Computer Litigation Resources, LLC

If you suspect that you need a computer examined, it is best if it is not used until the examiner arrives. An improper examination or even everyday use can can alter or destroy evidence.
A standard forensic examination begins with a visit to the computers to be examined. There, I make an exact image of the disks and other media and record a cryptographic hash that ensures the future integrity of the copies. This takes about an hour for each computer, depending on the particular equipment.
Once imaging is complete, I return to my lab and make backup copies for safekeeping. I then analyze the images to find evidence relevant to the particular situation. While a full investigation can take up to two weeks, initial results are often available within 24 hours. I will work with you during this time to share evidence as it is found and to develop new lines of inquiry.

After the analysis is complete, I prepare a written report about the findings and work with you to ensure that all your questions about the case or forensic process are answered to your satisfaction. I also remain available afterward to clarify the report as needed.

Computer Litigation Resources, LLC
	forensics \| process \| cases \| pricing \| principal \| contact
	If you suspect that you need a computer examined, it is best if it is not used until the examiner arrives. An improper examination or even everyday use can can alter or destroy evidence. A standard forensic examination begins with a visit to the computers to be examined. There, I make an exact image of the disks and other media and record a cryptographic hash that ensures the future integrity of the copies. This takes about an hour for each computer, depending on the particular equipment. Once imaging is complete, I return to my lab and make backup copies for safekeeping. I then analyze the images to find evidence relevant to the particular situation. While a full investigation can take up to two weeks, initial results are often available within 24 hours. I will work with you during this time to share evidence as it is found and to develop new lines of inquiry. After the analysis is complete, I prepare a written report about the findings and work with you to ensure that all your questions about the case or forensic process are answered to your satisfaction. I also remain available afterward to clarify the report as needed.