System Volume Information – An Overview
System Volume Information consists of a ‘hidden’ Windows system directory that contains a backup within shadow copy files of the user and system stored files.
The Microsoft Windows operating system automatically stores a backup of files present on the hard drive and places these files within a ‘hidden’ and compressed system folder named the System Volume Information directory. This backup process can also be manually carried out by the user.
If there is a system or software failure or corruption then the content of the System Volume Information directory can be restored to allow the computer to return to a previous correctly working point.
A normal user is unlikely to be aware of the presence of the System Volume Information directory or the files within it as the folder is ‘hidden’ by default and individual files present cannot be accessed in the normal way.
When the computer is restored using the content of the System Volume Information directory, any current files are replaced with the backup files.
About Athena Forensics
For information on our digital forensic services or if you require any advice or assistance please contact a member of our team on 0845 882 7386 or via email on firstname.lastname@example.org, further details are available on our contact us page.
Our client’s confidentiality is of the utmost importance. All correspondence is treated with discretion, from initial contact to the conclusion of any computer forensics investigation.
Our digital forensics experts are fully aware of the significance and importance of the information that they encounter and we have been accredited to ISO 9001 for 10 years.
Our forensic experts are all security cleared and we offer non-disclosure agreements if required. Our premises along with our security procedures have been inspected and approved by law enforcement agencies.
Athena Forensics do not disclose personal information to other companies or suppliers.