LNK or Link files are essentially short cuts to applications, programs, <insert flavor here>, in a Windows OS. These can come from a user (e.g. a desktop shortcut) or the OS itself and can have different implications depending on its inception. Traditionally these files can be found at: C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Recent C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Office\Recent C:\Users\%USERNAME%\Downloads C:\Users\%USERNAME%\Recent C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup C:\ProgramData\Microsoft\Windows\Start… Continue reading LNK Files
Category: Incident Response
svchost.exe
This is the first entry in a project I’m going to do of trying to learn, document, and track my knowledge base. The purpose of these entries will be to have a one-stop shop for me to reference, so that way I’m not trying to store all this information in my head. It seems like… Continue reading svchost.exe