Re: Desktop files enumerated in windows user.dat?

From: Robert Goto (rgotoat_private)
Date: Thu Apr 25 2002 - 22:11:31 PDT

Next message: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"

Previous message: Troy Larson: "RE: Desktop files enumerated in windows user.dat?"
In reply to: Troy Larson: "RE: Desktop files enumerated in windows user.dat?"
Next in thread: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"
Reply: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Going back to the original thread though......what are these files that are
being enumerated at the end of the file.............
BTW--regdat is a very goood tool.  It is great for offline registry viewing.
----- Original Message -----
From: "Troy Larson" <troyat_private>
To: "Seth Arnold" <sarnoldat_private>; <forensicsat_private>
Sent: Thursday, April 25, 2002 12:39 PM
Subject: RE: Desktop files enumerated in windows user.dat?


> Actually, the Win98 registry editor does not have a straight forward
> means for letting one view the registry files (system.dat, User.dat,
> classes.dat) from other Win 9x/Me machines.  (You can use regidt32 in NT
> to view other NT registries.)  I would suggest a small little program
> called regdat, available at http://people.freenet.de/h.ulbrich/.
>
> >-----Original Message-----
> >From: Seth Arnold [mailto:sarnoldat_private]
> >Sent: Wednesday, April 24, 2002 9:55 AM
> >To: forensicsat_private
> >Subject: Re: Desktop files enumerated in windows user.dat?
>
>
> >On Tue, Apr 23, 2002 at 04:08:15PM -0400, Burnette, Michael wrote:
> >> Is anyone aware of what the file listing at the end of a Windows 98
> >> User.dat is?  When I open the file with a text editor I see the
> >> following (binary removed):
>
> >If I am not mistaken, the Win98 registry editor can view registry files
> from other machines. (Work on a copy. :) Using the registry editor, you
> >could see _where_ in the registry these files were referenced, and that
> might be more useful to you.
>
> -----------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>
>



-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"
Previous message: Troy Larson: "RE: Desktop files enumerated in windows user.dat?"
In reply to: Troy Larson: "RE: Desktop files enumerated in windows user.dat?"
Next in thread: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"
Reply: Seth Arnold: "Re: Desktop files enumerated in windows user.dat?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 19:02:00 PDT