Difference between pages "Microsoft Security Essentials" and "User:Jadams"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
m (Creating user page for new user.)
 
Line 1: Line 1:
{{Expand}}
+
I work as a investigator in law enforcement and have been involved in computer crimes investigation since 1998 and computer forensics since 2004.
 
+
I also perform mobile device forensics ,been doing that since 2004.
== Quarantine directory ==
+
I used encase.access data,cellebrite,mpe+,devics seizure and secure view as forensics tools
 
+
On Windows XP:
+
<pre>
+
C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Quarantine
+
</pre>
+
 
+
On Windows 7:
+
<pre>
+
C:\ProgramData\Microsoft\Microsoft Antimalware\Quarantine
+
</pre>
+
 
+
== File system cache ==
+
<pre>
+
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin
+
</pre>
+
 
+
<pre>
+
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin
+
</pre>
+
 
+
== External Links ==
+
* [http://windows.microsoft.com/en-us/windows/security-essentials-download Microsoft Security Essentials], by [[Microsoft]]
+
* [http://technet.microsoft.com/en-us/library/hh508836.aspx Endpoint Protection], by [[Microsoft]]
+
 
+
[[Category:Applications]]
+
[[Category:Anti Virus]]
+

Latest revision as of 16:34, 7 July 2014

I work as a investigator in law enforcement and have been involved in computer crimes investigation since 1998 and computer forensics since 2004. I also perform mobile device forensics ,been doing that since 2004. I used encase.access data,cellebrite,mpe+,devics seizure and secure view as forensics tools