-
1
-
-
84867716369
-
University of delaware police computer forensics lab
-
URL Accessed Sep 2008
-
Bunting, S. (2008) University of Delaware Police Computer Forensics Lab. Restore Point Forensics. URL http://128.175.24.251/forensics/restorepoints.htm, Accessed Sep 2008
-
(2008)
Restore Point Forensics
-
-
Bunting, S.1
-
2
-
-
24344434657
-
The Windows Registry as a forensic resource
-
DOI 10.1016/j.diin.2005.07.003, PII S1742287605000587
-
Carvey, H. (2005). "The Windows Registry as a Forensic Resource". Digital Investigation, 2(3), pp201-205 (Pubitemid 41261446)
-
(2005)
Digital Investigation
, vol.2
, Issue.3
, pp. 201-205
-
-
Carvey, H.1
-
3
-
-
84867694895
-
-
URL Accessed Oct 2008
-
Carvey, H. (2006). "Restore Point Forensics". URL http://windowsir.blogspot.com/2006/10/restore-point-forensics.html, Accessed Oct 2008
-
(2006)
Restore Point Forensics
-
-
Carvey, H.1
-
5
-
-
84867707372
-
-
(Ver6.0) URL Accessed: Sep 2008
-
DameWare (Ver6.0). (2008) Dame Ware Development. URL http://www.dameware. com. Accessed: Sep 2008
-
(2008)
Dame Ware Development
-
-
-
6
-
-
84867696285
-
-
(Ver6.8) URL Accessed 28/Mar/2008
-
Encase (Ver6.8) (2008) Guidance Software Digital Investigations URL http://www.guidancesoftware.com/, Accessed 28/Mar/2008.
-
(2008)
Guidance Software Digital Investigations
-
-
-
7
-
-
84867726539
-
-
URL Accessed 19/May/2008
-
ForensicMatter (2008). Forensicmatter.com: Registry Hives. Available at URL http://www.forensicsmatter.com/registry-hives.php, Accessed 19/May/2008.
-
(2008)
Forensicmatter.com: Registry Hives
-
-
-
8
-
-
71549120809
-
-
FTK (Ver1.62.1) URL Accessed 31/Mar/2008
-
FTK (Ver1.62.1) (2008) Access Data, URL http://www.accessdata.com/, Accessed 31/Mar/2008.
-
(2008)
Access Data
-
-
-
9
-
-
33750339777
-
Forensic analysis of System Restore points in Microsoft Windows XP
-
DOI 10.1016/j.diin.2006.08.008, PII S1742287606000971
-
Harms, K. (2006). "Forensic Analysis of System Restore Points in Microsoft Windows XP". Digital Investigation, 3(3), pp151-158 (Pubitemid 44636446)
-
(2006)
Digital Investigation
, vol.3
, Issue.3
, pp. 151-158
-
-
Harms, K.1
-
11
-
-
84867703655
-
-
URL Accessed Oct 2008
-
Microsoft (2007). "Monitored File Extensions". URL http://msdn.microsoft.com/en-us/library/aa378870(VS.85).aspx, Accessed Oct 2008
-
(2007)
Monitored File Extensions
-
-
-
14
-
-
84867696286
-
-
(Ver3.3) URL Accessed Sep 2008
-
RegDiff (Ver3.3). Available at URL http://p-nand-q.com/download/regdiff. html, Accessed Sep 2008
-
RegDiff
-
-
-
15
-
-
72949091618
-
-
URL Accessed: Sep 2008
-
Russinovich, M. "Inside the registry". URL http://technet. microsoft.com/en-gb/library/cc750583.aspx. Accessed: Sep 2008
-
Inside the Registry
-
-
Russinovich, M.1
-
17
-
-
84867707368
-
-
(Ver5.1) URL Accessed Sep 2008
-
Win Diff (Ver5.1) (2001). Microsoft, Available at URL http://www.grigsoft.com/download-windiff.htm, Accessed Sep 2008
-
(2001)
Win Diff
-
-
|