More Important this labs should be finished by ( 2pm EST United states)

Please logon to your virtual machines you created in your first lab and then in the Windows 10 virtual machine download and install all three of the following digital forensics software:

Autopy: Go to and download version 4.18.0 for Windows

OS Forensics: Go to and download the free trial version of OS Forensics, version 8.0.

FTK: Go to  and download the latest version of FTK Imager.

The following case uses  three different tolls Autopsy, OS Forensics or FTK Imager.

On  09/20/04  , a Dell CPi notebook computer, serial # VLQLW, was found abandoned along with a wireless PCMCIA card and an external homemade 802.11b antennae. It is suspected that this computer was used for hacking purposes, although cannot be tied to a hacking suspect, G=r=e=g S=c=h=a=r=d=t. (The equal signs are just to prevent web crawlers from indexing this name; there are no equal signs in the image files.)  Schardt also goes by the online nickname of “Mr. Evil” and some of his associates have said that he would park his vehicle within range of Wireless Access Points (like Starbucks and other T-Mobile Hotspots) where he would then intercept internet traffic, attempting to get credit card numbers, usernames & passwords.

Find any hacking software, evidence of their use, and any data that might have been generated. Attempt to tie the computer to the suspect, G=r=e=g S=c=h=a=r=d=t.


I need PPT on AUTOPSY for presentation

1. What operating system was used on the computer?
2. When was the install date?
3. What is the timezone settings?
4. Who is the registered owner?
5. What is the computer account name?
6. What is the primary domain name?
7. When was the last recorded computer shutdown date/time?

8. What is the account name of the user who mostly uses the computer?
9. Who was the last user to logon to the computer?

10. A search for the name of “G=r=e=g S=c=h=a=r=d=t” reveals multiple hits. One of these proves that G=r=e=g S=c=h=a=r=d=t is Mr. Evil and is also the administrator of this computer. What file is it? What software program does this file relate to?

11. This same file reports the IP address and MAC address of the computer. What are they?

12. Find 6 installed programs that may be used for hacking.

13. What websites was the victim accessing?
14. Search for the main users web based email address. What is it?
15. Yahoo mail, a popular web based email service, saves copies of the email under what file name?
16. How many executable files are in the recycle bin?
17. Are these files really deleted?
18. How many files are actually reported to be deleted by the file system?

You need to submit a lab report with a title page and each step above labeled and a screenshots with your name for each answer or you will not be given credit. 

Please download all the files into one folder so that you can add the image to your software
Get a 10 % discount on an order above $ 100
Use the following coupon code :