Difference between revisions of "User Account Control (UAC)"

From ForensicsWiki
Jump to: navigation, search
(EventLogs)
Line 8: Line 8:
 
Related EventLogs:
 
Related EventLogs:
 
<pre>
 
<pre>
Microsoft-Windows-UAC%4Operational.evtx
+
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx
Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx  
+
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx  
 
</pre>
 
</pre>
  

Revision as of 17:08, 24 October 2012

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

User Account Control (UAC) is a Windows sub-system introduced in Windows Vista that limits application software to standard user privileges until an administrator authorizes an increase or elevation.

The file virtualization part of UAC is also referred to as LUA.

EventLogs

Related EventLogs:

C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx 

External Links