|
Registry Location:
HKCU
Key Location:
\Software\Microsoft\MediaPlayer\Preferences\AddToMRU
Description:
If set to 00, files viewed in media player won't get added to the MRU
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
\SYSTEM\CurrentControlSet\Control\Lsa\DisableDomainCreds
Description:
This setting controls the storage of authentication credentials and .NET passwords on the local system. By disabling this feature, passwords will not be stored.
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
\Software\Microsoft\Office\9.0\Common\General\NoTrack
Description:
If this option is set to 1, windows will not track the amount of time a user holds a document open for editing
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
\Software\Microsoft\Office\[office version]\Outlook\PST\PSTNullFreeOnClose
Description:
If this option is set to 1, outlook 200 & 2002 will permanently erase any deleted information from the PST file by compacting null records
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
\Software\Microsoft\WAB\WAB4\Wab File Name
Description:
This key contains the location of the Windows Address Book (WAB) used with outlook express
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
%SYSTEMROOT%\Prefetch
Description:
On XP, handles boot and application launch prefetching. Prefetch files for application launch contain information regarding path to executeable, etc. Layout.ini file contains a list files used by system defrag utility. On 2K3, only boot prefetching is done, by default.
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
%USERPROFILE%\Start Menu\Programs\Startup
Description:
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
%WINDIR%\Tasks
Description:
Contains files specifying scheduled tasks, submitted via at.exe or Scheduled Tasks Wizard. .job files in this directory with the hidden bit set will not appear in the Scheduled Tasks applet in the Control Panel.
..................................................................................................................................................
Registry Location:
HKLM
Key Location:
\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS
Description:
Contains information regarding whether EFS is enabled
..................................................................................................................................................
Registry Location:
HKCU
Key Location:
\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Description:
List of file types by extension detailing which application is responsible for opening files using that specific extension
..................................................................................................................................................
Triage LHF module reports on this key
|
