Tag Archives: ESE

Windows Reliability Monitor Forensic Artifacts [Updated!]

As a follow up to my earlier post on Reliability Monitor analysis, I have finished updating the ParseRacWmi tool to include the ability to parse the new Wmi.db format used by WIndows 8.1. You can download the tool here (SQL … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment