ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web

Forensic Stance for ScanPST.exe Strategy and Functionality

Updated on July 30, 2015

A digital forensics examiner interrogates several desktop emailing clients while investigation. MS Outlook which is the most commonly used email client for personal as well as corporate usage, is one of the email clients which is investigated frequently. For MS Outlook email applications, reconstruction of PST files is a prime step taken. This reconstruction of PST file is done under many situations where Outlook emails are not accessible or has some part malfunctioned due to which the Outlook messages are not viewable. Inbox repair tool well known as Scanpst.exe which comes with MS Office has functionality to repair Outlook storage file i.e. PST file.

ScanPST.exe – Location Details

ScanPST.exe utility is a file which comes along with the Microsoft office suite for the repairing of MS Outlook storage file. This application helps to rebuild the messages and folders of PST file. This comes as executable file which is generally hidden from the system; investigators can find this application from below mentioned locations;

Steps Involved for Repairing PST File using Scanpst.exe

  • Double-click on ScanPST.exe following the location mentioned in the table above.

  • Click on Browse option and provide the location of Outlook PST file which has to be analyzed. Once the file is added, click on Start.

  • Once the file is added, checking of the file consistency is started. This will check the whole file if any inconsistency occurs through the file, errors are reported.

  • If errors are found, it is reported and suggested to repair the file. An option is provided to save a backup file of the scanned PST file. Check the option of “Make backup of scanned file”, click on Browse and provide a name for this backup.

Outcome: The result of this ScanPST.exe is a rebuilt PST file saved on the same location along with .bak file as a backup of the PST file.

Plights Associated with ScanPST.exe!

The performance of ScanPST.exe however is restricted towards minor corruption levels and it works on only low-level objects. To be honest, ScanPST.exe’s checking is restricted towards tables and folder alignment which makes sure whether all the rows in table or message in the folder is available or not. PST which acts as database with BTrees and reference counts can have several other issues which can affect the functionality of emails at front end. If the issue is with low level objects, ScanPST.exe works perfectly fine but if the problem is with upper-level objects, it will not be able to repair the blocks in PST file.

Another predicament in front of investigators is that ScanPST.exe utility has this tendency of removing complete table or block if any data is not readable or corrupted. So there are chances that any email item which was import evident is completely removed due to processing Scanpst.exe on the file. It is always suggested to make a copy of PST file and only then run this Inbox Repair utility. Scanpst.exe utility processes the PST file data and rebuilds it into PST file which can be accessed using MS Outlook application for further analysis but works only with primary corruption in PST file.

Comments

Submit a Comment

No comments yet.

working

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: "https://hubpages.com/privacy-policy#gdpr"

Show Details
Necessary
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
Features
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Marketing
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Statistics
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)