Tag Archives: ParseRACWMI

Windows Reliability Monitor Forensic Artifacts [Updated!]

As a follow up to my earlier post on Reliability Monitor analysis, I have finished updating the ParseRacWmi tool to include the ability to parse the new Wmi.db format used by WIndows 8.1. You can download the tool here (SQL … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment

Windows 7 Reliability Monitor Forensic Artifacts

The ParseRacWmi tool mentioned here has been updated! See this post for more information. ————————————- The Windows Reliability Monitor is a tool that runs by default on all editions of Windows 7 and 8, as well as Vista and Server … Continue reading

Posted in Uncategorized | Tagged , | 3 Comments