Fix Amcache artifact (#1902)

Suppressing Symbol not found warnings is necessary now that
collections will fail due to that.

artifacts/definitions/Windows/Persistence/Debug.yaml

@@ -7,11 +7,11 @@ description: |
   same time (with the same privileges).
 
   There is an additional key for x86 executables HKEY_LOCAL_MACHINE\
-  SOFTWARE\wow6432node\Microsoft\Windows NT\CurrentVersion\Image File 
-  Execution Options\* however this is kept inlign with the x64 key and 
+  SOFTWARE\wow6432node\Microsoft\Windows NT\CurrentVersion\Image File
+  Execution Options\* however this is kept inlign with the x64 key and
   therefore does not need to be processed.
 
-  Limitations: This queries the live registry and therefore does not 
+  Limitations: This queries the live registry and therefore does not
   parse data in Windows.old or Regback folders, or VSS.
 
 reference:
@@ -23,10 +23,11 @@ parameters:
 
 sources:
   - query: |
+        LET X = scope()
         SELECT Key.ModTime as KeyLastWriteTimestamp,
                Key.FullPath as _Key,
                Key.Name AS Program,
-               Debugger 
+               X.Debugger AS Debugger
         FROM read_reg_key(globs=imageFileExecutionOptions)
         WHERE Debugger
         Order By KeyLastWriteTimestamp

artifacts/definitions/Windows/System/Amcache.yaml

@@ -28,17 +28,18 @@ precondition: |
 sources:
   - name: InventoryApplicationFile
     query: |
+        LET X = scope()
         SELECT FileId,
                Key.OSPath.Path as Key,
                Key.OSPath.DelegatePath AS Hive,
                Key.Mtime as LastModified,
-               LowerCaseLongPath as Binary,
-               Name,
-               Size,
-               ProductName,
-               Publisher,
-               Version,
-               BinFileVersion
+               X.LowerCaseLongPath as Binary,
+               X.Name AS Name,
+               X.Size AS Size,
+               X.ProductName AS ProductName,
+               X.Publisher AS Publisher,
+               X.Version AS Version,
+               X.BinFileVersion AS BinFileVersion
         FROM foreach(
           row={
             SELECT FullPath from glob(globs=expand(path=amCacheGlob))

gui/velociraptor/src/components/sidebar/navigator.css

@@ -40,7 +40,8 @@ section.navigator a {
 }
 
 .navigator.nav-pills.nav .nav-link.disabled {
-  pointer-events: none;
+    opacity: 30%;
+    pointer-events: none;
 }
 
 .navigator.nav-pills.nav {

gui/velociraptor/src/components/vfs/file-stats.js

@@ -138,16 +138,24 @@ class VeloFileStats extends Component {
                       <dd className="col-8"> {selectedRow.Mode} </dd>
 
                       <dt className="col-4">{T("Mtime")}</dt>
-                      <dd className="col-8"> {selectedRow.mtime} </dd>
+                      <dd className="col-8">
+                        <VeloTimestamp usec={selectedRow.mtime}/>
+                      </dd>
 
                       <dt className="col-4">{T("Atime")}</dt>
-                      <dd className="col-8"> {selectedRow.atime} </dd>
+                      <dd className="col-8">
+                        <VeloTimestamp usec={selectedRow.atime}/>
+                      </dd>
 
                       <dt className="col-4">{T("Ctime")}</dt>
-                      <dd className="col-8"> {selectedRow.ctime} </dd>
+                      <dd className="col-8">
+                        <VeloTimestamp usec={selectedRow.ctime}/>
+                      </dd>
 
                       <dt className="col-4">{T("Btime")}</dt>
-                      <dd className="col-8"> {selectedRow.btime} </dd>
+                      <dd className="col-8">
+                        <VeloTimestamp usec={selectedRow.btime}/>
+                      </dd>
 
                       { selectedRow.Download && selectedRow.Download.mtime &&
                         <>