registrykeys, processes, tokens, object manager objects, now prefixes Windows 8application container SIDs with the word “Package”, and includes several minor bug fixes. Procdump v6.0: Procdump is an advanced utility forcapturing process memory dumps based on a variety of triggers…

0

Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0

Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory. Disk Usage…

0