evidence eraser : index.dat viewer : window temp : clear browser cache : browser cookie : browser history
evidence-eraser.org
Evidence Eraser

evidence tracking

 Evidence Eraser software   Eraser
computer evidence
Evidence Eraser
  ... / deleting index.dat file
  ... / erase online evidence
  ... / deleting window temp file
  ... / securely delete files
  ... / clearing browser cache
  ... / strong encryption
  ... / clearing browser history
  ... / destroy Email, P2P, IM

Erase Files and Internet Activity, Pictures, URLs, Videos, Email, Chats, Voice, Peer to Peer, "locked" Windows Files, Browser History, Newsgroups, Wipe Free Space and more.

erase options

:: delete index.dat ::
Erase Internet Explorer index.dat files
INDEX.DAT data files – a specially formatted type of data file used by Internet Explorer to contain URLs and other reference data. They should not arbitrarily be deleted as some contain critical Offline (or Subscription) Cache information.
:: address autocomplete ::
Erase 'autocomplete' site addresses
AutoComplete - is the feature of Internet Explorer that attempts to save one some keystrokes during the keying into the URL Address field. It presumes to complete the URL based on Visited URLs from the History INDEX.DAT file.
:: c window temp ::
Erase Windows Temp Directories
Temporary Internet Files - the files such as Web pages and graphics files that are stored on your hard disk as they are retrieved from the Internet as you view them.
:: clear browser cache ::
Erase Browser Cache Files
Cache – the collection of Temporary Internet Files
:: browser cookie ::
Erase Browser Cookies
Cookies – are small Text files that are written to a user’s hard disk by their Web Browser. The cookies are generated by the Web-site being visited.
:: clear browser history ::
Erase Browser History
History Folders – are folders that contain History information for Web-Sites you have visited.

100% Vista compatible Privacy Suite software supports Internet Explorer 7 and Firefox 3.x.

System Requirements

  • Windows® Me/NT/2000/XP/Vista (all versions)
  • 16 MB RAM
  • Pentium or above
  • 14 MB free disk space


"..Digital evidence can be collected from many sources. Obvious sources include computers, cell phones, digital cameras, hard drives, CD-ROM, USB memory devices, and so on. Non-obvious sources include settings of digital thermometers, black boxes inside automobiles, RFID tags, and web pages (which must be preserved as they are subject to change).

Special care must be taken when handling computer evidence: most digital information is easily changed, and once changed it is usually impossible to detect that a change has taken place (or to revert the data back to its original state) unless other measures have been taken. For this reason it is common practice to calculate a cryptographic hash of an evidence file and to record that hash elsewhere, usually in an investigator's notebook, so that one can establish at a later point in time that the evidence has not been modified since the hash was calculated.

Other specific practices that have been adopted in the handling of digital evidence include:

  • Handle the original evidence as little as possible to avoid changing the data.
  • Establish and maintain the chain of custody.
  • Documenting everything that has been done.
  • Only use tools and methods that have been tested and evaluated to validate their accuracy and reliability.

Some of the most valuable information obtained in the course of a forensic examination will come from the computer user. An interview with the user can yield valuable information about the system configuration, applications, encryption keys and methodology. Forensic analysis is much easier when analysts have the user's passphrases to access encrypted files, containers, and network servers.

In an investigation in which the owner of the digital evidence has not given consent to have his or her media examined (as in some criminal cases) special care must be taken to ensure that the forensic specialist has the legal authority to seize, copy, and examine the data. Sometimes authority stems from a search warrant. As a general rule, one should not examine digital information unless one has the legal authority to do so. Amateur forensic examiners should keep this in mind before starting any unauthorized investigation.

All digital evidence must be analyzed to determine the type of information that is stored upon it. For this purpose, specialty tools are used that can display information in a format useful to investigators. Such forensic tools include: AccessData's FTK, Guidance Software's EnCase, and Brian Carrier's Sleuth Kit. In many investigations, numerous other tools are used to analyze specific portions of information.
Typical forensic analysis includes a manual review of material on the media, reviewing the Windows registry for suspect information, discovering and cracking passwords, keyword searches for topics related to the crime, and extracting e-mail and images for review .."

http:// en. wikipedia. org/ wiki/ Computer_forensics

"..Computer Online Forensic Evidence Extractor (COFEE) is a modified USB flash drive for investigators for quick extraction of forensic data from computers that are suspected to contain evidence of criminal activity. It allows investigators to search through data onsite as an automated forensic tool. The device, developed by Microsoft, is activated by being plugged into a USB port, and purportedly contains 150 commands that can dramatically cut the time it takes to gather digital evidence (estimates cited by Microsoft state that a job that previously took 3-4 hours can be done with COFEE in as little as 20 minutes). These commands offer such functions as the ability to decrypt passwords, search a computer's Internet activity, and analyze the data stored on a computer - including data stored in volatile memory, which could be lost if the computer were shut down for transport to a lab. Microsoft currently provides COFEE devices and online technical support free to law enforcement agencies.

COFEE was developed by Anthony Fung, a former Hong Kong police officer who now works as a senior investigator on Microsoft's Internet Safety Enforcement Team. Fung conceived of the device following discussions he had at a 2006 law enforcement technology conference sponsored by Microsoft. The device is used by more than 2,000 officers in at least 15 countries.

A case cited by Microsoft in April 2008 credits COFEE as being crucial in a New Zealand investigation into the trafficking of child pornography, producing evidence that led to an arrest .."

http:// en. wikipedia. org/ wiki/ Computer_Online_Forensic_Evidence_Extractor

"..File wiping utilities are used to delete individual files from an operating system. The advantage of file wiping utilities is that they can accomplish their task in a relatively short amount of time as opposed to disk cleaning utilities which take much longer. Another advantage of file wiping utilities is that they generally leave a much smaller signature than disk cleaning utilities. There are two primary disadvantages of file wiping utilities, first they require user involvement in the process and second some experts believe that file wiping programs don't always correctly and completely wipe file information. Some of the widely used file wiping utilities include R-Wipe & Clean, Eraser, Aevita Wipe & Delete and CyberScrubs PrivacySuite.

http:// en. wikipedia. org/ wiki/ Anti-computer_forensics
... / deleting index.dat file / window temp file / clearing browser cache / enable cookie browser / delete browser history /...
2008 Evidence Eraser.Com