A forum for reverse engineering, OS internals and malware analysis 

Forum for announcements and questions about tools and software.
 #11547  by redp
 Fri Feb 10, 2012 6:31 pm
Uploaded new version rc8.8
sha-256 hashes:
32bit version: DF2DA095AB0A68483FFCC885FAB286898FC59A2A980D45CD7A38813DD77FCBFC
64bit version: E9A698C992A3C311FED5DA5D31453304F7B0A685A108FCD4FDBEB615B2690DB8

Changelog:
- add WFP callouts dumping (with -ndis option)
- add checking if primary token of some process belongs to process System
- some bugs was fixed
 #12038  by redp
 Thu Mar 08, 2012 8:14 pm
Uploaded new version rc8.9
sha-256 hashes:
32bit: FB2C0BBD60BA4B0A02579AA9439E5CDD9302386B941904BECFBC8635B0D8F78E
64bit: C592FBB73490C5C7C5133AA1FB83C96771B68A1E94B9A36FA4F90DE64EA9C49F

Changelog:
- add some initial support of windows 8 consumer preview. Some options don`t work yet
- add checking and dumping of ACPI dispatch table
 #12051  by KK_
 Sat Mar 10, 2012 3:18 am
what a pity..i can not access it from china.im blocked!!!!!!!!
 #12052  by a_d_13
 Sat Mar 10, 2012 3:50 am
Hello,

Attached is the latest version of Wincheck mirrored here.

Thanks,
--AD
Attachments
Wincheck
(1000.27 KiB) Downloaded 39 times
 #12060  by KK_
 Sun Mar 11, 2012 8:14 am
a_d_13 wrote:Hello,

Attached is the latest version of Wincheck mirrored here.

Thanks,
--AD
nice work~
 #12190  by redp
 Sat Mar 17, 2012 10:34 am
Uploaded new version rc8.10
sha-256 hashes:
32bit: C39250B68845A2AB61D6F6DD6BAE760B0EB268F81E37B04D988017541DEFC1C8
64bit: 4F14CA11AEF587AF1F7EA7989674392A22DF8A192C6F4B0ED37FC60BF3F3A3C8

Changelog:
* add checking of wow64 service tables
* fixed processing of apisetschema.dll on w8 64bit
* -sdt option now works on w8 dev preview 32bit
 #12235  by ZeroFrost
 Tue Mar 20, 2012 8:34 am
Excellent work. Any GUI version in project?
 #12245  by redp
 Tue Mar 20, 2012 5:24 pm
ZeroFrost wrote:Any GUI version in project?
No
 #12415  by redp
 Fri Mar 30, 2012 9:24 pm
Uploaded new version rc8.11

Changelog:
- -wmi option now works on w8 consumer preview (both 32/64)
- lots names of wmi guids was added
- added checking of PEB.PostProcessInitRoutine
 #12556  by redp
 Sat Apr 07, 2012 10:58 am
Uploaded new version rc8.12
sha-256 hashes:
32bit: 88A1CDA0E587C98739635EBB84D0C040F0E486A7CFEC7B126C00C1B362A55FC0
64bit: 479FB2A538D34F5B5C4584311B598E850FCB72DAF88B7AEE65BCA9FC2A6BB225

Changelog:
- add checking of PlugPlayHandlerTable
- Fixed BSOD on w2k3 32bit
- some other bugs was also fixed