We're looking for sponsors, read more»

PE Capture Service v1.1

PE Capture Svc is the service-only version of PE Capture software application. It allows you to capture, via the service, all PE files (such as executables, DLL modules and drivers) loaded in the system. It can save a log file with the date/time, fully qualified file path and file hash to easily find the location of a captured PE file. To save performance, the program logs\captures PE files uniquely (using a caching method).

For Windows XP, Vista, 7, 8, 10 (32\64-bit)

app screenshot

A Tool for Incident Response

Aid in the detection of malicious PE files loaded on a computer and simplify the work
of Incident Response analysis. An example use-case is to capture all PE files to a specific folder, then use a script to automatically scan that folder with custom YARA rules to identify malware. Any PE file executed in the
system is captured, not just ones that are loaded.

Capture PE Files

Effectively capture any PE file (executables, DLLs, drivers) loaded in the system.

Save Log Files

Save detailed log files with date/time, fully qualified file path and file hash.

Windows Service

Service-only application that runs in the background, without a GUI.

Very Lightweight

The software application uses only a few MBs of memory, you will not even notice it.

No Spyware\Adware

The program is free from spyware, adware or other pests, nothing extra is installed.

Easy to Use

Just install the service following the instructions and that's all.


Watch the video

With this video we show you PE Capture Service in action, so you can
see how it works and how lightweight it is.


Application Screenshots

Here there are some screenshots of the application.

app screen
arrow
arrow

Product Details

Version 1.1
Last Updated May 21, 2017
Operating System For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Category Malware Analysis Tools
License Type Commercial
File Size 1.3 MB