Home

Once a disk has been read, if is often required to do further analysis.  The following notes are just a few possible tools that could be used to assist analyse certain files and logs.  The ones mentioned are free and are included just because they have been used and seen to be useful.  There is no relationship between CnW and the companies mentioned

LogFileParser - download from  http://code.google.com/p/mft2csv/wiki/LogFileParser

This program will produce a range of .CSV files for the log and User Journal

       It works with files that CnW will recover and called and located as below

• LogFile  typically c:$LogFile

RegRipper

       The program will expand into text files the structure of several system files, such as the registry (NTUSER.DAT)