53 MB
( 12:25)
Проверено 18:04

WinPrefetchView - небольшая бесплатная программа, которая сканирует папку Prefetch, в которой хранится информация о файлах трассировки. При запуске приложений операционная система создает Prefetch файл, который используется для оптимизации времени загрузки приложения при следующем запуске. С помощью программы можно выяснить какие файлы использует каждое приложение, а также какие файлы загружаются при старте операционной системы Windows.

WinPrefetchView is a system utility that can help to advise what files are being prefetched when an application is accessed. The software lists out the main files and applications being accessed and when clicking on one, the viewer below shows all the prefetched files associated with the above file. The utility can make it clear not only what files are associated with different applications and may therefore have a dependent relationship, but also what files are used when booting Windows up. Most useful for application developers and administrators trying to troubleshoot issues with Windows bootup, but potentially can also be useful to examine files infected with viruses. WinPrefetchView is a tool to see what files are being prefetched when an application is first loaded up.

나는 너가 지난 밤에 실행한 프로그램을 알고 있다. Part II [Prefetch/실행흔적분석/침해사고분석]:

Should I remove WinPrefetchView? What percent of users and experts removed it? Overall Sentiment. What do people think about it? How common is it? Versions Version Distribution 1. Each time that you run an application in your system, a Prefetch file which contains information about the files loaded by the application is created by Windows operating system. The information in the Prefetch file is used for optimizing the loading time of the application in the next time that you run it.

SANS SIFT - Prefetch file Analysis:

Welcome to the Surviving Digital Forensics series. This class is focused on helping you become a better computer forensic examiner by understanding how to use Windows Prefetch data to prove file use and knowledge - all in about one hour. As with previous SDF classes you will learn by doing. Expert and novice computer forensic examiners alike will gain from this class. Since we are doing it the SDF way we are going to teach you real computer forensic skills that you can apply using our method or with any forensic tool you choose. Therefore you are not just going to learn about the Windows prefetch but you will learn a method you can use to answer questions that may come up in the future. Regularly instruct law enforcement, government and corporate investigators both nationally and internationally in computer forensics.

Tutorial Cheats CMD By Kaitao / WinPrefetchView / TutorialSS #2:

WinPrefetchView можно запустить приложение в системе, файл Prefetch, который содержит информацию о файлах, загружаемых приложения, созданного в операционной системе Windows. Информация в файле Prefetch используется для оптимизации времени загрузки приложения в следующий раз, когда вы запускаете его. WinPrefetchView это небольшая утилита, которая читает файлы, сохраненные Prefetch в вашей системе и отображения информации, хранящейся в них. Глядя в эти файлы, вы можете узнать, какие файлы каждое приложение использует, и какие файлы загружаются при загрузке ОС Windows. Главная Windows WinPrefetchView. Поиск по категориям.

Рекомендуем ознакомиться: