Windows forensics

In my local environment (many elders with older systems), windows 7 is the most common, as their systems do not support windows 10 - some have clicked the nagging offer when it appeared and reappeared and reappeared, and after having ended up with something that didn't work or they could not manage because it was so different, have had their windows 7 reinstalled.

For now my lab consists of a virtual windows 7 sandbox and a windows 7 physical machine (for binaries that will not run in a virtual machine). I also keep some space reserved and make some notes for the few windows 10 systems in this environment, and I am running ClamAV to catch me some Windows viruses which may have been written for windows 10. Most malware attacks nowadays however, are focused on mobile phones.

  • Last modified: 2018/10/14 11:11