Abstract
The purpose of this study is to identify several areas of forensic interest within the Yahoo! Messenger application, which are of forensic significance. This study focuses on new areas of interest within the file structure of Windows Vista and Windows 7. One of the main issues with this topic is that little research has been previously conducted on the new Windows platforms. Previously conducted research indicates the evidence found on older file structures, such as Windows XP, as well as outdated versions of Yahoo! Messenger. Several differences were found within the Yahoo Messenger’s registry keys and directory structure on Windows Vista and Windows 7 as compared to Windows XP.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AccessData: Registry Quick Find Chart (2005)
Dickson, M.: An examination into Yahoo Messenger 7.0 contact identification: Digital Investigation, vol. 3, pp. 159–165. Elsevier (2006)
Wagner, Lt. (Ret.) S.: PhotoSharing Folder – Yahoo Messenger. In: Encase Message Boards (2007)
Unknown: Yahoo! Messenger Photo Sharing (n.d.)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Levendoski, M., Datar, T., Rogers, M. (2012). Yahoo! Messenger Forensics on Windows Vista and Windows 7. In: Gladyshev, P., Rogers, M.K. (eds) Digital Forensics and Cyber Crime. ICDF2C 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 88. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35515-8_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-35515-8_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35514-1
Online ISBN: 978-3-642-35515-8
eBook Packages: Computer ScienceComputer Science (R0)