Difference between pages "Paraben" and "Microsoft Office"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(External Links)
 
Line 1: Line 1:
=Paraben=
+
{{expand}}
  
This company offers a wide variety of tools for analyzing disk drives and portable devices like cell phones and PDAs.
+
== EventLogs ==
 +
As of Office 2010 related Office Alerts EventLog:
 +
<pre>
 +
C:\Windows\System32\winevt\Logs\OAlerts.evtx
 +
</pre>
  
 +
== See Also ==
 +
* [[Microsoft Office File formats]]
  
[http://www.paraben-forensics.com/ Paraben website]
+
== External Links ==
 +
* [http://dfstream.blogspot.com/2014/01/ms-excel-2013-last-saved-location.html MS Excel 2013 Last Saved Location Metadata], Jason Hale, January 12, 2014
  
 
+
[[Category:Analysis]]
=Features=
+
 
+
==File Systems Understood==
+
 
+
* Major Windows formats
+
* RAW format
+
 
+
===Email Examiner===
+
 
+
Their tool for searching email ("Email Examiner") can pull apart these files:
+
 
+
* Outlook (PST)
+
* Outlook Express (DBX)
+
* AOL 6,7,8,9 (PFC)
+
* MBox
+
* Eudora
+
* Mozilla Mail
+
* Fox Mail
+
* Juno
+
* Calypso
+
* MSN Mail
+
* USENET newsgroups
+
 
+
 
+
==File Search Facilities==
+
 
+
 
+
 
+
==Historical Reconstruction==
+
 
+
Can it build timelines and search by creation date?
+
 
+
==Searching Abilities==
+
 
+
* With "Text Searcher". Offers complex queries and searching of slack space.
+
* Comes with an index building wizard.
+
 
+
==Hash Databases==
+
 
+
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases?
+
What sort of hash functions does it use?
+
 
+
==Evidence Collection Features==
+
 
+
* Offers a feature called "Case Agent Companion v1.0" for tracking what the case agent does.
+
 
+
=History=
+
+
 
+
==License Notes==
+
 
+
Commercial.
+
 
+
= External Links =
+
 
+
[http://www.paraben-forensics.com/ Paraben website]
+
 
+
==External Reviews==
+

Latest revision as of 16:26, 13 January 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

EventLogs

As of Office 2010 related Office Alerts EventLog:

C:\Windows\System32\winevt\Logs\OAlerts.evtx

See Also

External Links