RootkitRevealer Usage : Strange drivers
Author: Gruntkiller4000Subject: Strange driversPosted: 04 June 2013 at 4:57amHere is the log file:uploads/46979/Log.zipThe next time I ran GMER in normal mode did the same as Safe mode. It picked up...
View ArticleDevelopment : Process hang checking technique
Author: Lancillotto1973Subject: Process hang checking techniquePosted: 04 June 2013 at 7:47amHi, I've to write a process health monitor, so I want ask you which is the best criteria to consider a...
View ArticleAutoruns : Ease of Access
Author: MeatballsSubject: Ease of AccessPosted: 04 June 2013 at 9:12amEase of Access allows custom executables to be run on the Login screen and setting the Configuration setting ensures these are...
View ArticleProcess Monitor : Is there a way of hooking GlobalAlloc/Free()?
Author: adrianhSubject: Is there a way of hooking GlobalAlloc/Free()?Posted: 12 June 2013 at 7:34amReason is that I think that there is a memory leak and I'd like to track it down. But I don't know...
View ArticlePsTools : PSkill using taskkill filter switches - possible?
Author: subi75Subject: PSkill using taskkill filter switches - possible?Posted: 12 June 2013 at 1:19pmI'm trying to use as part of a script taskkill.exe to kill a speciifc process (by name not pid as...
View ArticleMiscellaneous Utilities : strings+XP+"not a valid win32 app"
Author: c_oakesSubject: strings+XP+"not a valid win32 app"Posted: 12 June 2013 at 2:15pmHey guys, I've just started using Virtual PC as my host machine for malware analysis because I'm tired of dealing...
View ArticleProcess Monitor : Is there a way of hooking GlobalAlloc/Free()?
Author: LMiller7Subject: Is there a way of hooking GlobalAlloc/Free()?Posted: 12 June 2013 at 3:23pmHooking GlobalAlloc and GlobalFree won't do you any good. These functions are officially obsolete and...
View ArticleTroubleshooting : Help pinpoint driver in IRQL_NOT_LESS_OR_EQUAL
Author: BSOD2600Subject: Help pinpoint driver in IRQL_NOT_LESS_OR_EQUALPosted: 12 June 2013 at 5:54pmIn our environment, we've got a bunch of WinXP SP3 workstations which all exhibit the same BSOD...
View ArticleUtilities Suggestions : Global memory or other resource leak finder.
Author: adrianhSubject: Global memory or other resource leak finder.Posted: 12 June 2013 at 6:14pmChecking using the WTM's Performance tab, it looks like after running one application the number of...
View ArticleInternals : SKYDrive from Batch not SKYCMD System/Z z196 CLOUD
Author: Pandoria13Subject: SKYDrive from Batch not SKYCMD System/Z z196 CLOUDPosted: 12 June 2013 at 7:11pmTisk Tisk most Newbeee know how to set it to High Deff but maybe thats why u posting negative...
View ArticleClik here to view.
Internals : SKYDrive from Batch not SKYCMD System/Z z196 CLOUD
Author: TETYYSSubject: SKYDrive from Batch not SKYCMD System/Z z196 CLOUDPosted: 12 June 2013 at 8:46pm
View ArticleDevelopment : Query key control block information (ETW)
Author: alervdSubject: Query key control block information (ETW)Posted: 12 June 2013 at 10:09pmHI!I'm trying to implement registry monitoring using ETW.KeyHandle member of Registry_TypeGroup1 structure...
View ArticleClik here to view.
Miscellaneous Utilities : strings+XP+"not a valid win32 app"
Author: StuartMWSubject: strings+XP+"not a valid win32 app"Posted: 13 June 2013 at 12:27am Bug: Strings v2.51
View ArticleProcess Explorer : control windows services (start/stop/pause)
Author: LMiller7Subject: control windows services (start/stop/pause)Posted: 13 June 2013 at 2:48pmThe developer has some clear ideas of what Process Explorer should be and what it should not. Others...
View ArticleAutoruns : autoruns crashing on Windows 7 Pro, SP1
Author: jimk_9999Subject: autoruns crashing on Windows 7 Pro, SP1Posted: 13 June 2013 at 3:01pmHi all,I have autoruns crashing on Windows 7 Pro (64-bit), SP1The crash occurs during the scan - please...
View ArticleMiscellaneous Utilities : Zoomit64 crashes
Author: retiredfieldsSubject: Zoomit64 crashesPosted: 13 June 2013 at 3:06pmZoomit 4.42 crashes when doing a live zoom. Nvidia 320.18 driver on Win 8.Loading Dump File...
View ArticleAutoruns : autoruns crashing on Windows 7 Pro, SP1
Author: MarkSubject: autoruns crashing on Windows 7 Pro, SP1Posted: 13 June 2013 at 4:44pmPlease upload a dump file so that I can take a look.
View ArticleAutoruns : autoruns crashing on Windows 7 Pro, SP1
Author: jimk_9999Subject: autoruns crashing on Windows 7 Pro, SP1Posted: 13 June 2013 at 6:38pmHi Mark,Here's a procdump. It is the first time that I have ever used procdump (and SkyDrive), so I...
View ArticleMiscellaneous Utilities : Zoomit64 crashes
Author: MagicAndre1981Subject: Zoomit64 crashesPosted: 13 June 2013 at 6:45pmhave you tried older nVIDIA drivers? The driver 320.18 seams to be buggy.
View ArticleProcess Monitor : Procmon Durations wrong?
Author: skelkerSubject: Procmon Durations wrong?Posted: 13 June 2013 at 7:58pmI had a similar issue today. 106 seconds to do a IRP_MJ_READ of 64K. This seems excessive, and doesn't add up based on...
View Article