Notifications

Clear all

Window Forensics

General (Technical, Procedural, Software, Hardware etc.)

Last Post by p38cyq 4 years ago

4 Posts

3 Users

0 Reactions

1,895 Views

RSS

muzlee101

(@muzlee101)

New Member

Joined: 5 years ago

Posts: 2

Topic starter 30/09/2021 7:59 am

Hi, Any body please guide me where to track the date/time change information of window machine. what specific files record the event of date change in registry and event logs. please guide step by step.

Quote

p38cyq

(@p38cyq)

Trusted Member

Joined: 14 years ago

Posts: 44

31/10/2021 2:46 pm

You should familiarize yourself with the Windows Logbooks.

ReplyQuote

Lautarob

(@lautarob)

Active Member

Joined: 9 years ago

Posts: 3

04/11/2021 1:50 pm

@p38cyq Hello, what you you mean by "Windows Logbooks"?. Are you referring to the logs stored under Windows\System32\Logs; the ones under Windows\System32\LogFiles or what else?

Thanks!

ReplyQuote

p38cyq

(@p38cyq)

Trusted Member

Joined: 14 years ago

Posts: 44

07/11/2021 11:50 am

In the searchbox, lower left on your screen, type "eventvwr.msc"

ReplyQuote

Article: The Balance Between Digital Forensic Examiners And Digital Evidence Technicians: Expertise Vs. Efficiency

Can digital forensic labs cut backlogs without cutting ...

By Zoe , 8 hours ago
Prefetch Question

Hello All, I have a question regarding Windows prefet...

By Forensic_Tester , 15 hours ago
Webinar: Collaborative Forensics: Overcoming Challenges In Multi-Jurisdictional Investigations

Discover expert strategies for cross-border investigati...

By Zoe , 1 week ago

Share:

8 Forums
15.7 K Topics
92.3 K Posts
159 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed