0
(0)

The forensics package is a zip archive that contains the following information about device.

Note: The package is available for 14 days and contains the latest archive that has been collected from the device.

Product and system information

basic/product_info.txt
Product version, license, update status, profile settings
basic/settings.txt
Product settings
basic/systeminfo.log
Operating system, hardware profile (memory and disk usage)

Information about firewall rules

firewall/all_profiles.log
Firewall profiles
firewall/all_rules.log
Firewall rules
firewall/wfp_filters.log
Firewall filters

Windows Group Policy settings

gpo/gpo_computer.log
Computer-level Group Policy settings
gpo/gpo_user.log
User-level Group Policy settings

Network status

network/ipconfig.log
Network interface configuration values
network/netstart.log
Started windows services
network/netstat.log
Open network connections
network/netuse.log
All network connections
network/nic.log
Network card information from Windows Registry
network/nslookup.log
Connectivity check (nslookup query) to F-Secure
network/ping_download_sp.log
Connectivity check (ping command) to F-Secure
network/ping.log
Connectivity check (ping command) to F-Secure
network/route.log
IP routing tables

Windows properties and logs

win/apiset_list.log
C runtime dynamic libraries
win/drivers_active.log
Active drivers
win/drivers_inactive.log
Inactive drivers
win/hosts
Hosts file
win/msucrt_list.log
C runtime dynamic libraries
win/msvcrt_list.log
C runtime dynamic libraries
win/process_list.txt
List of running processes
win/scheduled_tasks.log
Scheduled tasks
win/set.log
Set environment variables
win/software.log
Installed software
win/win.ini
Basic windows settings
win/windowsupdates.txt
Installed windows updates
win/eventlog
Windows event logs
win/iexplore
Internet settings from registry
win/registry
Selected registry settings

Source : Official F-Secure Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 7 times, 1 visits today)