Informática Forense e
Reengenharia
Mestrado em Engenharia de Segurança Informática
Escola Superior de Tecnologia e Gestão
...
FTK Imager

Informática Forense e Reengenharia

Tools
Regdecoderlive (Automated, live acquisition of
registry files)

•

h...
Arranque
Registry (entre outras)
HKEY_LOCAL_MACHINESOFTWAREMicrosoft
WindowsCurrentVersionRun (All Users
Key) or
HKEY_CURR...
Upcoming SlideShare
Loading in …5
×

6. registry

276 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
276
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

6. registry

  1. 1. Informática Forense e Reengenharia Mestrado em Engenharia de Segurança Informática Escola Superior de Tecnologia e Gestão Instituto Politécnico de Beja Francisco Luís Sumário Registry Informática Forense e Reengenharia 1
  2. 2. FTK Imager Informática Forense e Reengenharia Tools Regdecoderlive (Automated, live acquisition of registry files) • http://code.google.com/p/regdecoderlive/ Registrydecoder (Automated Acquisition, Analysis, and Reporting of Registry Contents) • http://code.google.com/p/registrydecoder/ WRR (Windows Registry Recovery) • http://www.mitec.cz/wrr.html Registry Commander • http://aezay.site11.com/aezay/regcmd/index.html Informática Forense e Reengenharia 2
  3. 3. Arranque Registry (entre outras) HKEY_LOCAL_MACHINESOFTWAREMicrosoft WindowsCurrentVersionRun (All Users Key) or HKEY_CURRENT_USERSoftwareMicrosoftWin dowsCurrentVersionRun (Current User Key) Startup Folder Scheduled tasks Informática Forense e Reengenharia Obrigado francisco.m.luis@gmail.com Informática Forense e Reengenharia 3

×