Difference between pages "Windows Vista" and "Microsoft Office"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Prefetch)
 
(External Links)
 
Line 1: Line 1:
== New Features ==
+
{{expand}}
* [[BitLocker Disk Encryption | BitLocker]]
+
* [[Windows Desktop Search | Search]] integrated in operating system
+
* [[ReadyBoost]]
+
* [[SuperFetch]]
+
* [[NTFS|Transactional NTFS (TxF)]]
+
* [[Windows NT Registry File (REGF)|Transactional Registry (TxR)]]
+
* [[Windows Shadow Volumes|Shadow Volumes]]; the volume-based storage of the Volume Shadow Copy data
+
* $Recycle.Bin
+
* [[Windows XML Event Log (EVTX)]]
+
* [[User Account Control (UAC)]]
+
  
== File System ==  
+
== EventLogs ==
The file system used by Windows Vista is primarily [[NTFS]].
+
As of Office 2010 related Office Alerts EventLog:
 
+
<pre>
In Windows Vista, NTFS no longer tracks the Last Access time of a file by default. This feature can be enabled by setting the NtfsDisableLastAccessUpdate value to '0' in the Registry key:
+
C:\Windows\System32\winevt\Logs\OAlerts.evtx
<pre>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem</pre>
+
</pre>
 
+
Note that this feature has been around since as early as Windows 2000 [http://technet.microsoft.com/en-us/library/cc959914.aspx].
+
 
+
== Prefetch ==
+
Note that the prefetch hash function is different then that of [[Windows XP]].
+
 
+
The [[Windows Prefetch File Format]] was changed to version 23.
+
 
+
== Registry ==
+
The [[Windows_Registry|Windows Registry]] remains a central component of the Windows Vista operating system.
+
  
 
== See Also ==
 
== See Also ==
* [[Windows]]
+
* [[Microsoft Office File formats]]
* [[Windows 7]]
+
* [[Windows 8]]
+
  
 
== External Links ==
 
== External Links ==
* [https://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf Windows Vista Network Attack Surface Analysis], James Hoagland, Matt Conover, Tim Newsham, Ollie Whitehouse
+
* [http://dfstream.blogspot.com/2014/01/ms-excel-2013-last-saved-location.html MS Excel 2013 Last Saved Location Metadata], Jason Hale, January 12, 2014
  
[[Category:Operating systems]]
+
[[Category:Analysis]]

Revision as of 16:26, 13 January 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

EventLogs

As of Office 2010 related Office Alerts EventLog:

C:\Windows\System32\winevt\Logs\OAlerts.evtx

See Also

External Links