【概要】

• Lightweight, fast, and flexible command line tool.
• Extracts forensic metadata from a Windows prefetch file.
• Analyzes a single prefetch file or a folder containing multiple prefetch files.
• Analyzes prefetch files on a live system for incident responders.
• Dumps prefetch metadata to stdout, TXT, HTML, or XML files.
• Computes MD5 and SHA1 hashes for each prefetch file.
• Self-contained binary – no other dependencies.
• Runs on Windows XP, Vista, 7.
• Documentation is included in the download zip file.

【ツール】

◆PFDump 1.00 (THE MALWARE HUNTERS, 2011/04/19)
http://malware-hunters.net/2011/04/19/introducing-pfdump-forensic-tool/
http://malware-hunters.net/wp-content/downloads/PFDump_V.1.0.0.zip