Home 0P3N Blog Windows Prefetch Forensics
Ready to Start Your Career?
Create Free Account
By: Charanjeet Singh
December 20, 2016

Windows Prefetch Forensics

By: Charanjeet Singh
December 20, 2016
By: Charanjeet Singh
December 20, 2016
matrix-1027571_1280Windows prefetch file system has an important place in cyber forensics. The prefetch system was implemented in order to improve the performance of the windows operating system. It prefetches the program into the system memory before the user actually uses it. In this way, it makes the whole process faster. The windows prefetch system helps us a lot in cyber forensics. It gives us information about the programs that have been run on the system, the last time the program was used, how many times it has been used and the path were the exe file is located. For example, let us assume that the suspect has used any prohibited software or program on the system. With the help of prefetch system, we can find out whether the suspect has actually used that particular program or software or not. Let us see its practical in the video below:
Request Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry