In an effort to ensure a sterile work environment, all media used in the examination was first scanned for viruses using Norton AntiVirus™ 2002. For more information about Norton AntiVirus™, go to:
www.symantec.com

The Linux copy command was used to extract the image onto a blank 1.44-megabyte high density disk.

The MD5 hash algorithm found within Red Hat Linux was used to generate the hash value for scan26.zip as well as the entire image once it was extracted fully out to the disk.

EnCase® from Guidance Software was used to provide the Disk Properties and verified the MD5 hash value that was previously generated from Linux.
Encase ® was also used to exact files out of the floppy image.
For more information about EnCase® , go to:
www.guidancesoftware.com or www.encase.com

Two other utilities were used in the recovery of files and analysis of the disk. The first was Norton Disk Edit, a part of Norton SystemWorks™ for Windows 95/98 - Emergency Disk 2. The various screenshots displayed throughout the site are from Norton Disk Edit. For more information about Disk Edit, go to:
www.symantec.com

The second utility used in the recovery and analysis process was Invisible Secrets 2002™ Version 3.2 from Neo Byte Solutions. This utility was used to remove and decrypt any files that were imbedded and decrypted within other files. For more information about Invisible Secrets, go to:
www.invisiblesecrets.com