【概要】
- Lightweight, fast, and flexible command line tool.
- Extracts forensic metadata from a Windows prefetch file.
- Analyzes a single prefetch file or a folder containing multiple prefetch files.
- Analyzes prefetch files on a live system for incident responders.
- Dumps prefetch metadata to stdout, TXT, HTML, or XML files.
- Computes MD5 and SHA1 hashes for each prefetch file.
- Self-contained binary – no other dependencies.
- Runs on Windows XP, Vista, 7.
- Documentation is included in the download zip file.
【ツール】
◆PFDump 1.00 (THE MALWARE HUNTERS, 2011/04/19)
http://malware-hunters.net/2011/04/19/introducing-pfdump-forensic-tool/
http://malware-hunters.net/wp-content/downloads/PFDump_V.1.0.0.zip