a simple utilitiy which is fine to look inside others people computers


ourtools
Back to our tools


by TWD, 4 October 1998
Courtesy of reverser's pages of reverse engineering


Hi Reverser,

I wrote a simple utility (applog.zip: 121 Kb) which is fine to look 
inside others people computers.

It works that way : "Tell what programs you use and I tell you who you
are ...".

Some time ago I was searching for a program on my hard disk and I used
the searching function included in my OS (Win98) (at the task bar).

I didn't only found the program, but I also found a file in my 
"Win98/App Log" with extension .lgc

I took a deeper look inside this directory (which has the hidden
attribute) and found a file called applog.ind .
After a lot of analyzing I could write a tool, which does all the work
for you.
There are some interesting information stored, e.g. the total number of
runs for this program, the location, and for every executed file there 
is protocol, which tracks all the disk accesses.

Wondering if anyone else had found this bunch of data storage, I made a
search in the Internet and I found out that these stuff is used by 
Defrag to arrange the files in the best order (according to
access speed).

Nevertheless, it's an incredible source of information about the
behavior of the computer user.
Heavy use of IDAW of W32DASM in combination with other suspect programs
will let the most people get to a simple conclusion (about the user).

But this works only with Win98. If you are interested in more facts
(file structure, etc.) then tell me.
I will soon create a new version, which can read the .lgc files.

Try it and tell me about the results...

Bye till next time

	TWD


-- 
                  i don't stunt i regulate

take a hit to http://twdrulez.home.ml.org (censored)
    
         TWD RuleZ     

ourtools
Back to our tools

redhomepage red links red anonymity +ORC redstudents' essays redacademy database redbots wars
redantismut redtools redcocktails redjavascript wars redsearch_forms redmail_reverser
redIs reverse engineering legal?