Recovering and Deleting Files WinUndelete Lab

Hey, Leo Dregier here, welcome back. Let’s go ahead, delete some stuff, and then make deleted stuff reappear. First what I’m going to do is open up my handy dandy USB drive here, and let’s go ahead and create some new documents, some text documents, I don’t know a bitmap image there, oh and then I don’t know, a new journal document. Okay, so everybody can agree at this point that files have been created. Um, now some of them don’t have any size in them, so just to be thorough we’re going to put whatever we want in there, save the file, close out of it, uh, just do a refresh here just to prove that there’s some size, not a lot, but that’s okay. Now let’s go ahead and delete that and make that go bye-bye, all right, so there you go. Now we’re going to run a program called Undelete. Actually, that’s not the program. Let’s go Programs, WinUndelete, Undelete. Are you sure you want to run it? Yes, I do. Recover from what disk? Well, the files that I deleted were actually on the F Drive. Uh, however I could do it from an image file too, specifically a WinUndelete image file, or a WUI file. Then you can go to step, uh, no, I guess it’s click Next. That will get you to step two. Enable file to recover, we’re just going to leave it as All Files, but you can actually select specific file types if you know what you’re looking for, uh, for example, documents. Ignore temporary internet files, and ignore files with zero length. Well, just to be thorough here because we do have files with zero length, let’s just go ahead and uncheck that. Go ahead and select Next. Enter the destination folder which it wants to recover your files to. We’re going to do the desktop, and it’s going to do, do you use anything other than the drive that you’re on, and then go ahead and Finish. Scan completed, five files found. So not only did it find the files that I did during this lab, but it also found, again, the files that I did in the previous lab just to run through and test this out. And then so there you are. You have Bulk Select, so if you want to move these somewhere else, somewhere, you can do a Select All, Select None, or Inverse Select, okay, so you have some sorting options, some evaluation files, and then you can go ahead and recover those files. However, WinUndelete Evaluation Version Limitation you can only undelete them. So the good news about this tool is that one, if you find them, well then you can pay for the tool if you want to actually get your files back. Some people will call that ransomware, other people would call that, you know, hey, it’s the cost of doing business. Hey, I just found your files, how about giving me, giving me a few bucks, all right. So nonetheless, files were there, we made them go bye-bye, and then we recovered them and got them back. Thank you for watching, my name’s Leo Dregier.