- #PRODISCOVER BASIC SUPPORT DCO INSTALL#
- #PRODISCOVER BASIC SUPPORT DCO MANUAL#
- #PRODISCOVER BASIC SUPPORT DCO SOFTWARE#
- #PRODISCOVER BASIC SUPPORT DCO CODE#
Determine your operating system and version. Locate your product authorization number from the front of the quick start guide. Before contacting technical support, users should prepare to provide the following information. 703 First Street Coronado, California, USA Telephone: (619) Fax: (619) World Wide Web: Office Hours: Monday to Friday 9 am to 5 pm Pacific Standard Time Sales Phone: (888) International (including Canada): (619) Fax: (619) IIĤ Technical Support Technical support for ProDiscover is provided to all registered customers via a variety of means. Corporate Headquarters Address: Technology Pathways, LLC. Company names and dates used in examples herein are fictitious unless noted otherwise. All other brand and product names are trademarks or registered marks of their respective holders. These and other graphics, logos, service marks, and trademarks of Technology Pathways, LLC may not be used without prior written consent of Technology Pathways, LLC. Trademarks ProDiscover is a registered trademark of Technology Pathways, LLC. assumes no responsibility for the consequences or any errors or inaccuracies in this manual. It should not be construed as a commitment, representation or warranty regarding the performance of the ProDiscover IR by Technology Pathways, LLC.
#PRODISCOVER BASIC SUPPORT DCO MANUAL#
The information furnished in this manual is for informational use only and is subject to change without notice.
#PRODISCOVER BASIC SUPPORT DCO SOFTWARE#
This manual, as well as the software described in it, are furnished under license and may only be used in accordance with the terms of such license. I have yet to use it, but it may be worth checking out.1 PRODISC VER Computer Forensics Family User Manual Version 4.8 9/06Ģ Copyright Technology Pathways, LLC. Make sure you are using fake credentials if you do not want to potentially leak real ones.ĭark reading just recently had a post on a Java based command line tool to for doing this. For example, if you are worried about a web-based credential stealing malware, try logging into site like E-bay, Citibank and maybe a custom app from your company. Make sure that you use the applications that you are worried about the malware interacting with. Use the process described in a previous post to determine what the malware is doing. Under VMware 7.0 choose the Vm Menu ->Settingĩ.Select use existing virtual disk.
#PRODISCOVER BASIC SUPPORT DCO INSTALL#
Use the wizard and select typical machine, install OS later and Guest OS and take default setting on all the rest.Ħ.Select VM Settings. vmdk file.ĥ.Create a new virtual machine.
Harlan Carvey did a great post in 2007 about booting a dd image using vmware, I wanted to turn that idea into a procedure. I could have used software such as Live View, but I wasn’t sure how well it worked with Linux as my host OS. I needed a quick way of determine the capabilities of the malware, so I decided to boot a copy of the original dd image using vmware and then do behavioral analysis on the system. I didn’t have time to run it through ollydbg or Ida Pro.
#PRODISCOVER BASIC SUPPORT DCO CODE#
The system had a nasty rootkit that was injecting code into a couple of processes. After building a timeline, I was able to determine that the initial infection vector had been deleted and the malware hosting site had been pulled off-line. In this instance, a number of different malware products had been ran, along with clearing temp files and Internet cache, but the system was still showing signs of infection. But, sometime you may need to do analysis on the system. Most of the time, I tell them the evidence has been trampled on by different malware scanning software and just re-image the system. Sometimes as an incident responder we get called on to analyze a system that has already been “looked at” by another admin or desktop support personnel.
0 kommentar(er)
