Analyzing the Windows SRUM Database
August 15th, 2025 by Oleg Afonin
When it comes to Windows forensics, some of the most valuable evidence can be stored deep inside system directories the average user never touches. One such source of evidence is the System Resource Usage Monitor (SRUM) database. Introduced in Windows 8 and still shipping today with the latest Windows 11 updates, SRUM collects detailed historical records about application usage and network activity. This database is a perfect source of data for reconstructing the user’s activities during an investigation. In this article, we’ll review the available types of data and demonstrate a way to access the SRUM database by using a bootable tool.
Load yourself to the full with books and music for free
September 21st, 2009 by Olga Koksharova
Back from summer holidays? Suntanned, full of energy, had a good time? And worried about your bank account balance? Don’t strain your nerves unnecessarily, rather keep your business flourishing. We say that your money will return like a homing pigeon back to you! Keep your windows wide open
More on Radeon HD 5000
September 10th, 2009 by Vladimir Katalov
Tom’s Hardware is a really good source we can definitely trust, so if you need more details on Radeon HD 5000-series cards (specifications and prices) that are coming soon, just read:
AMD vs NVIDIA, next round
September 9th, 2009 by Vladimir Katalov
Looking for new password cracking hardware (to take advantage of GPU acceleration)? Wait just a little bit more: new ATI and NVIDIA cards (with DirectX 11) will be available soon.
Fastest GPU(s)
August 11th, 2009 by Vladimir Katalov
Just about two weeks ago, ATI has introduced the fastest GPU yet: FirePro V8750. 800 shader engines, 115.2 GB/s memory bandwidth, 2 GB frame buffer memory (GDDR5), two DisplayPort outputs, one DVI output. Thinking about purchasing it? The cost is as high as $1,800. More details at Tom’s Hardware.
Advanced Office Password Recovery: customizing the preliminary attack
August 4th, 2009 by Andrey Malyshev
Every time when you open a document in Advanced Office Password Recovery it performs the preliminary attack in case when the "file open" password is set. This attack tries all passwords that you recovered in past (which are stored in password cache), dictionary attack and finally the brute-force attack is running.
Office 2010: two times more secure
July 28th, 2009 by Andrey Malyshev
We are waiting for release of new Microsoft office suite – Office 2010. Right now Microsoft has only technical preview of new Office; this preview has been leaked from Microsoft and everyone can download it with the help of torrent trackers. We’ve got a copy of Office 2010 and analysed its (new) password protection.
ElcomSoft News
July 22nd, 2009 by Katerina Korolkova, Direktur Humas
As the second summer month is coming to an end, it’s time to sum up our news and updates that you might have missed because of vacation in some tropical heaven. Last two weeks brought us really hot days, not only because of the temperature in Moscow City but also due to hard work on program updates. Here is the news:
Password masking: myths and truths
July 7th, 2009 by Vladimir Katalov
In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.
Disaster Recovery and its key objectives
July 6th, 2009 by Olga Koksharova
New statistics* shows disaster recovery (DR) is getting more attention, and more upper level execs become involved with DR issues. Ideally, each company should have an emergency plan in case of power/system failure, loss of access, outside attack, sabotage or else – called DRP (disaster recovery plan) or even DRRP (disaster response and recovery plan). DRP is only a part of risk management practices which ensure emergency preparedness and risk reduction and include such initiatives as regular data backups, stocking recovery software, archiving, etc. – these activities are reflected in PMI and NIST standards.
