Quote:
Originally Posted by MakeBelieve
whats the incentive? what are you hoping to find out? from what I remember from similar cases where people have their pc examined the result is something along the line 'someone installed a remote viewing trojan, data send to ip in x country' and then what?
I would understand if you have zero clue what happened but thats not the case here.
That's more then enough to begin a criminal investigation. Just what you said is enough to nail someone.
Also, depending on what the data is, could also find out how compromised the system was, if other stuff was accessed, other actions taken, etc.
My own interest is just in that I actually rather like doing forensics investigations. Like solving little mysteries and puzzles and trying to reconstruct something. Like I said mine is a technical interest. What interest it may have for the OP pretty much ends at being able to press criminal charges. If indeed it does point at access from the UK, that's bad news for whoever did it. With all of our treaties, that's a huge problem for whoever did it. FBI would probably end up involved, and whatever isp the address would track to (and depending on the method of access the fingerprints left could be MUCH worse for the perpetrator than just an ip) would finger them in a heartbeat.
Proving what happened at that point would be more a formal matter than anything else.
There is no eliminating the trail of clues when it comes to computers. It's just a matter of time.
I don't know that the op would have much incentive. I'd want to know just for knowing's sake from the technical standpoint, but that's me.