top of page
Search

How much data does de-NISTing remove from the C drive?

  • Nov 9, 2020

How much data can you expect de-NISTing to remove from the C drive of a Windows PC? Special Counsel provides e-discovery solutions to firms and helps them recruit attorneys. In 2018, they conducted a test of a PC running Windows 7 and found 38,489 files on the NIST list which totalled 6.9 GB. See the results posted here. Of this total, 6.725 files were Windows 7 system files.


A search of a Windows XP PC, found 25,744 files on the NIST list which came to 4 GB. Of these 4,049 were Windows XP files. This drive had recently been ghosted, with a new operating system installed and user files removed.


Special Counsel's review also targeted pagefile.sys system files which can be several gigabytes. As discussed in the Tip of the Night for May 16, 2016, this file stores memory for applications which have not been used recently.


Note that in Windows 10 you can review a breakdown of the types of files on the C drive in settings under System . . . Storage. It indicates how much data is taken up by Windows operating system files:


ree

The official Reference Data Set (RDS) of the National Institute of Standards and Technology lists digital signatures for 28 million files, but does not include all system files.


When having hard drives processed, if you are being charged per GB for deNISTing, you should be sure to have the reviewer first sort through large files of 5 GBs or more in order to search for video or other files which are clearly irrelevant so your client is not billed unnecessarily.

 
 

Device Manager Secrets

  • Oct 24, 2020

Many of us will have had occasion to go into Device Manager to troubleshoot connections to external hard drives, or update drivers for printers. Note that not everything connected to your PC may show up under the default settings in Device Manager.


Under View, you can select 'Show hidden devices' . . .


ree


. . . to reveal everything that is connected to your computer. In this example, you can see that this setting shows imaging devices which are not shown under the default settings.



ree

 
 

Stop Internet Explorer From Running Javascript

  • Oct 19, 2020

A potential security flaw in Windows is the ability of Internet Explorer to run Java scripts. A .dll file located in the system folder on the C drive enables IE to run Java:


ree

. . . you can disable the ability of IE to run Java scripts in the Registry Editor under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3


ree

Change the value for 140D at this location to 3. This will cause the execution of the scripts to be disabled by default.




 
 

Sean O'Shea has more than 20 years of experience in the litigation support field with major law firms in New York and San Francisco.   He is an ACEDS Certified eDiscovery Specialist and a Relativity Certified Administrator.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer.

If you have a question or comment about this blog, please make a submission using the form to the right. 

Your details were sent successfully!

© 2015 by Sean O'Shea . Proudly created with Wix.com

bottom of page