prefetchkit - A powerful forensics commandline tool for analyzing Microsoft Prefetch files.

prefetchkit – A powerful forensics commandline tool for analyzing Microsoft Prefetch files.

prefetchkit A powerful forensics commandline tool for analyzing and extracting information from Microsoft Prefetch files.

It fully supports the following Prefetch version:
+ Windows XP/2003
+ Windows Vista/7
+ Windows 8/8.1
If partially supports the following Prefetch version: Windows 10.

prefetchkit v1.0.2

Prefetch files (with the .pf or .PF extension) are Windows system files located in C:\WINDOWS\Prefetch\. They help Windows loading executable faster.

prefetchkit is a forensic tool: it extracts information such as the last executable which was run, how many times that executable was run.

With the metrics option, you can see what files are loaded during the loading or the executable. For example, if a user launches Paint on a specific picture, the path to that picture will be stored inside the Prefetch file.

Dependencies:
+ Rustc Language:

Use and Download:

Source: https://github.com/zadlg

Problem Resolve:
error: failed to fetch https://github.com/rust-lang/crates.io-index on windows?