Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Helix Audit Log

    Enviado por

    gerinho69
    27 visualizações2 páginas

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    27 visualizações2 páginas

    Helix Audit Log

    Enviado por

    gerinho69

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 2

    Helix Version: 2009R1

    Helix Started on: 02/11/2010 at 15:05:31


    ===========================================================================
    ----------------- SYSTEM INFORMATION ----------------------Operating System:Windows XP Service Pack 3
    Operating System Version: 5.1.2600
    User Information:
    Owner: Receita Federal do Brasil
    Organization: Ministrio da Fazenda
    Admin: No
    Admin Rights: Yes
    Network Information:
    Host: RF0600100022392
    User: 05253168680
    IP: 10.56.104.88
    NIC: 001a6b652071
    Domain:
    Detected Drives:
    C:\ (Logical drive)
    D:\ (Logical drive)
    E:\ (CD/DVD-ROM drive)
    -----------------------------------------------------------15:05:36 - Helix displayed the System Information page.
    15:05:40 - Helix displayed the Live Acquisition page.
    15:05:49 - Helix displayed the Incident Response page 1.
    15:06:21 - The Windows Forensic Toolchest program was executed with the following options:
    wft.exe -nointeractive -toolpath .. -nowrite -noslow -case "CANCEL" -name "CANCEL" -dst
    D:\Documents and Settings\rogeriost\Meus documentos\
    15:08:04 - Helix displayed the Browse Contents page.
    15:08:15 - Helix displayed the System Information page.
    15:08:17 - Helix displayed the Live Acquisition page.
    15:08:38 - Helix displayed the Incident Response page 2.
    15:09:08 - Helix displayed the Browse Contents page.
    15:09:11 - Helix displayed the Live Acquisition page.
    15:09:23 - Helix displayed the Incident Response page 1.
    15:09:32 - Helix displayed the Incident Response page 2.
    15:09:40 - The file E:\EULA.pdf was chosen for it's MD5 hash.
    15:09:42 - The MD5 hash (2496336ae2f2493ab2e26df901fae931) was calculated for the file:
    E:\EULA.pdf
    15:09:46 - Helix displayed the System Information page.
    15:09:50 - Helix displayed the Live Acquisition page.
    15:09:52 - Helix displayed the Incident Response page 1.
    15:09:54 - Helix displayed the Incident Response page 2.
    15:09:56 - Helix displayed the Incident Response page 3.
    15:09:56 - Helix displayed the Incident Response page 2.
    15:09:57 - Helix displayed the Incident Response page 1.
    15:09:58 - Helix displayed the Incident Response page 2.
    15:10:00 - Helix displayed the Incident Response page 3.
    15:10:06 - Helix displayed the Incident Response page 2.
    15:10:16 - Helix displayed the Incident Response page 3.
    15:10:22 - Helix displayed the Incident Response page 2.

    ###################### INVESTIGATIVE NOTES ################################


    ###########################################################################
    ===========================================================================
    Helix Stopped on: 02/11/2010 at 17:10:18

    Você também pode gostar