Hey guys, gals.
I am student, who is currently on placement with a data recovery / forensics company. And i have been set a new task, which I need some advice with.
Basically I am investigating into the use of BlackBerry device on a PC.
The BlackBerry was connected to the PC, not necessarily syncronising, but was definately connected. Emails had been recevied either prior or while the BlackBerry was connected.
These emails are critical to the investigation. Where would I look on the suspect PC's hard drive for Logs stored by the BlackBerry. For example, MSN Messenger Logs are kept in a specific directory on the C:\ drive, is this the same for BlackBerry devices.
Would there be an area, encrypted or compressed where the information is stored. Do BlackBerry devices compress data, and if so does any one know what can be used except the BlackBerry to interrogate the information.
I dont have the BlackBerry device, neither do I have the make or model of the device. All i know is that at some point the Device was connected, and I am hopping that perhaps I can find some sort of Log of connectivity, log of activity etc that may help in this case.
Look forward to your replies, if any
Thanks for reading