Skip to main content

Process Explorer – Useful options while searching for virus samples.

Process Explorer – Useful options while searching for virus samples.

Process Explorer highlights packed processes with purple (violet) color. Note: very often the packed processes are malicious. Check for file/process signature. Process Explorer has an option called “Verify Image Signatures“. This option automatically checks the CRL (Certificate Revocation List) of the file’s signature. It allows verifying whether that file is valid and if it has […]

Read More

Extract Voice memo (Voice comment) from JPG to WAV

Birth of AudioNet. Recently I spent some time on Googling for Open Source or Free application or .dll able to extract voice comments (voice memo) from .jpg (jpeg) images. I found two programs, so I decided to share my findings since it took some time and maybe someone will find it useful. (Free version): – […]

Read More

dumpcap – Long term network captures.

Wireshark GUI eats huge amount of memory while capturing packets and displaying results. Frequently the wireshark.exe application crash with error: “Runtime Error! The Application has requested that the Runtime to Terminate it in an unusual way. Please contact support…. “ Eventually you may try to decrease the amount of memory consumed during a capture by […]

Read More

SQLite – SqliteStudio 2.0.26

SQLite – SqliteStudio 2.0.26

Reference: http://sqlitestudio.one.pl/ SQLiteStudio is a SQLite database manager with the following features: -Single executable file – no need to install or uninstall. Binary distribution is just the single, ready to use file. -Intuitive interface, -All SQLite3 and SQLite2 features wrapped within simple GUI, -Cross-platform – runs on Windows 9x/2k/XP/2003/Vista/7, Linux, MacOS X, Solaris, FreeBSD and […]

Read More

ProcMon (Process Monitor) – Command Line parameters.

ProcMon (Process Monitor) – Command Line parameters.

You can see details about command lines available by typing “procmon.exe /?” in command prompt or by clicking on Help menu in ProcMon GUI: For instance, if you want to run ProcMon silently and save in realtime captured data into a file, use command below: procmon.exe /AcceptEula /Quiet /Minimized /BackingFile “c:\test.pml” Then, when you want […]

Read More