|
Registry Location:
SYSTEM
Key Location:
\ControlSet001\Control\TimeZoneInformation
Description:
Handles the systems timezone
..................................................................................................................................................
Registry Location:
SYSTEM
Key Location:
\ControlSet001\Control\Windows
Description:
Holds the last shutdown time in 64 bit little endian
..................................................................................................................................................
Registry Location:
SYSTEM
Key Location:
\MountedDevices
Description:
Contains a list of mounted devices
..................................................................................................................................................
Registry Location:
SYSTEM
Key Location:
\ControlSet001\Enum\USBSTOR
Description:
Contains a list of mounted usb storage devices setupapi.log file.
..................................................................................................................................................
Registry Location:
SYSTEM
Key Location:
SOFTWARE\Microsoft\Windows NT\CurrentVersion
Description:
Contains version & registration information for windows
..................................................................................................................................................
Registry Location:
SYSTEM
Key Location:
System\ControlSetX\Enum\IDE
Description:
Gives information on various IDE drives (CD, hard drives), what the model was and what order it was installed on the system - UINumber:
Specifies a number associated with the device that can be displayed in
the user interface.
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Description:
Controls whether the system clears the cache file at shutdown
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
E\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
Description:
E\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
\SYSTEM\CurrentControlSet\Services\Atapi\Parameters
Description:
Controls whether 48 bit LBA is enabled
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
E\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\KeepRasConnections
Description:
Controls whether remote connections are maintained instead of disconnected when a user logs off a workstation
..................................................................................................................................................
Triage LHF module reports on this key
|
