MajorGeeks.Com » System Tools » File Managers » RawCopy 1.0.0.7 » Download Now

RawCopy 1.0.0.7

Author: joakim
Date: 08/17/2017
Size: 1.15 MB
License: Freeware
Requires: Win 10 / 8 / 7 / Vista / XP
Downloads: 5160 times

TIP: Click Here to Repair or
Restore Missing Windows Files

Download@MajorGeeks
Download@MajorGeeks

-= advertisement =-

RawCopy is a file copier for NTFS that uses low-level disk reading and resolves data clusters by parsing the $MFT.

It should be able to copy any file off the volume. Even those locked by the system like the registry hives, or the NTFS system files like $MFT and $LogFile etc. It effectively bypasses all filesystem security.

Source file can be given file path and filename. Or it can be reference by the IndexNumber (MFT reference number/inode).

Output directory must exist.

Also there is an option to also extract all attributes, not just $DATA. This is nice if you want to look at non-resident $Bitmap, $EA, $INDEX_ALLOCATION etc, that may also be fragmented, meaning not many tools will let you extract these.

Here are the available commands:

Example copying C:file.ext to E

ut:

RawCopy C:file.ext E

utExample copying C:WINDOWSsystem32configSAM to F:reg with all attributes including $DATA

RawCopy C:WINDOWSsystem32configSAM F:reg -AllAttrExample copying IndexNumber 20112 from C: volume to D:bak only $DATA attribute

RawCopy C:20112 D:bak

Screenshot for RawCopy

Tactical Briefings

Comment Rules & Etiquette - We welcome all comments from our readers, but any comment section requires some moderation. Some posts are auto-moderated to reduce spam, including links and swear words. When you make a post, and it does not appear, it went into moderation. We are emailed when posts are marked as spam and respond ASAP. Some posts might be deleted to reduce clutter. Examples include religion, politics, and comments about listing errors (after we fix the problem and upvote your comment). Finally, be nice. Thank you for choosing MajorGeeks.