Frontrange - Enteo DSM 7.2 ab 6. Dezember 2012 | RDP 8.0 client mit Remote-FX in WSUS-Update

SANS Poster Artifact Analysis, Windows XP/7

by butsch 25. October 2012 17:35

SANS has released a genius post with a lot of Windows XP/Win7 reference and paths. For everyone who has to do with Antivirus this may be a good help.

It gives you also a good overview of Windows 7 paths and locations.

Index.dat
Sykpe History
Prefetch Apps
NLA Network Cache (See to which network the laptop had connection the last few days)
Flash Player Paths and Cache

https://blogs.sans.org/computer-forensics/files/2012/06/SANS-Digital-Forensics-and-Incident-Response-Poster-2012.pdf

fef83285-b031-45c9-91fb-dc646c9f8005|2|4.0|27604f05-86ad-47ef-9e05-950bb762570c

Tags:

Windows 7 64BIT POST SP1 Hotfixes for corporate enviromentWindows 7 64BIT POST SP1 Hotfixes for corporate enviroment It's Windows 64BIT migration tim...09.05.2017, Windows Defender vulnerability and the question if you have to update in Enterprise? Microsoft has released a critical out-of-band security update addressing a vulnerability in the Micr...WSUS: Windows Update Server. Most common Problems. FAQConnect to SQL Internal WSUS Datbase on diffrrent OS: Auf 2003: \\.\pipe\MSSQL$MIC...

Comments are closed

Werbung von Drittfirmen (Nicht Butsch Informatik):

SANS Poster Artifact Analysis, Windows XP/7

Related posts

PostList

VMWARE Workspace One, iPhone, iOS 17, Enterprise Wipe after Update. Issue known since 07.07.2023

Powershell, Retrieve DisplayName,DisplayVersion,Publisher from Registry or export.REG

Eventviewer, eventvwr.exe commandline filter XML query buildingm (Call and pre filter view with one line)

Azure Application Proxy | Die Eierlegende kostenlose Woll-Milch-Sau um on-premises Server extern erreichbar zu machen

02.07.2023, CITRIX 0-DAY, Pre Authentication XSS in Citrix Gateway (CVE-2023-24488)

M365/CLOUD, watch Microsoft status LIVE | See who has high volume traffic at homeoffice

M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

Exchange 2013, 2016, 2019, Event 3028, KILLBIT error, you can safely ignore since 2014

M365 | on-premise, Outlook.exe DEBUG logging for troubleshooting complete guide

SANS Poster Artifact Analysis, Windows XP/7

Related posts

CategoryList

PostList

VMWARE Workspace One, iPhone, iOS 17, Enterprise Wipe after Update. Issue known since 07.07.2023

Powershell, Retrieve DisplayName,DisplayVersion,Publisher from Registry or export.REG

Eventviewer, eventvwr.exe commandline filter XML query buildingm (Call and pre filter view with one line)

Azure Application Proxy | Die Eierlegende kostenlose Woll-Milch-Sau um on-premises Server extern erreichbar zu machen

02.07.2023, CITRIX 0-DAY, Pre Authentication XSS in Citrix Gateway (CVE-2023-24488)

M365/CLOUD, watch Microsoft status LIVE | See who has high volume traffic at homeoffice

M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

Exchange 2013, 2016, 2019, Event 3028, KILLBIT error, you can safely ignore since 2014

M365 | on-premise, Outlook.exe DEBUG logging for troubleshooting complete guide