In Windows Vista, the recycle Bin directory is named $Recycle.Bin and in this inside their SID directory the deleted files and their metadata is stored. There are two files in the windows Recycle Bin $I and $R.

$R file is the original file that is deleted and $I contains the metadata of the file. The filename in the recycle bin is such that $R then some random letters and the metadata of this file will start with $I as discussed and have the same random letters.

The $I file contains the original filename, path, file size, and when the file was deleted.

Image Credit DF-Stream

python3 main.py -f <$I file>