[Vol-users] searching registries

Andrew Case atcuno at gmail.com
Tue May 15 21:48:50 CDT 2012


Registry Decoder will definitely do what you want. Just process the
hives in it, and then you can a search (either standard or with
wildcards) and you can limit to just keys, names, or values, and you
can also filter by last write time. You will immediately get tabs
generated for all the hits, and then you can get them automatically
reported into a number of formats. For more information, please see
the instructions file in the downloads section of the website.

On Tue, May 15, 2012 at 9:23 PM, Jamie Levy <jamie.levy at gmail.com> wrote:
> I think Registry Decoder would be useful for you:
>
> http://www.digitalforensicssolutions.com/registrydecoder/
>
>
>
> -----Original Message-----
> From: Mike Lambert <dragonforen at hotmail.com>
> Sender: vol-users-bounces at volatilityfoundation.org
> Date: Tue, 15 May 2012 20:31:17
> To: <hiddenillusion at gmail.com>
> Cc: Volatility List<vol-users at volatilityfoundation.org>
> Subject: RE: [Vol-users] searching registries
>
> _______________________________________________
> Vol-users mailing list
> Vol-users at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
>
>
> _______________________________________________
> Vol-users mailing list
> Vol-users at volatilityfoundation.org
> http://lists.volatilityfoundation.org/mailman/listinfo/vol-users


More information about the Vol-users mailing list