Data Recovery Blog

Before discussing what a boot sector virus does, let’s first take a look at what a boot sector is. A floppy disk or hard drive is comprised of many segments and clusters of segments, which (in the case of a hard drive) may be separate by partitions. There has to be a way to find all the data spread across these segments, hence the boot sector operates as a virtual rendition of a library’s Dewey Decimal system. Each disk also has a Master Boot Record or (MBR) that locates and runs the first of any necessary operating system files needed to facilitate operation of the disk. When a disk is read, it first seeks the MBR, which then passes control to the boot sector, which in turn provides pertinent information regarding what is located on the disk and where it is located. The boot sector also maintains the information that identifies the type and version of the operating system the disk was formatted with.

This is a highly simplistic overview of the boot sector function, but it serves our purpose well as it underscores the critical nature of the MBR and boot sector.

Obviously, a boot sector or MBR virus that invades this space on the disk puts the entire operation of that disk at risk.

A boot sector virus is spread via infected floppy disks. This typically occurs when users inadvertently leave a floppy disk in drive A. When the system is next started, the PC will attempt to boot from the floppy. If the disk is infected with a boot sector virus, that virus will infect the boot sector of the user’s local drive (C). Unless the floppy disk happens to be a bootable system disk, the user will simply see a standard warning that the drive contains a “non-system disk or disk error” and the user will be prompted to “replace the disk and press any key when ready”.

This is a standard error message and is not in and of itself indicative of a boot sector infection. All it means is that a non-bootable disk is contained in the drive the computer is first trying to boot from.

Most users will realize a floppy has been left in the drive, remove it, and reboot the system, unaware they may have just infected their system with a boot sector virus. Of course, if the disk was bootable, they would not receive the error noted above, but will simply be booted to a DOS screen.

Care should be taken to ensure that any bootable floppies have been checked for the presence of boot sector viruses and these disks should be write-protected to ensure no future infection takes place.

Even non-bootable disks can spread a boot sector infection when they are accessed. Further, a boot sector infected hard drive will also infect any floppies used in the system. Where applicable, use write-protected floppies to protect against this.

To write-protect a floppy disk, hold it so that the metal plate is facing downwards. Along the top edge there may be an “open” square. Look closely and you will find a small cover that can be pushed back and forth over the open square. If the cover is closed, i.e. the square is covered, the disk can be written to. If the cover is open, i.e. the square is not covered, the disk cannot be written to and is considered write-protected.

Of course, you would not want to write-protect floppies you use to copy files to, as you would receive a write protection error the next time you attempted the copy.

Most of today’s PCs no longer seek out the floppy drive during bootup, instead using the CD-ROM drive as the first boot device. This can be configured via the system CMOS screen to change the boot sequence to check the hard drive first, the CD-ROM drive second, and the floppy drive third, if at all.

Changing settings in CMOS incorrectly can result in system failure and should not be attempted by inexperienced users. Instructions for accessing the CMOS configuration screen for your PC can generally be found in the motherboard manual.

The first boot sector virus was discovered in 1986. Dubbed Brain, the virus originated in Pakistan and operated in full-stealth mode, infecting 360Kb floppies.

Perhaps the most infamous of this class of viruses was the Michelangelo virus discovered in March 1991. Michelangelo was a MBR and boot sector infector with a March 6th payload overwriting critical drive sectors. Michelangelo was the first virus to attract a large amount of media focus.

Data Storage

Data Storage Solutions: USB vs. FireWire

DATARECOVERYUNION.COM16 years ago4 years ago04 mins

What is USB 2.0?
USB 2.0 is the industry standard peripheral connection type for most x86 computers (Windows based). This specification is rated with maximum transfer rate of 480Mb/s (60MB/s). Sustained transfer rate of USB 2.0 depends on many factors including type of device in use, data being transferred, and speed of the computer system. A normal sustained data transfer rate for USB 2.0 ranges from 10-30 MB/s. Only burst data transfers can reach the 480Mb/s rate.

What are the benefits of USB 2.0?

USB 2.0 (and earlier 1.1 version ) is “hot swappable,” eliminating the need to reboot or restart your computer when attaching a device.
There’s no need for terminators, memory addresses or ID numbers with USB devices.
Various sorts of devices can plug into a USB port: external hard drives, digital cameras, printers, Zip drives, SuperDisk drives, floppy drives, mice, keyboards, etc.

What is FireWire?
FireWire is a high-performance connection standard for personal computers and consumer electronics. Originally developed for Apple computers, this connection has been implemented by x86 computers for some time now. FireWire can move large amounts of data between computers and peripheral devices at transfer rates of up to 400 Mb/s (50 MB/s). A new FireWire specification, FireWire 800 (or FireWire B) has entered the computer market with transfer rates of up to 800 Mb/s (100MB/s).

What are the benefits of FireWire?

FireWire is “hot swappable,” eliminating the need to reboot or restart your computer when attaching a device.
There is no need for terminators, memory addresses of ID numbers with FireWire devices.
The FireWire market is growing at a tremendous rate and device types previously supported only by USB are now supported by FireWire. Most devices include Imaging and external storage devices.
Though USB 2.0 is rated at a higher throughput speed (480Mb/s related to FireWire’s 400Mb/s), FireWire delivers faster performance for sustained transfer rates on external hard drives. This is because FireWire has lower overhead (less instructions that the CPU has to interpret related to USB 2.0).

Which connection type is better? USB 2.0 or FireWire?

If you plan on transferring large amounts of data often, then FireWire would be the best connection type for you. Most Audio/Video programs recommend FireWire over USB 2.0 devices.
If you want the versatility of connecting the hard drive to many different computer systems quickly and easily, and transfer rates are not that important, then USB 2.0 would be the preferred connection type.

Hard Disk Repair

Quick Format vs. Full Format

DATARECOVERYUNION.COM16 years ago12 years ago02 mins

Quick Format vs. Full Format during Windows installation or in Windows Disk management

When you choose to run a Full Format on a volume (or partition), files are removed from the volume that you are formatting and the hard disk is scanned for bad sectors. The scan for bad sectors is responsible for the majority of the time that it takes to format a volume.

When you choose to run a Quick Format on a volume (or partition), format removes files from the partition, but does not scan the disk for bad sectors. Only use this option if your hard disk has been previously formatted and you are sure that your hard disk is not damaged.

If you installed Windows on a partition that was formatted by using the Quick format option, you can also check your disk by using the chkdsk /r command after the installation of Windows is completed.

Hard Disk Repair

Two Useful Tools For Online/Remote Troubleshooting

DATARECOVERYUNION.COM16 years ago4 years ago18 mins

Sometimes our customers need a online data recovery or remote PC troubleshooting. Here are two useful tools may help you, with a few simple steps, you’ll learn how to troubleshoot someone else’s computer remotely.

TeamViewer

Step 1. Visit the TeamViewer home page to begin troubleshooting. Once the page has opened, click the “Start Full Version-It’s Free” button to start the download. Click the “Save File” button located in the pop-up window. Open the TeamViewer application by double clicking the downloaded file. You’ll have two options to choose from when setting up the TeamViewer application. The first option will fully install the program on your computer system. If you’d rather not do this, select the second option that will allow you to use the TeamViewer program without installing it.

Step 2. Click “Next” to move forward. You’ll also be prompted to enter information about how TeamViewer will be used. If you’ve decided to install the application, choose between a normal installation or for it to start with Windows. With the non-installation of TeamViewer, just click “Run.” You’ll still be able to troubleshoot a computer remotely. Start your troubleshooting session by opening the TeamViewer application. Pick one of two options to connect to someone. The first requires you to advise the other person of your TeamViewer ID and password. The other allows you to initiate a troubleshooting session by entering their assigned ID and selecting a command. A few commands to choose from include “Remote Support,” “Presentation,” “File Transfer” and “VPN.”

Step 3. Advise the other computer user to navigate to the TeamViewer homepage and click on the “Join Session” button. A pop-up window will appear for them to save the file to their computer system. After this has been done, the TeamViewer application will automatically open with their personal ID and password for the session. This information will be needed for both of your computers to communicate with each other. Ask the other person for their TeamViewer ID and password.

Step 4. Enter the information into the “Create Session” section of the TeamViewer window. Choose “Remote Support” to start controlling and troubleshooting their computer. Click “Connect to Partner” to begin. When prompted, enter the session password and click “LogOn.” Within a few seconds, a pop-up window will appear and allow you to control all computer functions. Inform the other person to sit back and let you perform the necessary troubleshooting steps to fix their computer system.

Step 5. Press the “Extras” link and choose from available options. Keep track of the entire troubleshooting session by clicking “Record.” If you’d like to communicate with the other person, select “Chat” to begin talking. Choose “Actions” to perform a remote rebooting of the computer system or even to switch sides with the other person. Add necessary computer files from your computer to the other computer by picking “File Transfer.” A window will appear that represents your computer and theirs. Click the “X” when you’ve completely finished. The session will immediately end.

SkyFex

Step 1. Navigate to the SkyFex homepage to sign up for a new account. Click “Registration” located at the top of the page. Enter details such as an email address, name, contact information and answer a few other questions. After registering for your account, you’ll receive an email confirming your registration. Click the activation link included in the email to gain full access to your SkyFex account.

Step 2. Log into your SkyFex account from the home page by entering your registered email address and password. Click the purple “Provide Assistance” button when finished. You’ll be instantly prompted to install the “SkyFex Remote Assistant Expert” add-on for your Internet Explorer browser.

Step 3. Advise the person you’re helping to visit skyfex.com to get a specific “Client ID” for the troubleshooting session (see link in Resources). You’ll need this in order to troubleshoot the problems with their computer system. After you’ve received the “Client ID,” enter it in the appropriate location at the top of your SkyFex window and click “Connect Client” next to it. You’ll be able to instantly see the other person’s computer desktop.

Step 4. Request control over the other person’s computer by clicking “Remote Control.” A request will be sent to them, and they’ll need to accept it. The free version of SkyFex has a limit of time to provide assistance. If you’d like unlimited time sessions, purchase the pro version. Choose “Start Chat” at the top of the page, if you’d like to have an open line of communication. Exchange files from your computer system to theirs by clicking “Send File.” An automatic prompt will be sent to the other person for them to click “Yes.”

Step 5. Make the necessary changes to the other computer system by launching applications, removing them or changing settings. When you’ve finished troubleshooting, click “Disconnect Client” and then “End Session.” Enter your personal feedback about the session in the available space and submit it to SkyFex.

Hard Disk Repair

How To Tell If The Noisy Hard Drive Is Normal?

DATARECOVERYUNION.COM16 years ago4 years ago13 mins

Current hard drive technology dictates that some noise will occur during drive operation. The type of noise and the volume of the noise can change depending on the current function that the drive is involved in. It is important to recognize which noises indicate trouble and which are simply normal drive sounds.

Normal drive sounds include:

Whining noise during drive spin-up
Occasional clicks during data access
Hard clicks during a head park operation (shutdown or sleep mode)

Abnormal drive sounds include:

High-pitched whining sound
Vibration sounds due to either vibration in the mounting hardware or in rare cases, a drive failure
Clicking or clunking sounds that occur repeatedly
Grinding sounds

Solutions:

Step1: Make sure it is not a case fan or another device
Turn off the system. Remove both the power and data cables from the drive. Turn on the system to see if the noise continues. If the noise is still present, the drive is not the cause. Search for another device such as a case fan, which is causing the noise. If the noise is no longer present, continue with Step 2.

Step 2: Determine if the problem is the hard drive or its data cable
Turn off the system. Connect only the power cable to the drive, and turn on the system. If the noise occurs, the problem is with the drive. At this point, continue with Step 3. If the there is no noise, the drive is not at fault. Turn off the system and connect your data cable. Turn on the system. If the noise occurs now, your data cable is faulty and should be replaced.

Step 3: Try the hard drive in a new location
Turn off the system. Install the drive into a different drive bay or place it securely on an anti-static surface if available. Attach only the power cable. Turn on the system. If the noise is still present, the drive has failed and should be replaced.

Hard Disk Repair

WD Hard Drive Interface Guide For Compatible Cable Connections Part I

DATARECOVERYUNION.COM16 years ago4 years ago03 mins

Which internal drive is the right choice: SATA or EIDE?

First, look at the connections on your computer.

SATA

Serial ATA (SATA) hard drives are quickly becoming the new standard in hard drive technology. Motherboard manufacturers now include SATA inputs on their boards. Because of their considerably narrower cables, SATA hard drives provide increased airflow and less clutter and in the computer system compared to EIDE drives. Some older computer system motherboards don’t have SATA ports, but a PCI SATA controller card can be installed to add support for SATA drives. If you don’t know whether your computer has SATA ports on the motherboard, refer to your computer or motherboard documentation or contact the motherboard manufacturer.

EIDE

Enhanced integrated drive electronics (EIDE), also called Parallel ATA (PATA), hard drives have been the standard in the computer industry for more than 10 years. Some newer computer system motherboards don’t have EIDE ports, but a PCI EIDE controller card can be installed to add support for EIDE drives. If you don’t know whether your computer has EIDE ports on the motherboard, refer to your computer or motherboard documentation or contact the motherboard manufacturer.

Feature	WD SATA Hard Drives	WD EIDE Hard Drives
Maximum data transfer rate	150 MB/s or 300 MB/s	100 MB/s
Devices per cable	One	Two
Jumper block	8-pin (no Master/Slave settings)	10-pin (single, Master, Slave, and cable select (CSEL) settings)

Which internal drive is compatible with my operating system: SATA or EIDE?

Your operating system, as well as your hardware, must support the hard drive you choose:

Operating System	WD SATA Hard Drive Compatibility	WD EIDE Hard Drive Compatibility
Windows® Vista™	Yes	Yes
Windows® 2000 or XP	Yes	Yes
Windows 98SE or ME	No	Yes
Mac® OS X	Yes	Yes
Mac OS 9.x	No	Yes

Note: Compatibility may vary depending on user’s hardware configuration and operating system.

Hard Disk Repair

WD Hard Drive Interface Guide For Compatible Cable Connections Part II

DATARECOVERYUNION.COM16 years ago4 years ago07 mins

Which external drive interface is the right choice: USB, FireWire, eSATA, or Gigabit Ethernet?

Each interface has its strengths, which are explained in detail below. The right choice depends on compatibility with your computer and how you want to use your device. First, look at the connections on your computer.

USB

USB 2.0 is the industry standard peripheral connection for most Windows-based computers. This connection transfers data at a maximum rate of 480 Mb/s. Sustained data transfer rates, usually from 10 to 30 MB/s, vary depending on many factors including the type of device, data being transferred, and computer system speed. If your USB port is an earlier version, USB 1.0 or 1.1, you can use a USB 2.0 hard drive, but transfer rates default to the slowest version. If you don’t know the version of your computer’s USB ports, refer to your computer documentation or contact the manufacturer.

FireWire

FireWire, also called IEEE 1394, is a high-performance connection standard for personal computers and consumer electronics. This interface uses a peer-to-peer architecture in which peripherals negotiate bus conflicts to determine which device can best control a data transfer. FireWire has two configurations:

FireWire 400, also called IEEE 1394a, transfers large amounts of data between computers and peripheral devices at rates up to 400 Mb/s. With higher bandwidth, longer distances, and a higher-powered bus, this interface is suitable for hard drives, digital video, professional audio, high-end digital still cameras, and home entertainment devices.
FireWire 800, also called IEEE 1394b, provides the highspeed connection and bandwidth required for multiple-stream, uncompressed digital video and noise-free, high-resolution digital audio. It offers maximum flexibility with long-distance cabling and configuration options not available with USB.

eSATA

SATA is very effective for external storage applications, and the external SATA (eSATA) cable and connector application provides a physically secure and fast connection for external hard drives. With up to 3 Gb/s data transfers, this interface is suitable for hard drives, home networking, digital video, and home entertainment devices such as set-top boxes and personal video recorders. eSATA and internal SATA cables and connectors cannot be used interchangeably. This is an important feature since eSATA cables and connectors are designed for 5000 insertion and removal cycles while internal SATA cables and connectors are designed for only 50 insertion and removal cycles. To achieve eSATA connectivity with an external SATA drive, a SATA PCI card must be installed on the host computer.

Note: SATA cables with an L-shaped connector are incompatible with WD eSATA devices.

Gigabit Ethernet

Ethernet is a standard method of connecting computers to a local area network (LAN) using coaxial cable. As an external hard drive interface, it is most often used for network attached storage (NAS) applications in which files can be shared across a network.

Gigabit Ethernet, with its data transfer rate of 1000 Mb/s, is the latest and fastest Ethernet standard that evolved from the earlier Fast Ethernet (100 Mb/s) and Ethernet (10 Mb/s) standards. Benefits of Gigabit Ethernet include increased bandwidth, quality of service (QoS) features that promote smooth transmission of audio and video, and compatibility with existing Ethernet and Fast Ethernet networks.

USB 2.0	FireWire 400	FireWire 800	eSATA	Gigabit Ethernet
Hot-swappable (attach a device without rebooting the system)	Hot-swappable (attach a device without rebooting the system)	Hot-swappable (attach a device without rebooting the system)	Hot-swappable (attach a device without rebooting the system)	Can attach a device to a system’s network adapter, router, switch, or hub port
480 Mb/s maximum burst transfer rate	400 Mb/s maximum sustained transter rate	800 Mb/s maximum sustained transfer rate; twice as fast as FireWire 400	Up to 3000 Mb/s maximum sustained transfer rate	1000 Mb/s maximum sustained transfer rate; ten times as fast as Fast Ethernet
Best for connecting to different systems quickly and easily	Best for transferring large amounts of data frequently or for audio/video programs	Best for multiple-stream digital video and high-resolution digital audio	Best for transferring large amounts of data frequently or for audio/ video programs	Best for sharing large amounts of data and/or large audio/video files across a network
More popular for PCs	More popular for Macintosh® computers	More popular for Macintosh computers	More popular for PCs	More popular for PCs

Note: For convenience and flexibility, choose a WD hard drive with both USB and FireWire interfaces
(available in dual and triple interface configurations) or with both USB and eSATA interfaces.

Hard Disk Repair

The Benefits Between 32MB, 16MB, 8MB, or 2MB Cache Drives

DATARECOVERYUNION.COM16 years ago4 years ago01 mins

Cache memory is the data buffer or cache between the hard drive and the actual platters in the drive where data is temporarily stored. Access to data in the memory cache is much faster than accessing data on the platters in the hard drive. The larger the memory cache, the more data can be stored which can be accessed faster. A drive with 16 MB of cache will perform faster than a drive with 8 MB or 2 MB of cache because more data can be stored in the cache on the 16 MB cache drive.

For more information see this article on Wikipedia, Hard Disk Buffer.

Hard Disk Repair

The Benefit Of Creating Multiple Partitions In Windows

DATARECOVERYUNION.COM16 years ago12 years ago01 mins

With current drive technology, you are unlikely to notice any increase in performance by creating multiple partitions on the drive. One real benefit of doing this is that it decreases the amount of time that ScanDisk and Defrag take to complete. Also, if you store data on a secondary partition and for some reason need to reformat the system partition, you can do so leaving your data files on the secondary partition intact.

Data Recovery

Top 10 Data Recovery Softwares (6): Stellar Phoenix Windows Data Recovery

DATARECOVERYUNION.COM16 years ago4 years ago03 mins

– Recover lost partition, data, photos, music, and documents from Windows-formatted storage.

Price: Free to try (Recovery-disabled); $99.00 to buy
Operating system: Windows 2000/NT/XP/2003/Vista/Windows 7

Stellar Phoenix Windows Data Recovery is a complete data recovery solution that helps you to search, locate and recover your lost, missing, inaccessible or deleted data. This Non destructive and read-only utility helps you to recover your data lost due to accidental format, virus problems, software malfunction, file/directory deletion, unexpected shutdown, or even sabotage.

Stellar Phoenix Windows Data Recovery recovers data from Compact Disk (CD) and Digital Versatile Disk (DVD). The software also supports recovery of Photo from all major digital camera. Create image features of the software helps you to recover your data when your hard drive contains bad sectors. It takes the sector by sector image of the specified area of the logical drive.

Customer Reviews:

1. I had a most pleasant and satisfactory experience with your dta recoery software. It was efficient, easy to use and saved me a great deal of stress in recovery the information before me. I unhesitatingly recommend it to users.

2. I have no hesitation in recommending Stellar Phoenix for data recovery. I had a windows partition with a highly corrupted directory. Multiple programs that I tried could not reconstruct any of the original structure.
Stellar Phoenix was able to read the partition and recover over 80% of the original file structure as well as filenames. The final result was that I was able to save all the critical data that we thought was lost!

Useful Links:

Web site: http://www.stellarinfo.com
Free download Stellar Phoenix Windows Data Recovery Now!
Buy Stellar Phoenix Windows Data RecoveryOnline!Publisher Profile:
Stellar is an ISO 9001:2000 certfied company specialising in data recovery software and data recovery solutions. Stellar has over 12 years experience in this field and have over 100,000 registered users across 125 countries. Stellar offer the WIDEST range of data recovery tools on all popular platforms.