MasterShredder
2[H]4U
- Joined
- Jan 3, 2002
- Messages
- 2,998
Okay here's my problem...
We had someone do something to one of the servers at work and when we went in to go look at the Application, Security, and System logs in event viewer, we realized that whoever did the damage, deleted them. Does anyone know if windows caches these logs somewhere else and if there's a utility to retrieve them?
I remember back in the day when we tried to track students' web viewing, they would delete the Internet History, but we just opened up the dat files and found the entire history cached.
Any help would be greatly appreciated! Thanks!
We had someone do something to one of the servers at work and when we went in to go look at the Application, Security, and System logs in event viewer, we realized that whoever did the damage, deleted them. Does anyone know if windows caches these logs somewhere else and if there's a utility to retrieve them?
I remember back in the day when we tried to track students' web viewing, they would delete the Internet History, but we just opened up the dat files and found the entire history cached.
Any help would be greatly appreciated! Thanks!