DFSP # 317 - UserAssist

15/03/2022 17 min

Listen "DFSP # 317 - UserAssist"

Descargar episodio Ver en sitio original

Episode Synopsis

This week it’s back to basics with a Windows artifact for tracking program execution. I’m covering the user assist key which is a mainstay for both live triage and dead box forensics. This artifact is useful for profiling system usage, identifying malware, and general file use and knowledge applications. There are some caveats you need to be aware of and in this episode I’m covering five different experiments to document the effects that different types of user activity had on the artifact. If you want to better understand this artifact and how to work with it stay tuned.

More episodes of the podcast Digital Forensic Survival Podcast

DFSP # 499 Linux top 10 09/09/2025

DFSP # 498 Windows top 10 02/09/2025

DFSP # 497 ticket to ride 26/08/2025

DFSP # 496 Signed, Sealed, Exploited 19/08/2025

DFSP # 495 Corrupted from within 12/08/2025

DFSP # 494 the request is out there 05/08/2025

DFSP # 493 Stop, Share, and Listen 29/07/2025

DFSP # 492 A Bit of TCP 22/07/2025

DFSP # 491 INF-ltration: The Subtle Art of “Fetch and Execute” 15/07/2025

DFSP # 490 Unveiling the USN Journal 08/07/2025

Ver todos los episodios

ZARZA We are Zarza, the prestigious firm behind major projects in information technology.

DFSP # 317 - UserAssist

Listen "DFSP # 317 - UserAssist"

Episode Synopsis

More episodes of the podcast Digital Forensic Survival Podcast

Internet as human right and its scope

Dot COM: The Internet’s dominant TLD

Bandwidth: Broadband or Narrowband?

Personnel recruitment via Web

Deep web or Invisible Internet

Subdomains, a glance with the experts!

Free Internet, a prediction in Nostradamus style

Educational Technology: From traditional to digital

Localhost, there’s no place like 127.0.0.1

Googling with breathtaking tricks you ignore

Gray Hat Hacking, those with ambiguous ethics…

Internet Predators on the prowl

Dot COM: The Internet’s dominant TLD