VFC has become an essential tool in our forensic investigator’s toolkit. It provides investigators an insight into the suspect’s perspective by actually seeing the user’s desktop, settings and user environment. Screen captures from the suspect’s environment add significant weight to the forensic report when describing how the suspect utilized the computer to facilitate the crime. VFC is truly a tool that I rely upon and use in all my computer investigations!
1300 55 33 24
Launched in 2007, VFC is the leading virtualisation solution for the forensic investigator. VFC is used to create a virtual copy (VM) of a suspect computer:
VFC removes the guesswork from virtualisation and allows the investigator to concentrate on the investigation. It lets the investigator to quickly experience the computer environment just like the original user. This puts the investigator “in the room” with the suspect, providing invaluable access to software and data that cannot be easily found with a typical “dead box” examination.
In some cases, an experienced investigator can manually create a virtual machine from a forensic image. However, this can be time-consuming and error-prone task. VFC automates the process and applies over 10 years of acquired knowledge to fix numerous potential issues and quickly produce a compatible and stable virtual machine in seconds. VFC removes the guesswork from virtualisation and allows the investigator to concentrate on the investigation: