Recovering FAT/FAT32 (File Allocation Table) Volumes

A file system is used to index and organize files on the disk. Records in the file system point to exact location(s) on the disk containing information that belongs to a certain file. Different file systems organize files differently. This article discusses the recovery of FAT (File Allocation Table) file systems, which includes the original FAT, FAT16 and FAT32.

Recovering FAT/FAT32 (File Allocation Table) Volumes

Contents

  1. File System Analysis
  2. Locating Files in the File Allocation Table (FAT)
  3. Extended Analysis and Signature Search

File System Analysis

A modern data recovery tool applies several different methods in order to determine the exact location of a deleted (or missing) file. It will attempt to analyze the file system first, if available, as a record in the file allocation table contains the most comprehensive information about the location of the file, its name and attributes. If any part of the file system is still available, the tool will be able to enumerate records in the file system, determine the record belonging to a particular file, and find out about which sectors on the disk belong to the file, and in what order. This may be essential for the correct recovery of a file, as the file may be stored on the disk in the form of several segments (fragments) instead of a single continuous record due to disk fragmentation.

Fragmented files are extremely difficult (and not always possible) to recover without a valid file system reference.

Locating Files in the File Allocation Table (FAT)

In the FAT file system, all files are assigned an individual record. These records contain information about the file, including all data clusters occupied by the file. FAT structures are used to identify subsequent clusters in the files, as well as to determine the current state of the clusters (e.g. they may be available if the file is deleted, still belong to the file, or already taken by a different file).

As you can see, fragmented files will occupy more than one cluster, and will therefore have an interlinked chain of FAT structures recorded in the file system. Locating the very first record and following (enumerating) the links is essential when locating all the records.

File system analysis is all that happens if the recovery tool is operating in its Quick Scan mode. But what if the file system is empty (e.g. after a disk format operation), damaged, or completely missing? In that case, a comprehensive analysis of the entire disk surface must be performed, engaging a signature-search method of locating certain types of files.

Extended Analysis and Signature Search

Signature search allows data recovery tools to successfully identify, locate and recover files that are not indexed in the file system. Signature search can detect files having persistent signatures (e.g. “JFIF” in JPEG files) or containing a limited character sub-set (e.g. text files). Sometimes, files with certain cyclic or recurrent structures can be detected and recovered. By detecting the presence of a file and analyzing its header, a signature-search algorithm can calculate clusters occupied by that file on the disk, and successfully recover the file. More details about signature search will be published in a follow-up article.

Frequently Asked Questions

FAT/FAT32 is a file system used by older versions of Windows operating systems to organize and manage files on a hard drive. It is important to recover volumes using this file system because it is still widely used on external hard drives, USB drives, and memory cards. RS Partition Recovery is a data recovery software that can recover volumes using the FAT/FAT32 file system, allowing users to retrieve lost or deleted files from these types of storage devices.
Some common causes of data loss on FAT/FAT32 volumes include accidental deletion, formatting, virus attacks, file system corruption, power outages, and hardware failures. In such cases, data recovery software like RS Partition Recovery can be used to recover lost or deleted files from the affected volumes.
Yes, data can be recovered from a formatted or corrupted FAT/FAT32 volume using data recovery software such as RS Partition Recovery. This software can scan the volume for lost or deleted files and recover them even if the file system is damaged or the volume has been formatted. It is important to note that the chances of successful data recovery depend on various factors such as the extent of damage to the volume and the amount of data that has been overwritten.
One recommended tool for recovering data from FAT/FAT32 volumes is RS Partition Recovery. It is a comprehensive data recovery software that can recover files from damaged, formatted, or deleted partitions. Other recommended tools include EaseUS Data Recovery Wizard, Disk Drill, and Recuva.
Updated:
5/117
Den Broosen

Written by Den Broosen

Author and site editor for RecoverySoftware. In his articles, he shares his experience of data recovery on a PC and the safe storage of information on hard drives and RAID arrays.
Adam Bean

Approved by Adam Bean

Adam is site editor. He carries more than 12 years of expertise in digital forensics and data recovery. He also continues to research and share the most recent developments in the fields of data recovery and secure storage.
Leave a comment

Related Posts

Data Recovery from Linux KVM Virtual Machines
Data Recovery from Linux KVM Virtual Machines
How to recover data from Linux KVM virtual machines? If some important data is stored inside the machine, but it is beyond repair, how can you access the contents of its virtual hard disk? What should you do if the … Continue reading
Linux File System – ZFS
Linux File System – ZFS
The Linux operating system is quite flexible. It can be used on desktops as well as on servers. The main thing is to choose the correct file system for your needs. In this article, we will look in detail at … Continue reading
Windows File Systems: What You Need to Know (and Why)
Windows File Systems: What You Need to Know (and Why)
Did you know Windows Phone uses NTFS? Why most memory cards and nearly all USB pen drive are still using the ancient FAT? How come you can store full-length HD movies on some flash drives but not the others? Why … Continue reading
What is LVM and how to work with?
What is LVM and how to work with?
Trying to increase the data safety level, the developers implement the new technologies into their operating systems. In this article we will look at the LVM and answer the questions what is it, and its main advantages.
Online Chat with Recovery Software