Forensic Report

A log of all actions taken

The forensic report is a feature that is part of the Forensic log option. It is designed to track all actions taken with the disk, explaination of errors, and also verification tests taken.

It is a new feature of V2.14 and will be developed considerably over the next few versions. The current version just tracks some of the initial media tests. Later reports will include reasons for directory stubs not being detected, often due to overwriting. etc.

forensic_report_small

 

The log starts with results with from the wizard initial validation of the drive. This may indicate physical errors, or logical errors on the disk.

 

Once copying and recovery of files is started any action that may affect the data, or file being recovered is logged. The most common ones are where a directory path cannot be resolved, or when a FAT32 disk has had to search for a deleted file, based on file signature.

 

The export button will export the file as a .CSV file, along with normal file listing
[CnW Recovery] [Downloads] [User Manual] [What will it do?] [Product Details] [Purchase Now] [Forensic Tools] [NTFS Forensic] [Unallocated Data] [Data carving] [Forensic CD] [Overwritten] [Raw disk analysis] [JPG Size] [Forensic Report] [FAQ] [Case Studies] [Technical Notes] [Updates] [Development] [Site Map] [About us] [Contact Us]