Ultimate Desperation: Recovering Deleted Files

Pressing Delete is easy, like watching your favourite movie. Usually we delete files we no longer need to free up space or to unclutter our computer, simple tasks bordering on the mundane. The nightmare begins when we by accident delete something important, something hiding in the corner under layer upon layer of folders.

Ask Techie! : Recovery Software which also work for Memory Card Data Recovery

There are two things we can do in these circumstances;

a) scream our heads off

b) pull our hair, than scream our heads off

This was back in the day when broadband was the best connection around. In the current era you can find simple tools to actually dig up deleted files. For this article I will be discussing a bit on how computer memory works and introduce one related freeware available on the Net.

Computer memory consists of many, many separate blocks into which data can be written. When a programme is installed into a computer or a file is created, that files data will be written into these blocks of memory.

It’s a bit like arranging books on a shelf. When you buy a collection, you stack them into the shelf space, one book at a time.

One other thing is also created when you make a file. A pointer is created by the computer system so that you can get access to your file. Think of a pointer like a doorway; without it you cannot enter into your file.

When you delete that file, the blocks of memory holding the file would now look like this

Exactly the same. The file is still there.

Okay, here’s the deal.

Two important things happen when you delete something. First, the pointer of your file is erased by the computer, so you can no longer access the programme. Thats why icons don’t work, your system can’t find it, and you can’t find it using the search function. Second, the computer labels the memory holding that file as can be overwritten. So when you install something else, it would overwrite your old file.

But if you don’t overwrite these blocks of memory containing your file, you can do things to restore the pointers so that you can access your deleted file again.

There are two ways to do this;

a)use the command prompt (DOS) and type in complex commands to get the pointers back

b)download freeware and let the programme get it back for you

There are numerous computing sites teaching the layman how to perform option (a), of which one may spend hour after hour trying to understand everything. If you do want to try this, please bear in mind that you will be messing with very vital system codes. Any one mistake can be fatal to the well-being of your computer.

For option (b), let me introduce you to a friend of mine called Pandora Recovery by Pandora Corp.

Update : Pandora Recovery is now called Disk Drill 

You can find this software at http://www.pandorarecovery.com/. Pandora takes up about 7.30 MB and works really well in all the times I have used it.

There are three ways you can use Pandora to get back pointers to deleted files. Theres the browse option, the search option, and the surface scan option.

The browse option lets you view your computers files just like Windows Explorer. You use this option when you know the last folder your file was in. You navigate directly to that folder and restore it from there. Take a look at the interface.

There are a few things you might notice from the video.

Deleted files are colour-coded so you can distinguish those that are fine and those that are not. Files written in red have been overwritten to a degree, whether partially or completely. Files written in blue are compressed. Green files mean they were encrypted. Grey files are hidden files, usually meaning system files. Any file written in plain ol black is neither overwritten, compressed, encrypted, or hidden.

You may have realized that some folders are marked with a red X. These folders have themselves been deleted and can be recovered. Normal folders that are still in your computer are unmarked.

The icons on top are, from left to right, return to last visited folder, up one level, refresh, index selected drive (an apparently obsolete command in version 2.0.1), recover, quick view, properties, Show deleted items only, wizard, and help. Press recover to get back selected file(s) or a folder. Alternatively, right-clicking a file will bring up a small menu of options that include recover, quick view, and properties.

A note on quick view. Selecting this option opens a window showing a preview of the selected file. If it is a picture, you will get to see a preview of it to help you determine if the file is worth rescuing. Text can also be previewed.

The Search option is perhaps the mode a user will normally utilize. A user can specific which drive to search, the file name (or leave blank to search by other criteria), file size, and date of creation or the last time a file was modified. It looks like this;

By the way, Pandora also supports wildcards.

The most thorough search mode has to be the third recovery option, the surface scan. In this mode you first apply a set of filters, although you can set it to search your entire disc drive for every single deleted thing that has not been completely obliterated. Searching using this option gives you this kind of view of your files;

That picture on the left is a preview of the file you are viewing. Above it you can see some follow-up options.

To end this article, I will just recover some random file. Pick a number between zero and a googolplex. No, something higher. Infinity is technically not a number. Go lower. Okay, that number will do. I’ll recover a Jerry Seinfeld picture, one I didn’t even know had been on my disc drive.

The following menu will pop up when you press recover, giving you a bit of control over how you want your file to come back.

Take a closer look at the Advance section of the menu, there at the bottom. You can even recover attributes of the file like archive, hidden, and other stuff and at the same time meddle with the data streams. Did I tell you how much I like Pandora?

Basic steps to recover something using Pandora is nothing more than scanning your system, clicking Recover, then specifying where to recover it and pressing the Recover Now button.

With all this said it never mean that you start deleting your files like a mad man , always take care of important data. Less tools you rely on the better it is.