Windows ‘File Recovery’ series
Part 6 Reading/Editing The Windows Registry From Outside of Windows

Most of the time you can use standard registry editing tools on a Windows computer that cannot boot into Windows.

Using chntpw as a Windows registry editor

Windows ‘File Recovery’ series
Part 5 Manually Recover a Deleted File From an NTFS File System

DISCLAIMER: These examples use techniques that I actually employ in the real world to deal with real problems. They might be wrong or dangerous. They might be inefficient. If you try them yourself, it might cause damage or irreparable loss. I take no responsibility for anything you do based on my examples or the information that I provide here.

In this series we’ll look at some real world examples of disastrous situations salvaged and made better again.

For this post we will be looking at Windows NTFS filesystems.

How files are deleted

Deleted files are not removed from the hard drive until the space that they occupy is needed by a new file.

When a file is deleted, the list of disk clusters occupied by the file is erased, marking those sectors available for use by other files created or modified thereafter. If the file wasn’t fragmented and the clusters haven’t been reused, you should have a great chance of getting it back.

Recovery is often done by looking at the raw data on the disk for data in areas that are marked as being available for use, then determine the file type and directory structure, copy them and save them elsewhere.

NTFS and the MFT

Windows ‘File Recovery’ series
Part 4 Recover Files From a Bad Hard Drive

DISCLAIMER: These examples use techniques that I actually employ in the real world to deal with real problems. They might be wrong or dangerous. They might be inefficient. If you try them yourself, it might cause damage or irreparable loss. I take no responsibility for anything you do based on my examples or the information that I provide here.

In this series we’ll look at some real world examples of disastrous situations salvaged and made better again.

We will be looking at Windows (FAT and NTFS) filesystems.

How it usually starts

Often as a hard drive begins to go ‘bad’ you start to get strange errors in programs and your computer occassionally shuts down with a blue screen error. You may also start to notice sounds from the hard drive that you have not heard before. In many cases, the computer will not boot to Windows at all and none of the repair options will seem to work. Disk diagnostics programs either crash, show errors on the disk or don’t run at all.

At this point the user realizes that they need to completely re-install Windows (and hopefully, but not always, understand that they need to replace the hard drive). How do they get their data from a crashing or unbootable drive?

How to Recover the Data

A broken hard drive isn’t just ‘broken’ it is almost always still in the process of ‘breaking’ and everything we do to it is going to make it worse. That means we have to be as efficient as possible in our recovery efforts.

Windows ‘File Recovery’ series
Part 3 Recover A Deleted Partition with Testdisk

DISCLAIMER: These examples use techniques that I actually employ in the real world to deal with real problems. They might be wrong or dangerous. They might be inefficient. If you try them yourself, it might cause damage or irreparable loss. I take no responsibility for anything you do based on my examples or the information that I provide here.

In this series we’ll look at some real world examples of disastrous situations salvaged and made better again.

We will be looking at Windows (FAT and NTFS) filesystems.

How partitions are deleted

From personal experience, there are three ways that I have seen partitions accidentally deleted.

Deleted Partition Recovery with TestDisk

Windows ‘File Recovery’ series
Part 2 Recover Deleted files with Testdisk and PhotoRec

DISCLAIMER: These examples use techniques that I actually employ in the real world to deal with real problems. They might be wrong or dangerous. They might be inefficient. If you try them yourself, it might cause damage or irreparable loss. I take no responsibility for anything you do based on my examples or the information that I provide here.

Data recovery from hard drives has not changed much in decades. However, the effectiveness and ease of use of free tools has increased greatly. Also, the fact that CD’s, DVD’s, flash drives, SD cards and USB keys are made to behave like hard drives makes them candidates for recovery using the same tools. SSD’s provide some new challenges due to techniques they use to extend their life expectancy but for the most part are recoverable in the same manner as platter based drives.

In this series we’ll look at some real world examples of disastrous situations salvaged and made better again.

We will be looking at Windows (FAT and NTFS) filesystems.

How files are deleted

Deleted files are not removed from the hard drive until the space that they occupy is needed by a new file.

When a file is deleted, the list of disk clusters occupied by the file is erased, marking those sectors available for use by other files created or modified thereafter. If the file wasn’t fragmented and the clusters haven’t been reused, you should have a great chance of getting it back.

Recovery is often done by looking at the raw data on the disk for unreferenced data, then determine the file type and directory structure, rebuild them and save them elsewhere.

Simple Recovery with Testdisk and PhotoRec

We’ll do this in Windows XP Professional Service Pack 3

TestDisk is a program that does lots of things that we will talk about later in this series but for this post we are looking at its file undelete capabilities. It also comes with the program PhotoRec which has some advantages for recovering specific file types like pictures or Outlook mailboxes (currently over 200 file types).

When to use TestDisk or PhotoRec for Deleted File Recovery

Windows ‘File Recovery’ series
Part 1 Recover Deleted files with Recuva

DISCLAIMER: These examples use techniques that I actually employ in the real world to deal with real problems. They might be wrong or dangerous. They might be inefficient. If you try them yourself, it might cause damage or irreparable loss. I take no responsibility for anything you do based on my examples or the information that I provide here.

Data recovery from hard drives has not changed much in decades. However, the effectiveness and ease of use of free tools has increased greatly. Also, the fact that CD’s, DVD’s, flash drives, SD cards and USB keys are made to behave like hard drives makes them candidates for recovery using the same tools. SSD’s provide some new challenges due to techniques they use to extend their life expectancy but for the most part are recoverable in the same manner as platter based drives.

In this series we’ll look at some real world examples of disastrous situations salvaged and made better again.

We will be looking at Windows (FAT and NTFS) filesystems.

How files are deleted

Deleted files are not removed from the hard drive until the space that they occupy is needed by a new file.

When a file is deleted, the list of disk clusters occupied by the file is erased, marking those sectors available for use by other files created or modified thereafter. If the file wasn’t fragmented and the clusters haven’t been reused, you should have a great chance of getting it back.

Recovery is often done by looking at the raw data on the disk for unreferenced data, then determine the file type and directory structure, rebuild them and save them elsewhere.

var isPrerendering = false;

function handleVisibilityChange(evt) {
if (!isPrerendering) return;
countView();
isPrerendering = false;
}

function countView(){
document.write('<img src="http://PIWIK WEBHOST/piwik/
   piwik.php?idsite=[ID OF NORMAL SITE]&rec=1" />');
}

/*
* We can count the view right now if the document isn't being prerendered.
* Browsers that don't support the API will return undefined for
* webkitVisibilityState.
*/
if (document.webkitVisibilityState != "prerender") {
countView();
} else {
//We'll need to count the pageview later
isPrerendering = true;
document.write('<img src="http://PIWIK WEBHOST/piwik/
   piwik.php?idsite=[ID OF PRERENDER TRACKING SITE]&rec=1" />');
document.addEventListener("webkitvisibilitychange", 
   handleVisibilityChange, false);
}

I’ve been moving some Flash SWF files over to AIR for Android and while looking into how best to optimize ActionScript code for AIR for Android, I got sidetracked. After reading about the obvious optimizations for memory and CPU resources, I decided to take a look at the AIR .apk file that is installed on my Android phone. I found that the magic was happening in

\lib\armeabi\libCore.so

Ahh, the Adobe AIR runtime kind of runs beside the Dalvik virtual machine rather than completely inside of it.

The libCore.so file is a shared object file using JNI. Java Native Interface(JNI) http://en.wikipedia.org/wiki/JNI code written in C or C++ allows you to access platform specific features and ‘touch the metal’ with your code.

Android provides the Android NDK so you can use native code.
http://developer.android.com/sdk/ndk/index.html

Some words of wisdom from the Android developer page

The NDK will not benefit most applications. As a developer, you need 
to balance its benefits against its drawbacks; notably, using native 
code does not result in an automatic performance increase, but 
always increases application complexity. In general, you should 
only use native code if it is essential to your application, not just 
because you prefer to program in C/C++.

I wanted to try compiling and running some native code on my phone (Android 2.2) so that I have that tool in my toolbox when I need it. I found a great example at Qualcomm.
https://ar.qualcomm.com/qdevnet/sdk

The sample application that comes with the SDK allows you to detect and track image targets in 3D using your phone’s camera and then it puts a floating teapot (http://www.sjbaker.org/wiki/index.php?title=The_History_of_The_Teapot) over your target. The NDK is required to compile the native C++ code which uses OpenGL ES http://en.wikipedia.org/wiki/OpenGL_ES. It has step by step instructions that will show you how to build the native C++ source files with the NDK package of the Android SDK and then use Eclipse to build the Java sources and create the APK package that can be deployed to the phone.

This is very much like the augmented reality on the new Nintendo 3DS
http://www.siliconera.com/2011/03/04/lose-your-nintendo-3ds-ar-cards-just-print-out-new-ones/

If you are having a hard time with the NDK, try the sample that comes with it in \samples\hello-jni along with the tutorial at http://www.pocketmagic.net/?p=1332 for a very basic example that will help you understand the proper procedure.

I have some broken antique clocks around the house so I made image targets out of their faces and now have a teapot floating in front of them. Next time I get a little break in the action, I’ll change that teapot to a semi-transparent digital clock so my clocks will no longer be broken provided, I run the program on my phone and point the camera at the clocks

The NDK combined with current hardware capabilities certainly seem to be enough to make sophisticated and engaging toolkits and engines for game developers and artists.

Anyway, enjoy playing with the code as that is how you learn.

Now that Adobe AIR is available for Android 2.2, it is easy to move your Flash games to Android’s app store and also to add functionality that takes advantage of things like the camera and GPS.

AIR stands for Adobe Integrated Runtime and was originally for

...building rich Internet applications using Adobe Flash, Adobe Flex,
Adobe Dreamweaver (HTML or Ajax), AIR SDK, that can be run as 
desktop applications.

But now seems to be headed toward becoming an easy way to quickly develop powerful applications for smartphones, TV’s, car dashboards, tablets, big computers, tiny computers and everything in between.
http://www.adobe.com/products/air/

Setting up your development environment

1. Get Flash CS5 (you can get a 30 day free trial at http://www.adobe.com/downloads)

2. Install Flash extension for AIR http://labs.adobe.com/technologies/flashpro_extensionforair/

3. Install AIR SDK http://www.adobe.com/products/air/

4. Install Android SDK http://developer.android.com/sdk/index.html

Step by step video instructions

Setting up your development environment with Flash CS5 and AIR for Android
http://www.gotoandlearn.com/play.php?id=123

More instructions for setting up.

Getting started with Adobe AIR for Android
http://www.adobe.com/newsletters/edge/august2010/articles/article1/index.html

Some AIR for Android examples

Build a GPS Speedometer
http://mobile.tutsplus.com/tutorials/android/build-a-gps-speedometer-getting-into-air-for-android/

AIR for Android MazeFM Application
http://www.flashandmath.com/mobile/mazefm/index.html

Air for Android: Geolocation
http://www.unitedmindset.com/jonbcampos/2010/08/30/air-for-android-geolocation/

Simple camera application with Flash CS5 and AIR for Android
http://www.gotoandlearn.com/play.php?id=124

Publishing AIR for Android Applications to the App Store
http://www.gotoandlearn.com/play.php?id=131

The .apk file that is created for AIR for Android has the .swf file in the assets folder and an application.xml file in the assets/META-INF/AIR folder which works with the main AndroidManifest.xml file to set the programs application properties and how it should start (run the swf file).

Now it’s easy to move your Flash apps and games to the mobile market. Enjoy.