Pages

Wednesday, August 14, 2013

7-Zip

The download links above redirect you to download pages on SourceForge.net

License

7-Zip is open source software. Most of the source code is under the GNU LGPL license. The unRAR code is under a mixed license: GNU LGPL + unRAR restrictions. Check license information here: 7-Zip license.
You can use 7-Zip on any computer, including a computer in a commercial organization. You don't need to register or pay for 7-Zip.

The main features of 7-Zip

  • High compression ratio in 7z format with LZMA and LZMA2 compression
  • Supported formats:
    • Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM
    • Unpacking only: ARJ, CAB, CHM, CPIO, CramFS, DEB, DMG, FAT, HFS, ISO, LZH, LZMA, MBR, MSI, NSIS, NTFS, RAR, RPM, SquashFS, UDF, VHD, WIM, XAR and Z.
  • For ZIP and GZIP formats, 7-Zip provides a compression ratio that is 2-10 % better than the ratio provided by PKZip and WinZip
  • Strong AES-256 encryption in 7z and ZIP formats
  • Self-extracting capability for 7z format
  • Integration with Windows Shell
  • Powerful File Manager
  • Powerful command line version
  • Plugin for FAR Manager
  • Localizations for 79 languages
                                      DOWNLOAD NOW!!!!


7-Zip works in Windows 7 / Vista / XP / 2008 / 2003 / 2000 / NT / ME / 98. There is a port of the command line version to Linux/Unix.
On 7-Zip's Source Forge Page you can find a forum, bug reports, and feature request systems.

Compression ratio

We compared 7-Zip with some of the leading archivers.
FILE SETS: Mozilla Firefox 1.0.7 for Windows and Google Earth 3.0.0616 for Windows after full installation.
Compression ratio results are very dependent upon the data used for the tests. Usually, 7-Zip compresses to 7z format 30-70% better than to zip format. And 7-Zip compresses to zip format 2-10% better than most of other zip compatible programs.

B. Kamins C-Resveratrol Serum Kx Review




Press Sample/Affiliate Link


B. Kamins is an outstanding company that consistently makes extraordinarily high quality luxury skincare. I have tried many of their products, and have many of them in my current daily product rotation. I love face serums, and am actually rather obsessed with them, thus I was naturally quite interested in their C-Resveratrol Serum Kx. It has not only lived up to

Surya Brasil Amazonia Preciosa Hands & Body Lotion Review




Press Sample

The Surya Brasil Amazônia Preciosa line,




Features cosmetic products for skin and hair care, which promote beauty while respecting nature.

They are more than just natural cosmetics; they are organic cosmetics! They are rich in plant oils, essential oils, extracts, butters and other active ingredients that promote the benefits of nature in its purest state, composing a

Daily Blog #52: Understanding the artifacts LNK Files

Hello Reader,
               Time to continue the series of understanding the artifacts building up to a deeper understanding of proving usage. Today we are going to go into a well known artifact LNK files and them move through Jump lists, MRU keys and the other artifacts we use to establish use and explain how to stitch them together. Along the way we will detail the nuances that can change your opinion or possibly lead to misinterpretation.

LNK files are one the simplest artifacts and many, many, many people have written about them. Here are some of my favorite LNK write ups if you are reading this and are not familiar with them:

http://www.forensicswiki.org/wiki/LNK
http://www.forensicfocus.com/link-file-evidentiary-value
http://windowsir.blogspot.com/2013/06/there-are-four-lights-lnk-parsing-tools.html

The funny thing about artifacts as simple as LNK files is that they reveal as much information to the examiner as they care to know. When I do interviews for a position at G-C I ask a series of questions relating to artifacts and what they mean to the examiner. This isn't a trick question, which I explain to the interviewee, but rather a gauge to determine how far down the rabbit hole the examiner has gone. As an example for LNK files I would ask the following to an interviewee:

'What can you determine from a LNK file'

I can determine the rough expertise of an examiner by how many of the following points they answer with. I then take this in combination with other artifact questions/scenarios and the level of depth they answer to determine their level of forensic experience rather than focus on their resume.

Beginner Answer:
A LNK file reveals what files and/or programs a user accessed.

Intermediate Answer:
A LNK files reveals what files and/or programs a user accessed and the network path and MAC address of the where the access took place.

Experienced Answer:
A LNK file reveals what files and/or programs a user accessed and the network path and MAC address of where the access took place. In addition it contains the timestamps captured from the file and/or program being accessed that represents the file at the time the access took place.

Senior Answer:
A LNK file reveals what files and/or programs a user accessed and the full path\network path and MAC address of where the access took place. In addition it contains the timestamps captured from the file and/or program being accessed that represents the file at the time the access took place. It also contains the volume serial number of the device which you can use to match the LNK back to the volume the file came from if not a network data source. In addition LNK files contain shell items allowing the examiner to determine the type of folder being accessed (volume/network/file/uri).

Expert Answer:
A LNK file contains two sets of timestamps relevant to the examiner. The first set of MAC times belong to the LNK file itself, it reveals by creation date when the file was first accessed as recorded by this LNK file. The modification time records the last time the LNK file was updated and should reflect the last successful access. The second set of dates is maintained within the LNK file and represents the MAC times of the file being accessed based on the last successful access to the file from the LNK file. In order to determine prior states of the file you can examine the restore points (XP), shadow copies (win 7) and carved LNK files to find all the other versions of this LNK file that also reference this file and volume serial number/shell item uniquely. Each updated set of internal MAC times represents another successful access of the file through the LNK File and should be counted towards usage.

Now if you noticed I didn't say the Expert Answer had to go into depth on the technical structure as to what all can be contained within a LNK file, that isn't as important to me as the ability to properly interpret what the data means in the context of analysis. I assume that anyone who can give me an expert answer already has the technical knowledge of the file format to give additional facts when needed, but I find that people who give just technical information are missing the larger picture of what they data means in their analysis and what they can prove with it.

So with that said, tomorrow we will continue on with usage artifacts. Do you think I missed something or do you have an even better answer? Leave it in the comments, I'm always interested in additional views on analyzing familiar artifacts! 

GUI Designer: Koda 1.7.3.0

    DownLoad Now!!!
What's new:
  • Graphic editor
  • Better support of limited accounts and UAC under Vista/Seven
  • Styles editor allow multiple selection
  • Icons in additional controls (Tab, ListView, TreeView)
  • Redone Object tree, with support of editable descriptions
  • Awareness of GUI_SS_DEFAULT styles
  • And many smaller changes (see full history)


New version 1.7.2.0 is out!
What's new:

  • Added small abilities that become in latest beta of Autoit
  • Improved language system
  • Improved update checking
  • Improved site

New version 1.7.1.0 is out!
What's new:

  • Customizing colors
  • External import framework
  • Custom controls (ones that available via standard UDFs)
  • Rewritten support for icon - now it support full color ones
  • Better support (bugtrackerwiki)

Bugfix release 1.7.0.1 is out!

After another year, new version 1.7.0.0 is out!

Most significant changes in this release:

  • Customizable toolbars
  • Undo support
  • Aligning palette
  • Import Autoit GUI scripts
  • Full help file, with context sensitive help support
And as usually, lots of bugfixes and small changes.

After long period of development and testing, new release 1.6.0.0 is finally here! Thanks to all who support us and help done this work!

Most significant changes from previous release:

  • New, more fast and reliable form read/write routines.
  • Rewritten form list handling code
  • Menus support (with visual editor)
  • Obj support (with visual browser)
  • Templates-based code generation
  • Generating event-based code
  • Help file (unfinished)
Old topic is here, some bugs posted there are not resolved yet, so please check it too. 

WinRAR 5.00 Beta 8 (32-bit)

WinRAR 5.00 Beta 8 (32-bit) WinRAR is an archiving utility that completely supports RAR and ZIP archives and is able to unpack CAB, ARJ, LZH, TAR, GZ, ACE, UUE, BZ2, JAR, ISO, 7Z, Z archives. It consistently makes smaller archives than the competition, saving disk space and transmission costs. WinRAR offers a graphic interactive interface utilizing mouse and menus as well as the command line interface. WinRAR is easier to use than many other archivers with the inclusion of a special "Wizard" mode which allows instant access to the basic archiving functions through a simple question and answer procedure. WinRAR offers you the benefit of industry strength archive encryption using AES (Advanced Encryption Standard) with a key of 128 bits. It supports files and archives up to 8,589 billion gigabytes in size. It also offers the ability to create selfextracting and multivolume archives. With recovery record and recovery volumes, you can reconstruct even physically damaged archives.
                                                              DOWNLOAD NOW!!!!!



Wc3isk v2.1 RC 7 – Warcraft 3 Inventory Hotkey

DESCRIPTIONS
Wc3isk or Warcraft III Inventory Short Key is a support tool for warcraft III. The other name of this tool is Active Inventory HotKey. This tool is just like a keyboard driver, not like other tools, it does not hack into Warcraft III. So, it is safe to use with battle.net or Garena.
FEATURES
- Support Multimedia Keyboard and Gaming Keyboard.
- Support 5-buttons Wheel Mouse.
- Support chatting (native) (v2.1 or newer).
- Work like a keyboard driver.
- Does not hack into Warcraft III or Garena.
- Legal to all Anti-Virus.
- Only one single file, extract and run.
- Very Small (77KBs).
NOTE
- Config dialog auto show up when running program for the first time.
- Keyboard control software (eg: Setpoint, itouch…) should be turn off.
- Keyboard Hot-key ON/OFF (F7) can be changed.
- You can press hot-key while holding Shift for way point function.
- Enable Wheel support will also lock scroll wheel.
- In Windows Vista/7Wc3isk must run under administrator privilege (Run as Administrator).
- Alt-F4 is reserved for fast closing.
- To know which keys are available for hot-key, please read “Readme.txt”.
- Annoying balloon tips can be disabled in tab “Info…”.
- Series v2.1 are special builds for DoTA, maybe incompatible with other maps.
- Version for x86 system will also work in x64 system but it comes with some unexpected bugs.
ISSUE
- SPACE is not working. You want it, you pay for it. You have to accept that so-call buggy.
- Number button (above button QWERTY) when use with Shift will make conflict. Combination Shift + [1] will set [1] with function “focus on hero” also overridden numpad function. There is no cure for this, not for version 2.1rc7 or older version.
SCREENSHOT









                 DOWNLOAD NOW!!!!!!!
HISTORY
wc3isk v2.1 RC7-Change key [space] into available Hotkey.
wc3isk v2.1 RC6-Fix silly mouse bug ‘out side’ war3, occur in wc3isk v2.1 rc5
-Fix mouse hotkey serious bug (one mouse click and there goes 16 times hotkey)
-Fix button [`].
-Fix minor bugs in key/mouse capture engine.
-V2.1 series are special builds for DoTA, other map may be incompatible.
wc3isk v2.1 RC4-Re-construct the whole key capture engine.
-Make new rules on assigning hot-key.
-Support chatting (native).
-Minor tweaks on GUI.
-Put option Show Config on start.
-Minor tweaks on mouse capture.
-Bugs fix in wc3isk v2.1 rc3.
-Fix minor bug in chatting and in new key capture engine.
-V2.1 series are special builds for DoTA, other map may be incompatible.
wc3isk v2.0+-Core engine from v2.1 RC2
-Remove chat support feature to make it compatible with all maps.
wc3isk v2.0f-Release on Dec-1-2009.
-Already known as final version.
-Windows 7 supported.
-Update some minor functions.
-Auto acquire Admin Privilege (use with Garena).
wc3isk v2.0d-Fix Keyboard Hot-key bugs in v2.0c.
-Fix Wheel issues.
-Add function: “Enable Mouse Support” for who want mouse capture.
-Improve Mouse capture engine.
-Add function: “Disable Wheel Scroll”.
-F8 – Toggle ON/OFF keyboard Hot-key.
wc3isk v1.0d-ESC will now cancel assign key.
-Fix some issues when assign one key to more than one button.
-Decrease picture size by convert to JPEG and load with JPEG support lib.
-Improve key detect engine.
-Support multimedia keyboard.
-Fix some minor issues.
-Tweak on executable file size.
wc3isk v1.0:-The first stable version.



Microsoft: Windows 8.1 will launch on October 18th By Tim Schiesser
Make offer to earn money
 On August 14, 2013, 8:58 AM Breaking News Microsoft has announced that Windows 8.1 will begin rolling out to users worldwide on October 18th at 12am New Zealand time (4am PT on October 17). The update will hit retail channels a day later, with new devices running Windows 8.1 and boxed copies of the software expected to be available. For everyone currently running Windows 8, Microsoft will be delivering Windows 8.1 as a free update through the Windows Store. As previously reported, the update brings a number of new features and improvements over Windows 8. The Start button will partially return, search and multi-tasking have been greatly enhanced, the Start screen has been improved including new customization options, and the OS has been optimized for smaller tablets. Microsoft is expected to deliver final Release to Manufacturing (RTM) code to OEMs by the end of August, as recent reports have indicated. Unlike previous years, the RTM code will not be made available to TechNet and MSDN subscribers before the general launch in October. Instead, Microsoft is expected to work on several zero-day patches during the time between RTM and release, fixing minor issues discovered by OEMs. In the lead up to the Windows 8.1 launch on October 18th, expect to see many new devices emerge from the shadows running the new OS. It's possible that we'll see Microsoft line-up the next-generation Surface launch with the release of Windows 8.1, marking the one year anniversary of both the original Surface RT and Windows 8. Other OEMs are also expected to show off smaller Windows-powered tablets, making use of Microsoft's small-screen optimizations.

Lam's Noodle House | Signature Specialty Noodle


3rd August 2013.
Desperately hungry and tired Yew Ann dragged me away from my peaceful outdoor sketching to Lam’s Noodle House at Marina Square.


Priced at 5.20 SGD, their Signature Specialty Noodle comes with fish ball, sliced meat, vegetables, minced meat, one prawn, an egg and fish skin. The noodle’s texture was decent, springy and doesn’t stick to the teeth and after mixing, it gets coated with an oily but delectable special sauce. The sliced meat was a tad dry and tough but the nicely done egg makes up for it.

Lam's Noodle House / Lam's Abalone Noodles
Located on the same floor as the food court in Marina Square and opposite Wee Nam Kee Chicken Rice.
Marina Square  
6 Raffles Boulevard 
Singapore 039594

Six Things You Should Know About Me + A Giveaway!

6 things you should know about me
I'm so glad that my friend Rachel decided to tag me in this! She's been one of my favorite bloggers for a long time now and I love reading about her time as an expat in Europe and especially about her transition back to the states. Because let's face it, as much as I want to live forever overseas, we will most likely end up back 'home' in Oklahoma and I know it won't be the easiest transition to make! Besides my love of Rachel's blog, I'm a sucker for anything that lets people know a little bit more about the blogger on the other side of the screen. So let's get this party started!
1. What's the best piece of advice anyone has given you?
Just keep swimming...just keep swimming. Ok, not really even though that is really good advice. I remember growing up, my mom would repeat the scripture to me 'do not worry about tomorrow for tomorrow has enough worries of it's own'. Can you tell I was a worry wart growing up? I tried to control everything I could and when I couldn't, I would stress and worry about it. But I have to realize that there is only so much that I can do, only so much that I actually have control over. With the other things, I need to do what I can, and let the rest go! 

2. If you could meet any blogger in person, who would you choose?
It's no lie that me and Laurie were meant to be neighbors. I met her months ago when I was just starting to rebrand my blog (aka actually take this thing seriously) and we hit it off right away and try to talk often. I keep trying to talk her into coming and visiting! But there's something about a stupid ocean separating us or some nonsense like that. 

Other than that, I also have my dream team that I would love to have an international blogger meet up with. Hey Rachel, Belinda, Bonnie, Melyssa, Crystal, Nicole, Casey, Katie, and Jenna...are you down?

3. What's your biggest struggle in life?
Being too much of a planner. I'm always looking to what's next, the next step, the next destination, the next job. It's not always a bad thing but it goes along with the worrying I talked about above. I'm a planner through and through and I want to know what the next five steps are in advance. And it goes without saying that sometimes there's just no possible way of knowing or things can change last minute (especially here in Korea) and it can stress.me.out.  

4. Favorite piece of jewelry {other than your engagement/wedding ring} and why?
I have two pieces of jewelry that mean the world to me. The first one is a pearl necklace that my grandma gave me when I was born. You are supposed to add another pearl each year but I liked the simplicity of just a few tiny pearls on there. 
The second one is my great great aunt's engagement ring. This is a woman that I looked up to and admired. She was the oldest of 13 children and spent her life caring for others and raising her siblings. She was brave enough to walk away from a dangerous marriage even at a time when it was highly looked down upon to do so. She then married a wealthy man because he promised to give her an education (one of the most important things to her) and she continued to work until very late in life editing and reviewing books. My favorite story is when she told me about her second marriage, how they never ummm....consummated it, how there was always another man with them when they went out to dinner, and the list goes on and on. In her upper 90's she sat in her chair, tilted her head and told us, 'ya know what...I think he was gay.' Even though this ring isn't from the best marriage, it reminds me of her and what a strong and hardworking woman she was. 

5. What's something you love about yourself?
I really love my bright blue eye color. My whole family has dark features...and then there's me with my pale complexion, blonde hair and blue eyes. I used to hate it because I stood out and didn't look like the rest of my family. But over the years I have started to love my eye color for the fact that it's unique. My siblings actually used to tell me that I was adopted when I was little and I remember believing them and going up to my mom and telling her it was ok if I was adopted, and that she could tell me the truth. Thankfully I have my grandma's nose and my sister's laugh to seal my fate as a part of my family. 

6. Tell us something we don't know about you.
Deep water makes me a little nervous. Weird coming from someone who loves to sail and is scuba certified. But something about not knowing what's around you...or beneath you, makes me nervous every time. 

Pick six to answer for yourself:
1. When you were little, what did you want to be when you grew up?
2. If you had an endless supply of one food, what would you get?
3. If you could hop on a plane right now, where would you go and why?
4. What is your biggest pet peeve?
5. If you had to describe yourself in three words, what would they be? 
6. What is your biggest fear?
7. Would you rather be rich and stressed? Or poor and happy?
8. If money and university major didn't matter, what job would you want?
9. Why did you start blogging? Do you still do it for the same reasons?
10. What makes you the happiest?

I'm tagging:
Katie
Crystal
Nicole
Jamie
Kenzie
Jenna
--------------------
And as an added bonus today, I'm jumping on board with Crystal from The Happy Type and some very lovely ladies to bring you a truly Korean giveaway! I have to admit, Korea has some of the best beauty products I've ever tried, and they're super affordable too! And lucky you can win some of these amazing products to try for yourself!
OLYMPUS DIGITAL CAMERA
It’s no secret that South Korea is any cosmetic and beauty product lover’s playground. For years South Korea has been one of the world’s leaders in beauty product production and most recently its innovative BB and CC creams have set the states a buzz. Birchbox calls South Korea ground zero for beauty innovation”, so why not see what all the fuss is about? 

Lucky for you, you don’t have to get on a plane to Korea to take part in the Korean cosmetic boom! I have spent the better part of two years living, learning, and loving the country of Korea and in honor of my return home to America, my friends and I are giving little old you the opportunity to get your hot little hands on a whole slue of Korean cosmetics and beauty products.
Korean Beauty Giveaway 
Here are the lovely sponsors for this crazy awesome beauty product giveaway!
OLYMPUS DIGITAL CAMERA
goodsfinal

a Rafflecopter giveaway
Rules:
1. The validity of the winner’s entries will be verified by me and if any entries are false a new winner will be selected.
2. Winner will be contacted no later than the 23rd. Winner will have 48 hours to respond, if winner does not respond with 48 hours a new winner will be notified by email.
3. Sit back and relax because I’ll package your pretty little package up and get it in the mail. Contest is only open to U.S. residents.

Bourjois Laser Toppings Nail Polish Review & Swatches

�Top Coat� nail polishes have been super popular recently with lots of brands bringing out different formulations (such as confetti, glitter & opal top coats) to switch up your usual plain nail style.  The most recent is by Bourjois with their new Laser Toppings, to add a bit of sparkle and glitter to everyday nails.

Very sorry for this picture heavy post � I just think they are too beautiful not to photograph!

bourjois lasermanicure
bourjois laser 
Without an undercoat

LASER TOPIINGS

GOLD LASER TOPPINGS
So Laque Glossy in BC Beige & Laser Toppings in Sun Scale

LASER TOPPING 2
So Laque Glossy in Adora Bleu & Laser Toppings in Blue Neon
 
LAZER TOPPINGS3
Violet Couture &  Laser Toppings in Aqua Purple

The Laser Toppings include tiny little shiny, metallic strips in a clear base which remind me a little of the Nails Inc Feather collection.  These can be used alone & built up to create a full-on opaque glitter nail, but as you can see above these toppings really stand out and come alive when paired with a base coat of the same shade.  The Beige & Sun Scale combination is my current favourite for an everyday nail art look.  I recommend these if you�re looking to jazz up basic blocks of colour on the nails with something a little more interesting than just plain glitter.

These are available now for �5.99 each in your local Boots & Superdrug stores.

Will you be purchasing these babies?  What�s your favourite current nail top-coat?

xxx

Tuesday, August 13, 2013

Daily Blog #51: Understanding the artifacts USNJrnl

Hello Reader,
        I'm going to change tracks this week and focus on a deeper understanding of the USNJrnl and its associated artifacts to prove usage from our challenge two weeks ago. To prepare for this series I want to take a bit to explain what each of the artifacts we rely on for proof of usage were created for. When we are complete I hope you will look at your cases in a different way.

Today we are going to talk about the USNJrnl. The USN Jrnl or Update Sequence Number Journal aka the Change Journal was first introduced in Windows 2000 but didn't get enabled by default until Windows Vista (that I know of, please leave a comment if you have evidence of other default states/os's). I have seen it enabled for EFS encrypted drives on XP but I can't say if that's a default setting.The concept of the change journal was simple, many programs need to know when files are changed so they can be backed up, compressed, scanned, replicated, etc...

Prior to the change journal a developer would have to register hooks or shims into the operating system for all reads and writes to be able to be notified that a file is being created/modified/deleted and to process it. The Change Journal gave the developer a central api to monitor that covered all subscribing functions and prevented  a lot of unnecessary overhead. You can read more about the basics of the Change Journal here on wikipedia. The original announcement of it was made in September 1999 and can be found here its interesting that it took as long as it did for it to be enabled by default. You can see that it was being marketed to developers as a way to centrally monitor file system changes and improve performance.


The current change journal development documents are here and if you relying on change journal evidence in your cases you should be familiar with the use case scenario because things are not as black and white as they appear. What do I mean by that? In our testing we've found that a file left open overnight and accessed at different times will create multiple USN open/close/delete events. You cannot rely on the file open and file close times of a file to determine total time of access, it may only be showing you the times of activity against a file that was open the entire time. In addition we've found file close/file delete being used to close a file handle but not to delete the file itself.

I'm going to into more detail of how individual Change Journal operations work and get logged as we move forward so I don't want to get ahead of myself. So in summary remember that the Change Journal keeps track of file system changes for the benefit of those subscribing services. If you are unsure of a pattern of records your seeing the best thing you can do is build a virtual machine and try to recreate those actions to validate your assumptions. The Change Journal is not as simple as we all though it to be! Tomorrow I'm going to continue talking about Usage artifacts and then go into depth on the Change Journal and the rest of them.