• Home
• La Empresa
• Forense Digital
• Recuperacion de Datos
• Seguridad Informatica
• Entrenamiento
• Noticias/News
• Contactenos
• eafit16
• emeaintelligence2012

• Productos Forense Digital
  • DIGITAL INTELLIGENCE
    • Forensic Hardware
      • Forensic Systems
        • Freddie
        • Fred sc
        • Fred And Fred DX
        • Fred SR
        • Fred l
        • Ufred
        • Fredm
      • Forensic Devices
        • Fannie
        • Super Chief
        • Rack A Tacc Decryption
        • Tacc1441 Acelerator
        • Forensic Duplicator
        • Hardcopy 3
        • Hardcopy 2
        • Shadow 2
      • Forensic Write Blockers
        • Ultrakit
        • UB Esata IDE /SATA (RO)
        • UB Esata IDE /SATA (RW)
        • Ultrablock SAS (RO)
        • Ultrablock IDE/SATA (RW)
        • Ultrablock SCSI (RO)
        • Firewire Write Blocker
        • USB Write Blocker
        • Forensic Media Card Reader
      • Accessories
        • Multidrive Adapter
        • Zif Adapter
        • 1.8" Hard Drive Enclosure
        • 2.5" USB3 Sata HD Enclosure
        • 3.5"/2.5" Hard Drive Enclosure
        • Modular Storage System
        • Forensic Archive And Restore
        • Microsata Adapter
        • SATA To IDE Adapter
        • IDE To SATA Adapter
        • USB3 PCIe Controller
        • USB3 External Hub
        • Expresscard USB3 Adapter
        • Expresscard Esata Adapter
        • Expresscard Firewire Adapter
        • 2.5" Laptop HD Adapter
        • 1.8"Laptop HD Adapter
        • Laptop HD Adapter Set
        • SCSI3 To SCSI2 Adapter
        • SCSI3 To SCA Adapter
        • SCSI Adapter Kit
        • Firefly/UB Power Supply Kit
        • Travel Plug Adapter
        • Sata Hard Drive Tray
        • IDE Hard Drive Tray
        • Firewire Cable 9-6 Pin
        • Firewire Cable 9-9 Pin
    • Forensic Software
      • DI Software
        • Drivespy
        • Image
        • Part
        • PD Block
        • PD Wipe
      • Accessdata
        • Forensic Toolkit 3.0
        • Pasword Recovery Toolkit
      • Paraben Forensic Tools
        • Forensic Replicator
        • Chat Examiner
        • Network Email Examiner
        • Email Examiner
        • Device Seizure
      • Hot Papper Technology
        • Email Detective
      • Stepanet Datalifter
        • Forensicware Solution
        • V2.0 Whit File Extractor Pro
        • Net Bonus Tools
        • File Extractor Pro
    • Forensic Training
      • Computer Forensic With Fred
      • Encase Advanced
      • CFFAD
      • CFFXP
      • CFFEN
      • Mobile Devices Forensic
      • Farm
      • Cell Phone Analysis
      • Computer Forensic Essentials
      • Fire
    • Forensic Services
  • PASSWARE
    • Forensic Solutions
      • Passware Kit Forensic
      • Subscription
      • Encryption Analyzer
      • Search Index Examiner
  • PARABEN
    • Products
      • Enterprise Forensics
        • P2 Enterprise
        • P2 ShuttlePro
        • P2 Shuttle Free
      • Mobile Forensics
        • Device Seizure
        • Device Seizure Fiel Kit
        • Deployable Fiel Kit
        • DDS (Deployable Devices Seizure)
        • DS Box
        • Sim Card Seizure
        • Stronghold Bag
        • Stronghold Box
        • Project A Phone
      • Hard Drive Forensics
        • P2 Commander
        • Deployable P2 Commander
        • Email Examiner
        • Network Email Examiner
        • P2 Explorer Pro
        • Forensic Replicator
        • Chat Examiner
        • Passware Kit Forensic
        • Parabens Lockdown
      • Consumer Tools
        • Irecovery Stick
        • Porn Detection Stick
        • Chat Stick
        • Possport Stronghold
        • Simcon
      • Free Software
        • P2 Shuttle Free
        • P2 Explorer Free
        • Link2
      • Bundles
        • P2 Command Kit
        • Devices Seizure Command Kit
        • Device Seizure Fiel Kit
        • Handheld Training Bondle
        • Mobile Lab Kit
    • Services
      • Cell Phone Forensic Consulting
      • Computer Forensic Consulting
      • Expert Testimony
    • Training
      • Cell Phone Forensic Training (PCME)
        • Mobile Level1
        • Mobile Level 2
        • Mobile Level 3
        • PCme Certification
      • P2 Commander Training (PCFE)
        • INTO TO P2 COMMANDER LEVEL 1
        • ADVANCE P2 COMMANDER LEVEL 2
        • PCFE CERTIFICATION LEVEL 3
      • Training Centers
      • Free Webinars
  • MILLE2
    • Training Options
      • live online security training
      • classroom based
      • self paced CBTS
      • Study kits
      • Customized Training
      • Trainig Brochure
    • Courses
      • Back
      • wireless security
        • CWSEngineer
      • Course shedule
      • Course Pricing
      • Guaranteed To Run Classes
      • General Security
        • c) Isso
        • Cissp
        • Cap
        • Sans GSLC-C) SLO
        • Sans Top 20 Security Controls
        • Social Engeneering
        • Security Eseential
        • Security Essentias
        • Iscap
        • Cihe
      • Pen Testing Ethical Hacking
        • Pen Testing Boot Camp
        • C)PTE
        • C)PTC
        • C)PEH
        • Certifield Ethical Hacker
      • Digital Forensics
        • C)DFE-CHFI
      • Other Security Titles
        • ITILv3
        • CISA-info Sys Auditor
    • Secure Coding y Web Apps
      • Secure Web App Engineer
      • C) SCE
    • Disaster Recovery
  • TABLEAU
    • Products
      • Duplicators
      • Forensic Bidges
      • Modular Storage Sistems
      • Hardware Accelerators
      • Sotfware
      • Power Supplies
      • drive adapters
      • Acquisition Accessories
      • Cables y Cables Adapter
  • BELKASOFT
    • Products
      • Belkasoft Evidence Center
        • Features
        • Installation instruction
      • Belkasoft Forensic Studio
        • Features
      • Belkasoft Forensic im Analyzer
        • features
      • Belkasoft Forensic Carver
        • Features
      • Belkasoft Mail Analyzer
        • features
      • Belkasoft Browser Analyzer
        • analyzer
      • Belkasaoft Skype Analyzer
        • features
      • Belkasoft ICQ Analyzer
        • features
      • Belkasoft qq Analyzer
        • features
      • Belkasoft icq History Extractor
      • Belkasoft Popup Suppresser
      • Belkasoft Removex
  • SARC
    • About Steganography
    • Product
      • StegAlizerAS-Steganography Analyzer Artifact Scanner
      • StegAlizerSS-Steganography Analyzer Signature Scanner
      • StegAlizerRTS-Steganography Analyzer Real-Time Scanner
      • Steganography Detection Policy for fidelis XPS
      • Custom Steganalysis Solutions
    • Training
      • Certifield Steganography Examiner Training
  • MUSHROOM
    • Solutions
      • Enterprise
      • Small Business
      • Broadcasting
      • Internet Data Centers
      • School & NPOs
      • Apartments
      • LECs & ISPs
    • Product
      • Truffle 5201G
      • Truffle 6401
      • Porcini 4422
      • Portabella 2242
      • Portabella 141
      • Teleporter
      • Virtual Leased Line
      • Broadband Bonding Service
    • Technology
      • Overview
      • Truffle BBNA
  • X-WAYS
    • Producto
      • X-ways Forensics
      • X-ways Investigator
      • WinHex
      • X-ways Capture
      • X-ways Trace
      • Davory
      • X-ways Security
  • D-FLABS
    • Solutions & Products
      • PTK Forensics
      • Incman-Incident management Suite
      • Dflog-log Management
  • WETSTONE
    • Product
      • Advanced Threat Identification (ATI)
      • G-FLASH
      • Gargoyle Investigator Forensic Pro
      • Gargoyle Investigator Enterprise Module (GEM)
      • Gargoyle Investigator Windows Forensic Edition (G-FE)
      • ¡FOSSIL
      • Sovereign Time
      • Stego Suite
      • US-LATT
  • FERNICO
    • Product
      • Far ProX Blu-ray
        • Overview
        • Technical Data
        • Options
      • Far ProX DVD
        • Overview
        • Technical Data
        • Options
      • Far ProX Imager
        • Overview
        • Technical Data
        • Options
      • Far LE
        • Overview
        • Technical Data
        • Options
      • ZRT 2 HD
        • Overview
        • Software
        • Options
        • Accesories
        • Upgrade Form
      • ZRT 2
        • Overview
        • Software
        • Options
        • Accesories
        • Upgrade Form
      • ZRT 2 Accesories
      • ERT
        • Overview
        • Software
        • Options
      • Phone View
      • Tomtology
  • PROJECTPHONE
    • products
      • Overview
      • Screenview
      • Snap
      • ICD_5200
      • ICD-1300
  • ADF SOLUTIONS
    • Products
      • Triage-Examiner
      • Triage-Investigator
      • Triage-G2
      • ADF-Triage Kit
      • Technologies
        • Capture Pak
        • Searchpak
        • ActivitySensor
        • Visual Search
  • CLEARWELL
    • products
      • Identification & Collection
      • Processing Search & Analysis
      • Review & Production
      • Case Management & Reporting
      • Clearwell
  • COGNITECH
    • Product
      • TRI-Suite11
        • Video Investigator
        • VideoActive
        • AutoMeasure
      • Forensic Acquisition
      • Goverment Applications
      • PIXL2GPS
      • Video Mobile Desktop Resplacement Supercomputer
  • ELCOMSOFT
    • Products
      • Elcomsoft Password Recovery Bundle
      • Elcomsoft Wireless Security Auditor
      • Elcomsoft Distributed Password Recovery
      • Elcomsoft Internet Password Breaker
      • Advance Archive Password Recovery
      • Advance Office Password Recovery
      • Advance Office Password Breaker
      • Advance PDF Password Recovery
      • Advance SQL Password Recovery
      • Advance Wordperfect Office Password Recovery
      • Advance Lotus Password Recovery
      • Advance Intuit Password Recovery
      • Advance Sage Password Recovery
      • Advance Mailbox Password Recovery
      • Advance IM Password Recovery
      • Advance VBA Password Recovery
      • Lightning Hash Cracker
      • Elcomsoft Phone Password Breaker
      • Elcomsoft Wireless Security Auditor
      • Proactive Password Auditor
      • Proactive System Password Recovery
      • Advance EFS Data Recovery
  • ACRONIS
    • products
      • Acronis Backup & Recovery
      • Acronis® Backup & Recovery™ 10 Online
      • Acronis® Backup & Recovery™ 10
      • Advanced Server Virtual Edition
      • Server for Windows
      • Server for Linux
      • 10 Advanced Server SBS Edition
      • Advanced Workstation
      • Workstation
      • Disk Director 11 Advanced Server
      • Home & Home Office
    • Home And Home Office
      • True Image Home 2011
      • Home 2011 Netbook Edition
      • Disk Director® 11 Home
      • Backup and Security™ 2011
      • Online Backup
      • AntiVirus 2010
      • Drive Monitor™
      • Migrate Easy 7.0
  • ACE LABORATORY
  • DECISION GROUP
    • Product
      • E-Detective
      • Wireless-Detective
      • E-Detective Decoding Centre (EDDC)
      • HTTPS/SSL Network Packet Forencics Device
      • Voip-Detective
      • Network Investigation Toolkit (NIT)
      • Network Packet Forensics Analysis Training (NPFAT)
      • Forensics Investigation Toolkit (FIT)
  • DIGITAL ASSEMBLY
    • Product
  • DT SEARCH
    • Product
      • Desktop With Spider
      • Netwwork With Spider
      • Publish (Portable Media)
      • Web With Spider
      • Engine For Linux
      • Engine For Win & Net
  • MOBILEDIT
    • Product
      • MOBILedit
      • MOBILedit ForenSic
      • Cables Kit
      • Phone copiar
      • COM Components
      • SyncML Server
  • HOT PEPPER
    • Product
      • E-Mail Detective-Forensic Software Tool
      • eChat Locker
      • 9501 Iridium Pager
      • 9501 Iridium/sp-66k-Pager Utility
        • General
        • Service
        • Developer
      • 9501 Iridium Pager Programmer-PPS
      • 9501 Iridium Pager Message Notification
  • NETWITNESS
    • Product
      • Spectrum
      • Visualize
      • Live
      • Informer
      • Investigator
      • SiemLink
      • API/SDK
      • NextGen Infrastructure
      • Decoder
      • Concentrator & Brocker
      • Investigator Freeware
• Servicios Forense Digital

Belkasoft Forensic Carver Features

Retrieve deleted history fragments
You have a seized hard drive or a hard drive image. You would like to extract some information from it, like chats, emails or browser history. However, all the information has been deleted and your file recovery tools do not help you.

In this case, Belkasoft Forensic Carver can help you retrieve information which is still on drive. Even if the information has been deleted, some fragments are still there, and it is possible to recover them when file recovery tools are helpless.

Live memory investigation
The worst case is when a user has chosen not to store any history, which is possible in the most Instant Messengers, and their hard drive does not contain either whole history files or history fragments. What can be done?

The only way to retrieve information in this case is to analyze active computer memory (RAM). If a seized computer was switched on, its memory could contain some parts of conversations or browsing history made by a suspect just before. You can create a memory dump using the windd tool or FTK Imager and then analyze this dump using Belkasoft Forensic Carver.
  

Supported information types
The tool is able to search and extract the following information.

Deleted history extraction:

•Skype 3
•Skype 4, 5
•Digsby
•ICQ Lite
•ICQ 7
•Miranda IM
•Windows Live Messenger
•QIP Infium/2010
•SIM
•AIM
•Virtus
•Pidgin
•Trillian
•Mail.ru Agent 5
•Gajim
•Emesene
•Yahoo! Messenger
•Internet Explorer
•Firefox 3
Live memory extraction (Pro version only):

•AIM
•AIM Express
•ICQ 7
•Yahoo! Messenger
•Skype
•Gmail
•MSN
•Meebo
•Google Talk
•Facebook (personal messages)
•Vkontakte.ru (personal messages)
•Ya-Online
•eBuddy
•MySpace IM
Supported image types
The tools supports Encase images (E01), SMART (S01) images, DD images and windd RAM images.

Export history
After completing your investigation you need to export history of interest in a readable format. The product allows you to export history to plain text, HTML and XML.

Difference between Standard and Professional versions
The Standard version supports only hard drive and hard drive images analysis. The Professional version also supports Live RAM investigation.

The Professional version allows user to specify a set of custom signatures to look for (using header-footer method).

Release status
Please note that the current release status is "public Beta version". Although 1.01 Beta version is available to try and purchase, it may contain some bugs or inconveniences. We kindly ask you to let us know about all the problems you have with this software. This will help us to improve the product and to release a final bug-free version.