Skip Navigation Links
Home
Information
Why Use Us?
Practice Areas
Fast Facts
Cases
Events
Contact Us

FACTS FOR PROSPECTIVE CLIENTS:

The amount of electronic information produced during normal business operations is so difficult to obtain that analyzing and extracting all relevant data is critical to the success of litigation. Here are the types of information we recover, and what you need to know about it:
  • E-Mail- This is a major source of information in many cases, as e-mail is the communication tool of choice by nearly all computer users. People communicate in emails without thinking that an e-mail can be recovered by a computer forensics examiner.
  • Pictures- Computer hard drives typically contain thousands of images downloaded in the normal course of web surfing. People also save pictures from their digital cameras on the hard drive, and many pictures arrive via e-mail.
  • Internet History- Computers keep a history of any web site users visit while surfing the internet. Clearing the internet history does not always prevent the examiner from recovering the history at a later date. Forensic tools can rebuild these pages for viewing in their original state.
  • Documents- Many types of word-processing documents, spreadsheets, and digital pictures contain metadata that can reveal information, such as the name of the computer that was last used to edit the document, or the brand and model of the camera used to take a picture.
  • Financial Data- Financial data are of interest for many reasons and can be found in financial management software programs like Quicken or QuickBooks. Online financial transactions can be recovered by rebuilding the internet pages where the transaction originally took place.
  • Internet Searches - Searches on Google, Yahoo, or other search engines can be recovered by reconstructing these web pages from information on the computer hard drive. This is also true of searches performed on Ebay, Half.com, and other shopping sites.
  • Hidden Files - A common tactic used to hide files is to rename the file extension so that it differs from the actual file type. Our analysis software does not rely on the file extension to identify relevant files. Files, directories, and even portions of the hard drive hidden by other means can be located quickly.
  • Internet Chat - Instant messengers such as Yahoo Messenger, AOL Instant Messenger, MSN Messenger and MIRC have become a widely used form of communication when a telephone conversation is inconvenient or does not provide the desired amount of privacy. Since most chat programs do not create logs of typed conversations, these messages are rarely recoverable from a hard drive. However, some do record the chat as text files, which can be recovered.