Data Recovery PDF

introducing
COMPUTER FORENSIC
DATA RECOVERY TECHNIQUES
AND SOLUTIONS WORKSHOP
COMPUTER FORENSIC
DATA RECOVERY
TECHNIQUES AND
SOLUTIONS WORKSHOP
Objectives:
• To provide a critical understanding of

major types of failure experienced by
HDDs.
• To examine the principles and methods
COMPUTER FORENSIC
used to correctly diagnose HDD failures.

• To explore various methods used to effect
repair of different failure scenarios.
• To introduce various data recovery
applications and tools.
Course Objectives
• Gain the overall understanding on Data
Recovery
• General File System Overview
• General Hard Disk Overview as a storage device

COMPUTER FORENSIC
• File System On- Disk format

• Indexing Methods
• Data Area
• File System Weaknesses
• Scenarios & Data recovery Techniques And
Solutions
Training Course would offer an excellent solution
• File Deletion
• Crash Windows operating system corrupt.
• Accidental Disk Formatted

• Virus Attack
COMPUTER FORENSIC
• Partition loss or corruption

• Lost or Missing files and folders
• Email recovery. pst / .wab / .dbx / .mbx
• Password recovery (workstation and Server)
• Re-formatted or re-partitioned drive
• Repair corrupt Files after recover ( word/ excel/ pdf)
What is Data Recovery
Data Recovery
• Data recovery is the process when the

corrupt or inaccessible data is being
retrieved from the damaged or in some
way corrupted digital media when it
cannot be accessed normally
Deployment
DATA RECOVERY
• It is frequently used when the data needs

to be recovered from such devices as
DVDs, CDs, Floppy Disks, Hard Disk Drives,
Xboxes, Mobile Phones, Tapes, Memory
Cards, Personal Digital Assistants and
many other items.
Deployment
Causes for Data Loss
• Mechanical failure of the device

• Damage to the device,
• Human error,
• power surges
• software viruses.
Deployment
DATA LOSS
There are two categories of data loss :-

• Logical Failures
• Physical Failures
Deployment
Logical Failures
• Reasons behind a logical hard drive crash,

such as
• File system corruption,
• OS malfunction,
• Severe conflict with recently installed
Deployment
hardware/software
• Virus /malware infection.
Logical Failures
• Generally, in these situations, data is

easier to recover as long as the data has
not been overwritten by subsequent
usage
Deployment
Physical Hard Drive Failure
• If BIOS is not showing your hard drive or

there is clicking/clinging sound at start-up
or even no sound of disk movement, then
may be your hard drive has been
physically damaged.
• It can be a mechanical components
Deployment
failure, electrical damage or firmware

corruption that is responsible for the
failure of the hard drive.
Physical Hard Drive Failure
• With advanced data recovery tools,

techniques, skilled team of engineers and
must needed CLASS 100 Clean Room labs,
these recovery service providers are able
to recover data from any damaged hard
drive safely..
Deployment
What Is DATA?
• In computing, data is information that has

been translated into a form that is more
convenient to move or process.
• Relative to today's computer s and
transmission media, data is information
converted into binary digital form
Deployment
The Data Recovery Process
Repair Disk Image Disk
Damage to the hard The repaired drive is
disk drive, if applicable, read and data copied
is diagnosed and to another disk,
repaired. Damaged preserving the state
components are of the data when the
replaced. Firmware drive or media was
failures are identified received.
and repaired.
DATA RECOVERY
Retrieve Data
Damage or corruption
Restore Data
to the file system is
The retrieved data is
diagnosed and repaired
then copied to new
to permit access to the
media (for example
individual files. Individual
a USB drive) and
files are checked
returned to the client
for corruption and
repaired if necessary.
Basic File system
explanation
File System
machines by using Group Policy
• A file system is a means to organize data
expected to be retained after a program
Deploy a MSI on multiple
terminates by providing procedures to

store, retrieve and update data, as well as
manage the available space on the
device(s) which contain it
File System
• File systems are used on data storage
devices, such as hard disk drives, floppy
disks, optical discs, or flash memory

storage devices, to maintain the physical
locations of the computer files
File System
• Organizes data in an efficient manner and is
tuned to the specific characteristics of the

device
• There is usually a tight coupling between the
operating system and the file system
• To control access to the data and Metadata.
File System
• Without a filesystem programs would not
be able to access data by file name or

directory and would need to be able to
directly access data regions on a storage
device.
METADATA
• Metadata /Metacontent data providing
information about one or more aspects of

the data, such as:
• Means of creation of the data
• Purpose of the data
• Time and date of creation
• Creator or author of data
In Windows, what file system should I use?
• NTFS and FAT32 are two file systems used
in Windows operating systems

NTFS
• NTFS, short for NT File System, is the most
secure and robust file system for Windows

7, Vista, and XP.
• It provides security by supporting access
control and ownership privileges, meaning
you can set permission for groups or
individual users to access certain files.
NTFS
• NTFS supports compression of individual files and folders
which can be read and written to while they are
compressed.
• NTFS is a recoverable file system, meaning it has the
ability to undo or redo operations that failed due to such
problems as system failure or power loss.
• Disk quotas: Administrators can limit the amount of disk
space users can consume on a per-volume basis.
• Encryption: The NTFS 5.0 file system can automatically
encrypt and decrypt file data as it is read and written to
the disk.
FAT32
• FAT32 is the file system used in some older versions of
Microsoft Windows. You can also install the FAT32 files
system on Windows XP (all versions), and even Windows

Server 2003.
Advantages of FAT32
• FAT32 supports disk partitions as large as 2 TB. FAT16
supports partitions up to only 2 GB.
• FAT32 wastes much less disk space on large partitions,
since the minimum cluster size is a mere 4 KB for
partitions under 8 GB.
Disadvantages of FAT32
• FAT32 does not allow compression using DriveSpace.
• FAT32 is not compatible with older disk management
software, motherboards, and BIOSes.
File Attributes
• One of the characteristics stored for each file is a set of
file attributes that give the operating system and
application software more information about the file

and how it is intended to be used.
– Read – Only
– Hidden
– System
– Volume Label
– Directory
– Archive
Read-Only
machines by using Group Policy • Read-Only: Most software, when seeing a file marked
read-only, will refuse to delete or modify it.
• This is pretty straight-forward. For example, DOS will say

"Access denied" if you try to delete a read-only file. On
the other hand, Windows Explorer will happily munch it.
Some will choose the middle ground: they will let you
modify or delete the file, but only after asking for
confirmation.
Hidden
• Hidden: This one is pretty self-explanatory
as well; if the file is marked hidden then
under normal circumstances it is hidden

from view.
• DOS will not display the file when you
type "DIR" unless a special flag is used, as
shown in the earlier example.
System
• System: This flag is used to tag important
files that are used by the system and
should not be altered or removed from

the disk.
• In essence, this is like a "more serious"
read-only flag and is for the most part
treated in this manner..
Volume Label
• Volume Label: Every disk volume can be
assigned an identifying label, either when
it is formatted, or later through various

tools such as the DOS command "LABEL".
The volume label is stored in the root
directory as a file entry with the label
attribute set.
Directory
• Directory: This is the bit that differentiates
between entries that describe files and
those that describe subdirectories within

the current directory.
• In theory you can convert a file to a
directory by changing this bit. Of course in
practice, trying to do this would result in a
mess--the entry for a directory has to be
in a specific format.
DOS – attrib /?
ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [+I | -I]
[drive:][path][filename] [/S [/D] [/L]]
+ Sets an attribute.
- Clears an attribute.
R Read-only file attribute.
A Archive file attribute.
S System file attribute.
H Hidden file attribute.
I Not content indexed file attribute.
[drive:][path][filename]
Specifies a file or files for attrib to process.
/S Processes matching files in the current folder
and all subfolders.
/D Processes folders as well.
/L Work on the attributes of the Symbolic Link
versus
the target of the Symbolic Link
LAB 1
• CMD
• Type attrib /?
• View attribute via explorer
LAB 2
• How to view a computer file
extension
Viewing the file extension of a single file
1 Right-click the file.

2 Click Properties.
3 In the Properties window, similar to what is
shown below you should see the "Type of
file:" this is the file type and extension. As
can be seen in the below example this file
is a TXT file with a .txt file extension and in
this case opens with the Text Pad program.
LAB 3
• How to view a computer file
system
How hard disks work
General Hard Disk Overview as How hard disks work
• If you are to dismantle the hard disk drive by
opening the top casing (after removing all the
necessary screws), the first thing you'll see is
a spindle holding one or a number of mirror-
like hard rotating platters (commonly called
data platter).
a storage device
• The platters could be made to spin at an

extremely high speed, technically between
5,400 to 10,000 revolutions per minute
(RPM).
• An extremely thin magnetic coating is
layered onto the surface of the platter that
is polished to mirror-type smoothness.
General Hard Disk Overview as A platter
• The platter is usually made of glass or ceramic (modern
platter may use titanium). Commonly a hard disk
contains 1 to 10 identical platters that are stacked in
parallel to form a cylinder. There is usually one Read
Write (RW) head designated per platter face, and each
head is attached to a single actuator shaft which moves
a storage device
all heads in unison and performs a uniform synchronous

motion during reading or writing of data.
General Hard Disk Overview as Read Write Head
• The RW head is the key component that performs the
reading and writing functions. It is placed on a slider
which is in term connected to an actuator arm which
allow the RW head to access various parts of the platter
during data IO functions by sliding across the spinning
platter.
a storage device
General Hard Disk Overview as Flying Height
• To write a piece of information to the disk, an
electromagnetic flux is transmitted through the head
which hovers very closely to the platter.
• The RW head suspends on a thin cushion of air which
the spinning platter induces.
• This designed distance between the head and platter is
a storage device
called the flying height. It can literally measure to a few

millionths of an inch.
General Hard Disk Overview as Read Write Function of Disk
• As the head writes data onto the disk, it changes its
magnetic polarization to induce either a one or zero
value.
• During a read request, data is interpreted when the
magnetic fields on the platter brings about an electrical
change (as a result of change in electrical resistance of
a storage device
some special material property) in the read-head that

passes over it.
• These electrical fields are then encoded and transmitted
to the CPU to be processed and read by the system.
General Hard Disk Overview as Parking of RW Head
• When the computer is switched off, the head is usually
pulled to a safe parking zone to prevent the head from
scratching against the data zone on platter when the air
bearing subsides.
• This process is called a parking and different techniques
have been implemented in various hard disks to handle
a storage device
the take offs and landings.

• In a Ramp load/unload design, a lifting mechanism
parks the head outside of the platter onto a "parking
bay" prior to a shutdown. It then automatically unparks
and relocates itself above the disk platter when the
platter spins up to appropriate rotational speed.
General Hard Disk Overview as Hard Disk Controller PCB Board
• A hard disk also contains a pcb controller circuit board
that regulates data traffic.
• It ensures massive data to be streamed in and out of the
disk smoothly. A logic board that sits under the drive
controls and connects the spindle, head actuator, and
various disk functions of the disk.
a storage device
• Embedded with a micro-controller, it executes self-

diagnostics test and cleans up data working area in the
memory and all internal chip bus in the hard drive when
it powers up.
General Hard Disk Overview as
a storage device
Hard Disk Parts Overview
General Hard Disk Overview as S.M.A.R.T
• Majority of all hard disk today support a

technology known as S.M.A.R.T. (Self-
Monitoring, Analysis, and Reporting
Technology) which helps to predict
a storage device
imminent disk failures so that users can be

alerted to take preventive actions before
the disk fails completely.
General Hard Disk Overview as
a storage device
Hard Disk Parts Overview
Hard Disk Crash
What is a head crash in a hard disk drive?
• In a nutshell, a head crash is a physical damage of a hard
disk when the faulty electronic or mechanism causes the

read-write head to land on the rotating platter instead of
retracting to its safe zone, hence by damaging and
grinding away the magnetic film on the disk surface.
How does a head crash occur?
• When the platter is rotating at rates between 5,400 to
15,000 revolutions per minute, a thin firm of air

suspends the read/write head extremely closely above
the disk surface.
• This distance, called the head gap is typically measured
in millionths of an inch. So, it is possible that heads can
make contact with the media on the hard disk when
there is faulty disk mechanism.
A Bad Parking
• While the platter is idle, the head typically rests on the

surface of the disk or on parking bay. When the disk
powers up and the platter starts to spin, the head rubs
along the surface of the platter briefly before a cushion
of air is strong enough to hover the head above its
surface.
• During a power down, the process is reversed till the
platter finally stalls. Damage can likely set in after a
prolonged period of wear and tear. Hence, a landing
zone or an empty track was developed to set aside for
the head to take-off and land. This safety process is
known as the parking technology.
• Most modern disk that uses the voice-coil or giant
magneto-resistive head, supports auto-parking. In an

event of power loss to the disk, a retract mechanism
moves and secures the head to its landing zone without
the use of external power. It then automatically unparks
itself when the disk powers up again.
• Another similar technique is the load/unload technology
which uses a ramp-like mechanism to lift the head from
the disk surface and park it outside of the platter. Older
drives that do not support auto-parking use software
utilities that execute head parking procedures before the
computer shuts down.
Dust Debris
• A hard disk is never 100% seal. If it is, then it is not

possible to create the necessary air flow for the disk
working mechanism. When dust enters and
contaminates the hard disk, it can obstruct the
movement of the head, resulting in a crash as the
clearance between the the head and platter is by far
smaller than the size of a smoke particle.
Mechanical Shock
• A shock applied to a disk while it is in active state may

cause the head to bounce and slide against the platter
henceforth scratching it.
Power Surge
• Another reason is the effect of using poor power supply

which has the same problem as power surges and power
cuts, resulting in unpredictable movement of read write
head mechanism causing the crash.
Dust Debris
• A hard disk is never 100% seal. If it is, then it is not

possible to create the necessary air flow for the disk
working mechanism. When dust enters and
contaminates the hard disk, it can obstruct the
movement of the head, resulting in a crash as the
clearance between the the head and platter is by far
smaller than the size of a smoke particle.
Master Boot Record (MBR)
& Partition
• Short for Master Boot Record, MBR is also sometimes

referred to as the master boot block, master partition

boot sector, and sector 0.
• The MBR is the first sector of the computer hard drive
that tells the computer how to load the operating
system, how the hard drive is partitioned, and how to
load the operating system.
• The MBR is also susceptible to boot sector viruses that
can corrupt or remove the MBR, which can leave the

hard drive unusable and prevent the computer from
booting up. For example, the Stone Empire Monkey
Virus is an example of a MBR virus.
Partition
• In personal computers, a partition is a logical division of
a hard disk created so that you can have different

operating systems on the same hard disk
• A partition is created when you format the hard disk
LAB 4
• View Partition
• Create Partition
• Format FAT 32
• Format NTFS
• Convert Partition
• convert drive_letter: /fs:ntfs
Chkdsk /f
Summary Recycle Bin
Recycle Bin
• When you delete a file in Windows Explorer or My

Computer, the file appears in the Recycle Bin.
• The file remains in the Recycle Bin until you empty the
Recycle Bin or restore the file
Recycle Bin
Where the Windows Recycle Where the Windows Recycle Bin is Located?
• When you delete a file, the complete path and file name
is stored in a hidden file called Info or Info2 in the
Recycled folder. The deleted file is renamed, using the
following syntax:
• D<original drive letter of file><#>.<original extension>
Bin is Located?
LAB 5
• Recycle Bin
• Delete key
• Shift + Delete
• Delete Fails
• Delete Folder
• Delete Words /Excel / PDF / JPG
LAB
• Install Recuva
Where the Windows Recycle RECUVA
• Recuva is a freeware data recovery program, developed

by Piriform, and runs under Microsoft Windows 7, Vista,
XP, 2003, and 2000.
• It is able to recover files that have been "permanently"
deleted and marked by the operating system as free
space. The program can also be used to recover files
Bin is Located?
deleted from USB flash drives, memory cards, or MP3

players.
• Supports FAT12, FAT16, FAT32, exFAT, NTFS, NTFS5 , NTFS
+ EFS file systems
Scenarios & Data recovery
of the following
Accidental Disk Formatted
What is format?
• Prepare a storage medium, usually a disk, for reading

and writing
• When you format a disk, the operating system erases all
bookkeeping information on the disk, tests the disk to
make sure all sectors are reliable, marks bad sectors
(that is, those that are scratched), and creates internal
address tables that it later uses to locate information.
You must format a disk before you can use it.
• Note that reformatting a disk does not erase the data on
the disk, only the data on the address tables.
How to Recover Data from Formatted Drive
• "Opps, I accidently performed format on my hard disk

partition. I have many important documents and photos
there. Help!" Did you run into the similiar situation?
• Wow, it must be hard to accept the data loss since drives
were formatted. Well, don't worry! Data Recovery
Standard, you can perform any formatting of your drives
and also get data back alive to you.
Why can I still get data back from formatted drive?
• The truth is by formatting a drive, it only erased the file

address table. The data are still on the drives sound and
not touched after you performed quick formatting or full
formatting, ie regular & complete formatting.
Warning
• You should immediately stop work to avoid further data
damage. Do not install any program or data on the
formatted drive as this will cause permanent data loss.
LAB 6
• Download EaseUS Data
Recovery Wizard, install it and
launch it.
LAB 6
• Click the "Complete Recovery"
button on the main window of
Data Recovery Wizard.
LAB 6
• Select the file types you
want to recover. Tick
'Search all lost files
automatically' to find all
lost file types. Tick
'Ignore bad sectors' to
skip bad sectors when
scanning.
LAB 6
• The second screen on the
"Complete Recovery"
tool will display a list of
volumes found on the
drives found in your
system. If the volume
does not have a drive
letter, then the volume
will be listed at the
hindmost and the drive
letter will be instead by
LAB 6
• The Intelligent Searching
module will scan on the
selected volume, collect
and analyze every byte
on the volume, then
show you a list of
volumes which are
possible on it.
LAB 6
LAB 6
• After this scanning is
finished, Data Recovery
Wizard will permit you
choosing 4 volumes at
best to recover the data.
And then, press "NEXT"
button.
• The Data Recovery
Wizard will launch the
"Building directory"
procedure to searching
the files. You will see
file/folder tree very soon
LAB 6
• Select the file or
directory that you
want to recover
and press the
"Next" button.
of the following
Partition loss or corruption
Recover Data from Missing Partition or corruption
• A hard drive can be divided into multiple storage units

referred as partitions. The idea for creating partitions in
your hard drive is to have separation between OS and
program files from user files,
• To have multi-boot setup, to have multiple file systems,
to reduce the access time which in turn increases the
system performance, to protect files by making it easier
to recover a corrupt file system (if one partition is
corrupt, other file system will not be affected) and many
other benefits.
How data loss or corruption occurs in a hard drive
partition?
• Due to conversion of a partition from one file system to
another i.e. FAT16 or FAT32 to NTFS. These file system
conversions causes the data or files to lose their EFS
(encryption details) and file system permissions which
holds entries regarding which users or system processes
are granted access or which operation is allowed to a
particular file.
Recover Data from Missing Partition or corruption
• Using third party tools for creating new partition or re-

size the existing partition can cause deletion of
partitions or data while trying to locate free disk space in
those partitions
• Virus infection is another main reason for data loss due
to missing or corrupt partition. That is if the master boot
record(MBR) which holds the partition table is damaged
or corrupt due to virus attack then you will not able to
see partitions. Hence, leading to heavy data loss
LAB 7
• Download EaseUS Data
Recovery Wizard, install it and
launch it.
• Recover data from loss or
corruption occurs in a hard
drive partition
of the following
Crash Windows operating
system corrupt.
Crash Windows operating system corrupt
Microsoft Windows 7 Crashes, Restarts or a Blue Screen
Appears
What Is a Blue Screen Error?

• When Windows encounters certain situations, it halts
and the resulting diagnostic information is displayed in
white text on a blue screen. The appearance of these
errors is where the term “Blue Screen” or "Blue Screen
of Death" has come from. Blue Screen errors occur
when:
– Windows detects an error it cannot recover from without losing
data
– Windows detects that critical OS data has become corrupted
– Windows detects that hardware has failed in a non-recoverable
fashion
Crash Windows operating system corrupt
• Almost every person must have witnessed a serious
problem when his/her computer’s operating system
crashes, since it is almost inevitable that this will not

occur in the entire life of a system. The most frustrating
part about this is that about the data we lose. We try to
come up with an easy and possible solution to this very
common system menace.
• By using a Linux / Windows Live Boot Disk
• BY using your Hard Disk Drive as an external drive
LAB 9
• By using a Linux / Windows Live
Boot Disk
• BY using your Hard Disk Drive
as an external drive
of the following
Email Recovery
How to Recover Deleted Email files
Outlook PST Files
• Recover My Files will search and locate deleted
Microsoft Outlook PST and WAB (Windows address

book) and PAB (Personal Address Book) files which have
been emptied from or bypassed the Windows Recycle
Bin.
• PST files are very complex and in some instances
recovered PST files will not function until they have also
been repaired. This is done by running a program called
'scanpst.exe' (also known as the 'Inbox Repair Tool')
which is installed by default on all Windows computer
systems. Use Recover My Files to find your deleted PST
file. If errors occur when you try to access it, use the
Inbox Repair Tool to fix it. Once you have recovered and
repaired the file you will once again be able to open the
file in Microsoft Outlook.
• Use Recover My Files to find your deleted PST file. If
errors occur when you try to access it, use the Inbox
Repair Tool to fix it. Once you have recovered and

repaired the file you will once again be able to open the
file in Microsoft Outlook.
• Outlook Express DBX Files
• Recover My Files will search for and locate deleted
Microsoft Outlook Express DBX files which have been

emptied from or bypassed the Windows Recycle Bin.
• The download version of Recover My Files will allow you
to see the contents of the recovered DBX file, including
the number of messages, the 'to' and 'from' address
fields, the subject and the date each message was sent
and received.
LAB 6
• Click the "Complete Recovery"
button on the main window of
Data Recovery Wizard.
LAB 6
• Select the file types you
want to recover. Tick
'Search all lost files
automatically' to find all
lost file types. Tick
'Ignore bad sectors' to
skip bad sectors when
scanning.
LAB 6
• The second screen on the
"Complete Recovery"
tool will display a list of
volumes found on the
drives found in your
system. If the volume
does not have a drive
letter, then the volume
will be listed at the
hindmost and the drive
letter will be instead by
LAB 6
• The Intelligent Searching
module will scan on the
selected volume, collect
and analyze every byte
on the volume, then
show you a list of
volumes which are
possible on it.
LAB 6
LAB 6
• After this scanning is
finished, Data Recovery
Wizard will permit you
choosing 4 volumes at
best to recover the data.
And then, press "NEXT"
button.
• The Data Recovery
Wizard will launch the
"Building directory"
procedure to searching
the files. You will see
file/folder tree very soon
LAB 6
of the following
Password recovery
(workstation and Server)
PASSWORD
• A secret series of characters that enables a user to
access a file, computer, or program. On multi-user
systems, each user must enter his or her password

before the computer will respond to commands.
• The password helps ensure that unauthorized users do
not access the computer. In addition, data files and
programs may require a password.
• Ideally, the password should be something that nobody
could guess. In practice, most people choose a password
that is easy to remember, such as their name or their
initials. This is one reason it is relatively easy to break
into most computer systems.
Where are Windows 7 Passwords Stored?
• Windows account details are stored in the SAM registry
hive . It stores passwords using a one-way-hash (either
LM Hash, which is old and weak, or NTLM hash which is

newer and stronger.)
• The SAM hive file is located at
%WinDir%\system32\config\sam. This directory, and it
parents, are by default inaccessible to non-
administrative users. However it is vulnerable to offline
attacks (e.g. booting a LiveCD and manually modifying
the binary data. For example with the ONTPRE tool.)
LAB 10
• Password for workstation
• Password for Server
• How to get Data
• Change Administrator password

Data Recovery PDF

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Data Recovery PDF

Caricato da

Copyright:

Formati disponibili

introducing

• To provide a critical understanding of

used to correctly diagnose HDD failures.

• General Hard Disk Overview as a storage device

• File System On- Disk format

• Accidental Disk Formatted

• Partition loss or corruption

• Data recovery is the process when the

• It is frequently used when the data needs

• Mechanical failure of the device

There are two categories of data loss :-

• Reasons behind a logical hard drive crash,

• Generally, in these situations, data is

• If BIOS is not showing your hard drive or

failure, electrical damage or firmware

• With advanced data recovery tools,

• In computing, data is information that has

terminates by providing procedures to

disks, optical discs, or flash memory

tuned to the specific characteristics of the

be able to access data by file name or

information about one or more aspects of

in Windows operating systems

secure and robust file system for Windows

system on Windows XP (all versions), and even Windows

application software more information about the file

• This is pretty straight-forward. For example, DOS will say

under normal circumstances it is hidden

should not be altered or removed from

it is formatted, or later through various

those that describe subdirectories within

1 Right-click the file.

• The platters could be made to spin at an

all heads in unison and performs a uniform synchronous

called the flying height. It can literally measure to a few

some special material property) in the read-head that

the take offs and landings.

• Embedded with a micro-controller, it executes self-

• Majority of all hard disk today support a

imminent disk failures so that users can be

disk when the faulty electronic or mechanism causes the

15,000 revolutions per minute, a thin firm of air

• While the platter is idle, the head typically rests on the

magneto-resistive head, supports auto-parking. In an

• A hard disk is never 100% seal. If it is, then it is not

• A shock applied to a disk while it is in active state may

• Another reason is the effect of using poor power supply

• A hard disk is never 100% seal. If it is, then it is not

• Short for Master Boot Record, MBR is also sometimes

referred to as the master boot block, master partition

can corrupt or remove the MBR, which can leave the

a hard disk created so that you can have different

• When you delete a file in Windows Explorer or My

• Recuva is a freeware data recovery program, developed

deleted from USB flash drives, memory cards, or MP3

• Prepare a storage medium, usually a disk, for reading

• "Opps, I accidently performed format on my hard disk

• The truth is by formatting a drive, it only erased the file

• A hard drive can be divided into multiple storage units

• Using third party tools for creating new partition or re-

What Is a Blue Screen Error?

crashes, since it is almost inevitable that this will not

Microsoft Outlook PST and WAB (Windows address