that site tells how to create the problem prime is having. It is written for the people who created these types of folders. You have to be the hoser who did this for that to work,.,.,.
that site tells how to create the problem prime is having. It is written for the people who created these types of folders. You have to be the hoser who did this for that to work,.,.,.
Gobbles
Oh, well i don't know much about this topic. Sorry if it is not helpful, I just did a search online and posted what I thought would help.
prime, how much is your time worth? it seems you've done what i often do, spend tons of time trying to fix a problem for free when you could just pay and be done with it.
i don't know how expensive the software is that could easily fix this, but there comes a point when buying the software would have been the better deal. now that you've spent a bunch of time working on it, though, i guess you might as well finish it for free.
Well I just got word from an associate that he did go out and buy the $35 software from JRTwine, and it worked as advertised. At this point, it might actually be worth it, now that I have a testimonial. I'm gonna try Dexter's suggestion and then probably just buckle down and buy the JRTwine dude's software. The only thing that bugs me is that if JRTwine could figure out a way to do it, I know it can be done...
dude, like I said. I swear to you I was able to do it, I just cant remember what I did. You have do this crazy thing where you reset all the acl's on all the folders, its like xcacls or something. When I figure it out I'll post it here for everyone.
I know this is a dumb idea, but maybe it's just so simple that it was overlooked?
I dunno anything about this stuff, but if the problem is in the filename-- why can't you just change the filename to something without illegal characters in it?
Tried that too. If you try that you get the ol' "Cannot find the specified file" error.
Prime, think about this:
Files can be force-renamed in Linux.
The journals can THEN, after that, be resynced to new file name structure with a jounral complete rebuild, and that is what happens normally with Pro from a CD booted file system recovery run with /R invoked.
Use an O\S with the ability to parse the names to rename, then the native O\S to rebuild the indexes and driectories.
OR, and I DID think you wanted these files erased and not recovered, you can move the files you want to keep with a rename implicit in the move with Linux. Then do the journal rebuild as in previous paragraph.
Problem is, you need a CD drive in box or the HD transplanted to a box natively able to parse the names to do this before you put it back and rebuild the files index structure.
Funny thing about Linux, very few characters ARE illegal in a file name, and, as with Unix and O\S X, multiple file extensions are legal and extensions can be almost anything.
In Linux, the file system handlers are forced to be read-only for Linux.
In this case, the files might be corrupt, but the journal good, or the journal corrupt, OR the filfes force re-permed and renamed from a CD boot of a non-native O\S by a disgrunteld employee.
Is there any way the circumstances under which the files got this way can be discovered??? Without any names or idea of what specifically the files contained???? Knowing that, even if it is something that the client would not want know if attached to the name of client, might be useful in figuring out which of these three or some combo happened. Explicate process, not names or blame or control failure.
Linux does nto use MIME at low file system handling level, it does not take an .exe and force .exe protection native to O\S as XP can do, and does not use a registry to force control. It uses 90% pure perms, plus default perming rule sets.
I can take a Linux mini-load, get full file system handling abilities, morph the file structure, and get things changed that you would not believe locally, froma system boot disk or a boot Install CD for Linux under some circumstances. BUT, this cannot be done remotely, as XP will not share invalids. So, you can spin your wheels a lot trying to run things remotely. The trick, one of them, is to get the LOCAL box run by a non-native O\S with the data image you want to work with, local to the non-native O\S run. If client will not let you get the HD physically present in your lab, then take a Linux box to him, copy the HD to a HD in the Linux box, let him or his rep watch your techs, and work on the image. Once image is good, stick the image into place on original HD. This is expensive to do under some circumstances, which is why data recover can be thousands of dollars per HD mech without guarantee of full recovery.
But, in my case, I strategize things so data I work with is never on same HD as O\S core, so I cannot fubar an O\S and have unrecoverable data simultaneously.
Can you eval and tell us, or one of us (hint), what the odds are that the file and directories were compressed and\or encrypted are??? THAT is the favorite thing for a badly treated employee (from employee's POV) with global access to a system to do just before vanishing or being fired.
Viruses can create this kind of thing also, if coded specifically to do this, so can bots, unfortunately. Most viruses that are local worms, both encrypt and corrupt files, and some also relocate the files.
If base structure can be restored, viruses can be scanned for and virused files at worst erased. At best, they can be reverse-engineered-- but lots of time is needed for that, and someone with multiple-O\S rules applied to one file tree to recover is also needed. Second, easiest way to work with a data tree without fubarring original is to make the drive a mounted drive running under a non-native O\S. Usually this kind of situation is done by remote access or local access, and it is easiest done with local access. Same general rule for recovery.
This is legal if client owns data, and this is the only way it is DMCA legal. Client has proprietary work data copyright implicitly. This is a true white-hat "hack by owner's agent" defensive forensic plus damage undo under these circumstances.
I agree. Although I did have an associate actually have the same problem, and buy that JRTwine dude's software, and he said it did indeed work......
But, we needed to reinstall that box anyway. It was set up by some other company, and they set it up pretty badly, and it was time to make the box "ours" and set it up the right way anyway....
Prime...can you ssh in? You might try booting your box with Bart's PE built with Total Commander included...I haven't tried it over a network, but it has allowed me to recover from some disastrous situations!
HTH,
Comments
that site tells how to create the problem prime is having. It is written for the people who created these types of folders. You have to be the hoser who did this for that to work,.,.,.
Gobbles
this app, Absolute File Shredder, is supposed to be able to delete protected files. Good user reviews on CNET, and it's FREE
Give it a try.
Dexter...
i don't know how expensive the software is that could easily fix this, but there comes a point when buying the software would have been the better deal. now that you've spent a bunch of time working on it, though, i guess you might as well finish it for free.
Can I get my Free T-Shirt now???
I dunno anything about this stuff, but if the problem is in the filename-- why can't you just change the filename to something without illegal characters in it?
Prime, think about this:
Files can be force-renamed in Linux.
The journals can THEN, after that, be resynced to new file name structure with a jounral complete rebuild, and that is what happens normally with Pro from a CD booted file system recovery run with /R invoked.
Use an O\S with the ability to parse the names to rename, then the native O\S to rebuild the indexes and driectories.
OR, and I DID think you wanted these files erased and not recovered, you can move the files you want to keep with a rename implicit in the move with Linux. Then do the journal rebuild as in previous paragraph.
Problem is, you need a CD drive in box or the HD transplanted to a box natively able to parse the names to do this before you put it back and rebuild the files index structure.
Funny thing about Linux, very few characters ARE illegal in a file name, and, as with Unix and O\S X, multiple file extensions are legal and extensions can be almost anything.
In Linux, the file system handlers are forced to be read-only for Linux.
In this case, the files might be corrupt, but the journal good, or the journal corrupt, OR the filfes force re-permed and renamed from a CD boot of a non-native O\S by a disgrunteld employee.
Is there any way the circumstances under which the files got this way can be discovered??? Without any names or idea of what specifically the files contained???? Knowing that, even if it is something that the client would not want know if attached to the name of client, might be useful in figuring out which of these three or some combo happened. Explicate process, not names or blame or control failure.
Linux does nto use MIME at low file system handling level, it does not take an .exe and force .exe protection native to O\S as XP can do, and does not use a registry to force control. It uses 90% pure perms, plus default perming rule sets.
I can take a Linux mini-load, get full file system handling abilities, morph the file structure, and get things changed that you would not believe locally, froma system boot disk or a boot Install CD for Linux under some circumstances. BUT, this cannot be done remotely, as XP will not share invalids. So, you can spin your wheels a lot trying to run things remotely. The trick, one of them, is to get the LOCAL box run by a non-native O\S with the data image you want to work with, local to the non-native O\S run. If client will not let you get the HD physically present in your lab, then take a Linux box to him, copy the HD to a HD in the Linux box, let him or his rep watch your techs, and work on the image. Once image is good, stick the image into place on original HD. This is expensive to do under some circumstances, which is why data recover can be thousands of dollars per HD mech without guarantee of full recovery.
But, in my case, I strategize things so data I work with is never on same HD as O\S core, so I cannot fubar an O\S and have unrecoverable data simultaneously.
Can you eval and tell us, or one of us (hint), what the odds are that the file and directories were compressed and\or encrypted are??? THAT is the favorite thing for a badly treated employee (from employee's POV) with global access to a system to do just before vanishing or being fired.
Viruses can create this kind of thing also, if coded specifically to do this, so can bots, unfortunately. Most viruses that are local worms, both encrypt and corrupt files, and some also relocate the files.
If base structure can be restored, viruses can be scanned for and virused files at worst erased. At best, they can be reverse-engineered-- but lots of time is needed for that, and someone with multiple-O\S rules applied to one file tree to recover is also needed. Second, easiest way to work with a data tree without fubarring original is to make the drive a mounted drive running under a non-native O\S. Usually this kind of situation is done by remote access or local access, and it is easiest done with local access. Same general rule for recovery.
This is legal if client owns data, and this is the only way it is DMCA legal. Client has proprietary work data copyright implicitly. This is a true white-hat "hack by owner's agent" defensive forensic plus damage undo under these circumstances.
John D.
Its the only other thing i can think of with 30day trial software.
Reformat the entire drive.
But, we needed to reinstall that box anyway. It was set up by some other company, and they set it up pretty badly, and it was time to make the box "ours" and set it up the right way anyway....
Too bad I had to fly to Washington DC to do it
HTH,
dax