Notifications
Clear all
General (Technical, Procedural, Software, Hardware etc.)
2
Posts
2
Users
0
Reactions
649
Views
Topic starter
21/07/2010 8:13 am
I am interested in dumping the $MFT/NTFS USN Change Journal to a text file, to analyze malware. The only tools I know of that will do so require an image. Does anyone here know of a CL tool that will do so, preferably FOSS (intended for use in a commercial environment)?
Thanks.
21/07/2010 8:27 am
Might want to give MFT Ripper a try.