RE: [Vol-users] searching registries - Thank You All

Date: Tue, 15 May 2012 21:48:50 -0500 Subject: Re: [Vol-users] searching registries From: atcuno(a)gmail.com To: jamie.levy(a)gmail.com CC: dragonforen(a)hotmail.com; vol-users-bounces(a)volatilityfoundation.org; hiddenillusion(a)gmail.com; vol-users(a)volatilityfoundation.org Registry Decoder will definitely do what you want. Just process the hives in it, and then you can a search (either standard or with wildcards) and you can limit to just keys, names, or values, and you can also filter by last write time. You will immediately get tabs generated for all the hits, and then you can get them automatically reported into a number of formats. For more information, please see the instructions file in the downloads section of the website. On Tue, May 15, 2012 at 9:23 PM, Jamie Levy <jamie.levy(a)gmail.com> wrote: > I think Registry Decoder would be useful for you: > > http://www.digitalforensicssolutions.com/registrydecoder/ > > > > -----Original Message----- > From: Mike Lambert <dragonforen(a)hotmail.com> > Sender: vol-users-bounces(a)volatilityfoundation.org > Date: Tue, 15 May 2012 20:31:17 > To: <hiddenillusion(a)gmail.com> > Cc: Volatility List<vol-users(a)volatilityfoundation.org> > Subject: RE: [Vol-users] searching registries > > _______________________________________________ > Vol-users mailing list > Vol-users(a)volatilityfoundation.org > http://lists.volatilityfoundation.org/mailman/listinfo/vol-users > > > _______________________________________________ > Vol-users mailing list > Vol-users(a)volatilityfoundation.org > http://lists.volatilityfoundation.org/mailman/listinfo/vol-users