But the MBR & PBR are lost (overwritten) in this scenario,
Hence the "or..."
so it can only be done in the way I have indicated.
If using the BIOS equipment list, you still have to "guess the weight
of this cake", i.e. figure ir it's one full-size partition, one
slightly-under-full-size partition (geometry issues, partition
reserved for Compaq or suspecnd-to-disk etc. - tho those could be at
the front of the disk). Or an arbitrary-sized partition on a hard
disk that has multiple volumes on it.
I'd see the equipment list as the starting point. To figure the
volumes that were on this now-physically-limited hard disk, I'd search
for subdiirs and test potential volume geometries to fulfil the
prophecy of the . pointer. This is covered in some detail in my
pages, but generally, expect to see these sort of patterns:
1) One sequence of clusters with constant offset
- get your pre-cluster structures sized right, then OK
2) Two+ sequences of clusters, intertwined
- historical and present partitionings, overlaid
3) The sequence diverges in offset
- wrong cluster size; fix that, then as per (1)
4) The sequence starts again from low values
- you have crossed a boundry between volumes
End of volume, or physical HD?
I always have a tuff time building boot sectors - I suspect there are
relevant data fields that DiskEdit doesn't show, or something. Or
it's just the difficulties I have with basic arithmetic :-(
"RECYCLED" is probably the best search term (what if it is a
non-system partition?), but you should use the others as well.
Yes; "RECYCLED " is a particularly good one
Also "_RESTORE " on a known-to-be-WinME.
Well, in this case you don't need to do it manually.
SCANDISK is fine. Caveat: there are possible cases of FAT
damage where SCANDISK is definitely *not* fine. F6 damage by
FDISK, for example.
I would *not* trust Scandisk with this, except maybe for laffs (having
first backed-up the FATs, or perhaps imaged the whole raw disk).
Well, you look at details of specific cases. In my case I
can normally judge from the BMD reports (you've been to my
site, so maybe you know those are ;-) what is safe to do and
what needs more evaluation.
I dipped, but not enough to know how a BMD report is derived or how
well it assures write-sanity. The golden rule with data recovery is
"don't write through the file system until you know it's sane", and
knowing the file system is sane (or safe) for writes isn't easy.
It's sometimes possible to make a file system safe for writes, even if
it's not sane yet. When I first learned data recovery (on a
proprietary diskette file system for a ZX Spectrum interface), the
file system treated the free space as just another cluster (or in this
case, 1024-byte sector) chain.
Step one in protecting an at-risk diskette was to set the free space
to zero and point the start of the free space chain off the end of the
disk. Safe for writes, in that you can't write to it
Would be glad to. I enjoy our infrequrnt converstaions
.
I'll email you RSN (in "software time", i.e. when time permits!)
--------------- ----- ---- --- -- - - -
Error Messages Are Your Friends
