Notifications
Clear all
07/09/2010 11:26 pm
In response to the OP's question, I thought I would also mention procmon (which was formerly regmon and filemon).
While not a forensic program per se, it has assisted me in some of my research when I've tried determining what files, folders or registry keys are involved when a certain program is run. This is a very helpful tool.
Here's a link to download procmon.
http//
08/09/2010 12:48 am
Good point, crosser. I'm a fan of the whole stable of
Page 4 / 4
Prev