Because a case is analyzed by examiners.
This time, we use single capture function to distribute images.
and then..
A person has images in 1 disk.
B person has images in 2 disk.
But those disks have same disk signature.
So if 1 disk is attached, 2 disk is not attached.
OK!
Let's see the condition through diskmgmt.msc.
2 disk is OFFLINE.
- MBRWiz.exe
This time examiner can use a tool like MBRWiz.exe. CLI is free.
- Identify Disks
Command : MBRWiz.exe /list
- Change Disk Signature of 2 disk
Command : MBRWiz.exe /disk=2 /signature=generate
- Disk Signature in Boot Sector
You can see the disk signature changed (offset 440 / DWORD)
- Disk State
We can see the 1,2 disk mounted.
How abut MBRWIz.exe? The Result is perfect!!!!!!!
Now we can mount All of disks. ;-)
No comments:
Post a Comment