Data Recovery Resources SNAP EXCHANGE and RAID How To Guides
Hard drive recovery data recovery resource center with how to guides for windows RAID Snap server file system repair NTFS partition recovery tools tips and tricks to recover data
With several years in the data recovery industry there are, like all things, a metamorphosis from one method of recovery to the next. In the beginning there were simple file systems and simple drives and a coarse data recovery method was used in … [Read more...]
I am a pretty visual guy and because of that my problem solving skills are based on viewing. When trying to recover data from a corrupt file system I like to use a hex editor and view the system areas of the drive to make sure that everything is … [Read more...]
I have worked with Microsoft file systems since DOS 3.3. From FAT12, to the current NTFS 5.0 Microsoft has always strived to make their file systems fast and reliable. However, there has always been one major drawback. Their file systems have … [Read more...]
When I first started writing hard drive recovery software, many, many, years ago Microsoft file systems were pretty straight forward. It was a simple FAT, with some file entry tables scattered throughout the drive with a few key system … [Read more...]
The original SNAP NAS devices were developed by SNAP Appliance. The operating system that was used was a flavor of BSD in concert with the file system UFS. Although the file system looks very similar to the original UFS there were some subtle … [Read more...]
In my last installment I described what a file entry record would look like if it were in fact a cluster holding file entry data. I went over the fact that the first two entries of the folder cluster would be a period followed by ten spaces, … [Read more...]
In my last installment I described the file entry record and its on-disk format. I used a 'C' structure to denote the different fields of the record and defined which five are most important to us when trying to recover a FAT32 file system … [Read more...]
In my last installment Recovering FAT 32 With File System Markers, I offered a brief outline of a case that destroyed a FAT32 file systems major components. This was done by formatting the drive using an operating system that is not native to the … [Read more...]
In my last installment, Recovering FAT 32 with File Entry Records, I talked about USB and Fire Wire devices and how they are susceptible to damage. In addition I spoke about the file system used to store data on these devices as being FAT32 in order … [Read more...]
Okay, I know this is not about how to read bad parity in a drive in order to find a stale drive in a RAID five. This is an important subject, however, and I also think it is important to know why heat and a swelling platter can cause hard drive … [Read more...]
Like many of us I have accidentally used 'fdisk' to partition a drive that I had never intended to. Whether it be adding a new drive, repartitioning and formatting a USB device, or just trying to reload the operating system there has been more than … [Read more...]
We have been discussing the love affair I have with stale drives in a RAID five array and how best to determine if in fact one exists. I explained how the NTFS file system data is normally laid out and the fact that the old and new data, as well as … [Read more...]
Last time I discussed how to find the RAID data offset for a SNAP OS 4.x RAID handler. To put it briefly it was just a simple matter of finding Cylinder Group zero on the first drive in the array and back tracking 48 sectors. Once the RAID data … [Read more...]
If you are in this business long enough you will see everything, or will you? Two weeks ago I received a SNAP RAID OS 4.x for recovery. I have done a lot of these and I am pretty familiar with the data offsets, how the drives are setup, and where … [Read more...]
The function set for the inaugural offering of RAID Diagnostic Toolkit is very basic. This post will explain how to choose a set of 'streams' to build a 'RAID set'. Initially the software does not have any options for stripe size, raid type, meta … [Read more...]
Over the years I have recovered many hard drives configured with NTFS. One of the leading reasons that data recovery is performed on these hard drives is an anamoly developed in the Master File Table. This area of the drive is the single most … [Read more...]
One of the many attributes of a RAID 5 that make it popular is that if a drive goes down in the array the RAID will remain functional. In such a case the following events should occur. An alarm should sound. An alarm that would wake the dead. … [Read more...]
Recently, it was my task to take sixteen drives, spanned across three RAID fives, and recover a set of hundreds of AVI files. These files were used for research and although not time sensitive, were critical to the conclusions of the … [Read more...]
Let's take a look at some of the boot code of a pretty standard MBR. The first thing we want to do is a little house keeping, then relocate the code we loaded at 0000:7C1B to 0000:061B. Which is spelled out in the First Part of - The Black Art Of … [Read more...]
Virus programmers, although destructive, were at one time some of the most innovative programmers in the industry. They exploited the very core of an operating system, and could do magic with the BIOS and MBR. The virus writer of present is just … [Read more...]