Thanks Jacques; On Tue, 2006-23-05 at 14:09 -0300, Jacques B. wrote: > Foremost is an open source Linux tool for data recovery (you can get > it from Sourceforge.net). You can also go grab Knoppix STD > (www.s-t-d.org) and use Autopsy to do data recovery. And Helix > (www.e-fense.com/helix) is another great Linux forensic boot CD based > on Knoppix. > > Proper forensics dictate that you do not work on the original, but > rather on a copy (so make a dd image of the original onto another > drive). For home use that may not be an option or necessary. But you > definitely do not want to recover back to the same partition as you do > not want to overwrite existing data. Mounting your partition > read-only (or not mounting at all and running tools against the > physical device or partition) will protect your data from being > overwritten. > > Whatever you do, don't put it into a regular drive enclosure and then > connect it to a MS Windows box to run tools against it. Windows will > want to put a recycle bin on it, and unless a forensically sound tool > it will try and recover the data back on the same disk. > _______________________________________________ Saved and printed your response. I'll be back at his place this evening and I'll keep you informed. -- Regards Bill