How to use Partition%4DiagnosticParser
In this post, Dimitrios presents how someone can use his Partition%4DiagnosticParser, in order to automatically extract all the available VSNs that reside in "Microsoft-Windows-Partition%4Diagnostic.evtx".
Read MoreHow to use Partition%4DiagnosticParser
Are you sure you extract all the available Volume Serial Numbers (VSNs) that reside in the Windows 10 Event Log “Microsoft-Windows-Partition%4Diagnostic.evtx”?
This time we shall see, how we can utilize windows' event logs in order to locate the VSN of a desired removable device and determine if it changes and when.