How do the police manage to extract even deleted data from a PC?

Posted by FunInformatique 4 minutes of reading
font extract data
font extract data

Dernière mise à jour: 26 mai 2023

When it comes to tracking down cybercriminals, our computers hold treasure troves of information. But how do investigators manage to recover even deleted data?

At the heart of this are specialist software such as EnCase, WinHex, Forensic Toolkit (FTK) and many others.

In this article, we'll take a specific look at OSForensics, a powerful tool used by police to recover computer evidence. You will discover how this software allows you to conduct in-depth research into the contents of a machine and extract crucial information.

What can we do with OSForensics?

With OSForensics, you can perform several actions to recover and analyze data from your PC:

  • Recovery of user data : OSForensics allows you to retrieve information such as emails, address book, activities on social networks and the history of visited sites.
  • System data analysis : This software gives you access to hidden files, passwords and their history, file tree, log files and other relevant system data.
  • Deleted Data Recovery : OSForensics is able to recover data that has been erased in the past. Even if the files have been deleted or hidden, the software can find them and make them accessible.
OSForensics-tutorial
OSForensics interface

Indeed, OSForensics is a versatile software that allows you to carry out in-depth investigations on a computer equipped with Windows.

It offers the following features:

  • File search and filtering.
  • Memory exploration.
  • Recovery of logins and passwords.
  • Recover deleted files.
  • Password cracking.
  • Recovery of last accessed files, websites or devices.

    recent-osforensics-activities
    The latest activities of a computer
  • In-depth exploration of emails.

These features make OSForensics an essential tool for conducting in-depth and effective investigations on computers equipped with Windows.

How to use OSForensics?

OSForensics is a real Swiss army knife bringing together several tools easily accessible via a clear and ergonomic interface. Here's how you can use it:

  • Installation and launch : First of all, start by installing OSForensics on your computer. Once installed, launch the program to access its features.
  • Feature explorations: Then allows you to scan your computer, or any other computer you wish to examine, in order to extract the relevant information. You can navigate through the different options and modules offered by the software.
  • Information analysis : Use OSForensics tools to search for specific items such as passwords (for websites or documents), recent activities, deleted files, or files with inappropriate extensions. The intuitive interface will allow you to select the appropriate search parameters.
  • Recovery of deleted files : OSForensics offers deleted file recovery features. You can follow specific steps to recover deleted files using the tools provided.

Here is a demo video showing you how to recover deleted files with OSForensics.

It should be noted that OSForensics is primarily aimed at security experts. Additionally, the software can be installed on a USB stick, allowing you to use it on any computer or on the go.

It's an interesting software to try, but caution is recommended when using it.

To download OSForensics, please click here: Download OSForensics

Those who liked this article also liked these:


  1. My files are deleted, so how do I get them back?
  2. How to find old messages on iPhone?
  3. Top 7 Deleted File Recovery Software
  4. How to Recover Deleted Data after Formatting External Hard Drive in One Click?
  5. Recover unsaved or deleted Word document? 4 solutions for you!
  6. How to protect your privacy on the internet?