3. Case Studies
The System
This chapter addresses many of the various keys and values within the system-wide Registry hive files that may be of importance to the analyst.
Keywords
SAM, Security, audit, System, CurrentControlSet, ControlSet, Software, Autostart
Introduction
When I sat down to write this book, I was aware that for most folks, providing spreadsheets, tables, and lists of Registry keys and values would not be an entirely effective means of communicating and sharing information about Registry analysis. In fact, after writing the first edition of Windows Forensic Analysis (Syngress Publishing, published in 2007, a.k.a., WFA), it was pretty clear ...
Get Windows Registry Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.