Paraben's Enterprise Forensic Tools - Active Memory Acquisitions

		Home \| Resellers \| Support \| Contact Us
		Enterprise Forensics Paraben Enterprise Pro Paraben Shuttle Pro Paraben Shuttle Free Paraben Enterprise Investigator Enterprise Image Capture Enterprise Discovery Platform Mobile Forensics Device Seizure Mobile Field Kit Deployable Field Kit DDS (Deployable Device Seizure) DS Box SIM Card Seizure StrongHold Faraday Products Save-A-Phone Hard Drive Forensics P2 Commander Deployable P2 Commander E-mail Examiner Network E-mail Examiner P2 eXplorer Pro Forensic Replicator Chat Examiner Passware Kit Forensic Project-A-Phone Project-A-Phone Flex Project-A-Phone ICD-8000 Consumer Tools iRecovery Stick Phone Recovery Stick Data Recovery Stick Porn Detection Stick Windows Breaker Chat Stick Passport StrongHold SIMCon Free Software Shuttle Free P2 eXplorer Free Link2 Bundles Ultimate Forensic Bundle P2 Command Kit Device Seizure Flex Bundle Mobile Field Kit Deployable Field Kit Cell Phone Forensic Consulting Computer Forensic Consulting Expert Testimony Cellphone Forensic Training (PCME) Mobile Level 1 Mobile Level 2 Mobile Level 3 PCME Certification P2 Commander Training (PCFE) Intro to P2 Commander Level 1 Advanced P2 Commander Level 2 PCFE Certification Level 3 Training Centers Virginia Training Center Free Webinars Company Overview Our Websites paraben.com paraben-enterprise.com paraben-training.com paraben-consulting.com paraben-sticks.com projectaphone.com simcon.no pfic-conference.com Contact Resellers Support Customer Support User Forum Fun Stuff Register a Product

Products

Enterprise

Mobile Forensics

Hard Drive Forensics

Project-A-Phone

Free Software

Bundles

Training



Acquire Active Memory Processes It's every examiner's dream to be able to acquire active memory from a machine. In most forensic examinations, this simply isn't possible. With P2 Enterprise and P2 Shuttle Pro, you can not only acquire active memory processes, you can start or kill any process on demand, view screenshots, view associated files with running processes and much more with the System Runtime Explorer. The SRE gives you more control than you imagined from a forensic tool. If you see a malicious process, you can shut down the machine manually or use the P2 Enterprise Telnet client to kill processes or shut down the system before it does any more damage to your enterprise. If you need to access all saved passwords on the suspect machine, the SRE allows you do to this. The evidence you can gather from active memory processes may never actually be saved to the hard drive so it may be your only chance at the smoking gun.

System Runtime Explorer Features
	View All Active Processes
	Acquire Any or All Active Processes
	View all DLLs and Executables Associated with Running Processes
	View All Files Currently in Use by Processes
	View Protected Storage: Lists all Saved Usernames and Passwords
	View Selected Process Memory in the Hex Viewer
	View All Associated Registry Keys

Network Drive Acquisitions

Acquire bit-stream forensic images of any client on a live network without detection.

Client Snapshots

Take a snapshot of a user's activity including running processes, screenshots, protected storage (passwords), and more.

Paraben Enterprise

Hardware Option

Version Comparison Chart

Enterprise Versions

Paraben Enterprise Pro

Paraben Shuttle Pro

Paraben Shuttle Free

Paraben Enterprise Investigator

Enterprise Image Capture

Enterprise Discovery Platform

Solutions

Drive Acquisitions

Memory Acquisitions

Image/Drive Mounting

Live Mailstore Acquisition

Client Snapshots

Network Searches

Forensic Analysis

Advanced Reporting

Related Products

Contact Us

1.801.796.0944

Request a Web Demo/Quote

Sign up for a Webinar

Other Resources

Comparison Charts

User Area | Resellers | Contact Us | Press

Privacy Statement | Terms of Use |EULA | P2 EULA © Paraben Corporation 2012