Browse: Home / Operating Systems / Windows

Windows

The Risks of Windows Hibernation - The hiberfil.sys and Web Browsing

The Risks of Windows Hibernation – The hiberfil.sys and Web Browsing

By Max on February 1, 2010

You can use Windows Hibernate to conserve batteries, electricity, save the environment, the world and the polar bears. However, did you know that by putting your computer into “hibernation” mode that you are essentially creating a snapshot of the contents of your computers RAM which is then saved to the root of the hard drive as “hiberfil.sys”?

Posted in , | Tagged , , , , , | 5 Responses

Delete USB Device History from the Windows Registry (USBSTOR key) and the setupapi.log

Delete USB Device History from the Windows Registry (USBSTOR key) and the setupapi.log

By Max on April 21, 2009

This article covers the USBSTOR registry key and the setupapi.log file and methods to delete them. These two artifacts can contain data regarding USB devices that have been plugged into a system. There are other things you should be aware of as well which are covered in the article. Sometimes just deleting a registry key or file is not enough.

Posted in , | Tagged , , , , | 15 Responses

Disable the LastAccess Timestamp in Windows XP

Disable the LastAccess Timestamp in Windows XP

By Max on February 8, 2009

Requirements Administrator account Windows XP Command Summary Login as Administrator Open a command prompt Enter the command: fsutil behavior set disablelastaccess 1 Restart computer Purpose I’ll come right out and say that this is definitely not a strong anti-forensic technique but it can be helpful. Most forensic examiners already know they can’t rely heavily on lastaccess [...]

Posted in | Tagged | 2 Responses

Archives