Any log files from an instant messenger service used may hold critical evidence as it did in this claim. AOL messenger was the one used by the people in this claim the evidence was the messenger logs. The AppData, Documents and Settings folder, or Program files is where the log history files can be found. The way that the files are found is by going to the windows registry and applications and then analyzing the application files found there. The data is then drawn from them. The correct format is required because there are diverse formats for every source file. There are also different tools that can be used to extract the information. MSN messenger uses XML format, for example. There are quite a few different methods for extracting data. There are also many ways that criminals can make extracting data more difficult for investigators. Some examples of how to slow down this process include:
• You can change the default location in the history