Yahoo Messenger Forensics on Windows Vista and Windows 7
Author
Matthew Levendoski, Tejashree Datar, Dr. Marc Rogers
Tech report number
CERIAS TR 2011-11
Abstract
The purpose of this study is to identify several areas of forensic interest within the Yahoo! Messenger application, which are of forensic significance. This study focuses on new areas of interest within the file structure of Windows Vista and Windows 7. One of the main issues with this topic is that little research has been previously conducted on the new Windows platforms. Previously conducted research indicates the evidence found on older file structures, such as Windows XP, as well as outdated versions of Yahoo! Messenger. Several differences were found within the Yahoo Messenger’s registry keys and directory structure on Windows Vista and Windows 7 as compared to Windows XP.
Institution
Purdue University
Key alpha
Levendoski, Datar, Rogers
School
Computer Information Technology
Affiliation
Master Student in Cyber Forensics
Publication Date
2011-10-24