We are not the first ones to analyze this artifact, in pursue of extracting and interpreting its valuable information. The new Partition/Diagnostic event log is found at C:\Windows\System32\winevt\Logs\ Microsoft-Windows-Partition%4Diagnostic.evtx. Authors: Alexandros Vasilaras 1, Evangelos Dragonas 2, Dimitrios Katsoulis 10 introduced a new event log of vital importance for both digital forensic examiners and incident responders.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |