J
jasoneblue554
Hello all,
I have been trying to deny writing on all volumes on my PC using EWF
First, I tried running EWF over the partition of the OS only, and
succeeded to do so
Then, I tried protecting multiple volumes, as explained on MSDN:
opened a new key in the registry :
for C: key:
HKLM\system\CurrentControlSet\Services\efw\Paramters\Volume0 --
values : (REG_DWORD)Type = 1, (REG_SZ)ArcName =
multi(0)disk(0)rdisk(0)partition(1)
for D: key:
HKLM\system\CurrentControlSet\Services\efw\Paramters\Volume1 --
vaules : (REG_DWORD)Type = 1, (REG_SZ)ArcName =
multi(0)disk(0)rdisk(0)partition(2)
after these steps i found that only partition C is protected by the EWF
can someone help me understand what I've been doing wrong, or what more
do i need to do for getting the needed result
I have been trying to deny writing on all volumes on my PC using EWF
First, I tried running EWF over the partition of the OS only, and
succeeded to do so
Then, I tried protecting multiple volumes, as explained on MSDN:
opened a new key in the registry :
for C: key:
HKLM\system\CurrentControlSet\Services\efw\Paramters\Volume0 --
values : (REG_DWORD)Type = 1, (REG_SZ)ArcName =
multi(0)disk(0)rdisk(0)partition(1)
for D: key:
HKLM\system\CurrentControlSet\Services\efw\Paramters\Volume1 --
vaules : (REG_DWORD)Type = 1, (REG_SZ)ArcName =
multi(0)disk(0)rdisk(0)partition(2)
after these steps i found that only partition C is protected by the EWF
can someone help me understand what I've been doing wrong, or what more
do i need to do for getting the needed result