1. RGiskardR
    Created by RGiskardR
    Nov 17, 2017 at 1:40 PM
    [​IMG]
    Windows Update works for the most part pretty reliable. It is an automated system of Microsoft's Windows operating system that handles the downloading and installing of updates for the operating system.

    At best, it is a silent service that runs in the background; it may ask you to restart the PC every now and then though as that is still required for many updates.

    When you run...
  2. RGiskardR
    Created by RGiskardR
    Nov 10, 2017
    [​IMG]
    When you click on a drive letter of a drive with a RAW partition that has an assigned drive letter, you get the prompt "you need to format the disk in drive [letter] before you can use it. Do you want to format it?".

    While that is a good thing if the drive is new and you want to start using it, it is not such a good thing if you have encrypted the drive.

    Unmounted encrypted...
  3. RGiskardR
    Created by RGiskardR
    Nov 6, 2017
    [​IMG]
    Autoruns is a popular program for Windows to analyze all the different files, programs, and other items that run on system startup.

    It is probably the most used tool for that purpose, and includes lots of nice to have features such as scanning files on Virustotal, hiding Microsoft entries, or management of autorun files to disable or delete items directly from within the program....
  4. RGiskardR
    Created by RGiskardR
    Nov 1, 2017
    [​IMG]
    WhatsApp added a new feature to its messaging applications that you may use to delete messages that you sent already using the client.

    Messages that you sent up until now could not not be deleted by you after the fact. There was no grace period to undo the sending, and it seems that users requested such a feature which works similarly to how...
  5. RGiskardR
    Created by RGiskardR
    Oct 31, 2017
    [​IMG]
    The Windows operating system may throw the error "This app can't run on your PC" when you try to run a program that is detected by the operating system as incompatible with that particular version of Windows.

    The error message can have several causes, and the following guide is an attempt to provide you with information that you may use to analyze and correct the error.

    Please...
  6. RGiskardR
    Created by RGiskardR
    Oct 31, 2017
    [​IMG]
    There are quite a few use cases for wanting to convert a Windows installation to a virtual machine image; maybe you want to run tests on the virtual image afterwards, for instance to run an update to see how it goes. Or, you want to use the image as an option to access data from an old machine that you won't use anymore after the conversion.

    Most virtualization products support...
  7. RGiskardR
    Created by RGiskardR
    Oct 31, 2017
    [​IMG]
    High CPU usage of a process on Windows can slow down other operations to snail like pace. While that is sometimes caused by user run programs, say a taxing computer game or video rendering program, it may sometimes be caused by Windows processes such as Service Host.

    Service Host is a svchost.exe process;...
  8. RGiskardR
    Created by RGiskardR
    Oct 13, 2017
    [​IMG]
    AOMEI Windows PE Builder is a free program for Microsoft Windows devices that you may use to create bootable recovery media.

    Basically, what the program does is create a bootable Windows environment that is based Microsoft's Windows 10 operating system. It adds a couple of extra tools to it, and you may burn the solution to disc or USB Flash drive.

    The program needs to be installed...
  9. kram7750
    Created by kram7750
    Jul 15, 2017
    Hello everybody.

    This knowledge is useful when dealing with malware analysis since it'll help you to identify DLL injection patterns/log API calls and filter for code injection attacks.

    One of the most common methods of DLL Injection usually evolves around Win32 API functions. Due to this method requiring a dependency, it means that it is not as stealth as code injection which will require none, but often DLL injection will not actually be blocked by most typical AV solutions (based on my...
  10. kram7750
    Created by kram7750
    Jul 13, 2017
    Hello everyone.

    With the rise of Petya attacks occurring recently, and due to most traditional AV products not incorporating any real dynamic protection to tackle a threat like Petya, I decided to write a guide on how you can maintain dynamic security against the threat without actually doing anything programming-wise yourself.

    The Master Boot Record is essentially the boot loader for the Operating System; its primary task is to load the kernel in memory. The Master Boot Record must...