The Windows Registry as a Log File
Tuesday, April 8th, 2008You're probably looking at the title of this blog post and thinking...what? What's he talking about? Well, as an incident analyst (which includes performing forensic examinations), I many times have to attempt to determine user login times, user activity on the system (applications run, files opened or modified), ...