An Overview of the Jumplist Configuration File in Windows 7 | Zendy

Harjinder Singh Lallie | Zendy; Parmjit Bains | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

An Overview of the Jumplist Configuration File in Windows 7

Author(s) -

Harjinder Singh Lallie,

Parmjit Bains

Publication year - 2012

Publication title -

the journal of digital forensics, security and law

Language(s) - English

Resource type - Journals

eISSN - 1558-7223

pISSN - 1558-7215

DOI - 10.15394/jdfsl.2012.1110

Subject(s) - timeline , computer science , unix file types , computer file , flat file database , operating system , file format , database , file system , world wide web , stub file , mathematics , statistics

The introduction of Jumplists in Windows 7 was an important feature from a forensic examiners viewpoint. Jumplist configuration files can provide the examiner with a wealth of information relating to file access and in particular: dates/times, Volume GUIDs and unique file object IDs relating to those files. Some of the information in the Jumplist could be used to build a more precise timeline relating to system and file usage. In this article, we analyse the structure of a Jumplist configuration file and in particular a record from a Jumplist configuration file and highlight some of the important entries therein.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research