What is worse than the "golden" wheels?
The prerequisites for the fact that the “golden” discs are worse than the “aluminum” ones are laid down in the recording technology itself. Standards for compact discs provide that the…

Continue reading →

The Taming of the Shrew CIH
More recently, on April 26, we witnessed the massive destruction of computers (the destruction of CMOS content) and the destruction of information on hard drives. The blow to the pocket…

Continue reading →

After checking all the computers and installing, where necessary, the recommended boards, will the 2000 problem be resolved?
Of course not! Most of the problems will remain. The danger of the 2000 problem is that in recent years, very large databases have accumulated in any organization. In these…

Continue reading →

How to recover information

Since when a file is deleted, it is not physically destroyed from the disk, it can be restored. As well as recovering all files in the case of, for example, accidentally formatting a disk. If the FAT file allocation table is intact, then you can easily find the first cluster that belongs to the file. However, the remaining clusters may lie anywhere on the disk. To restore a file, it is necessary not only to find all the clusters belonging to the file, but also to correctly determine the order of their sequence.

This task is very difficult and almost impossible to algorithmize. Accordingly, there are no reliable tools that automatically recover deleted files. The available tools are designed primarily to recover individual files deleted by mistake. The most widely used is probably the UnErase utility from the Norton Utilities bundle. This utility confidently restores files if fragmentation is missing. If sequentially located clusters are free, then they most likely belong to one remote file. In the absence of fragmentation – it really is. If the file is fragmented, then it is assigned the required number of nearby free clusters. Something like this, the operating system assigns clusters to a file when it is created.

However, this is not always true. Therefore, if there is fragmentation, the automatic file recovery utility may restore the file incorrectly. If many files are deleted, or, as in the case of the Win95.CIH virus, the FAT is completely deleted, then the utilities are useless. The worst thing is that if an attempt was made to restore the file, and this attempt was unsuccessful, then most likely the file cannot already be restored. The recovery utility has made corrections to the FAT and the directory.

There are more powerful professional data recovery utilities. In particular, the TIRAMISU utility suite (http://www.recovery.de). These are several utilities for recovering information on disks with FAT16, FAT32, NOVELL, NTFS. Utilities are commercial. Cost from 95 to 650 USD each. Protection against unauthorized use is carried out using a key diskette. Several such key floppy disks “walk” around Kiev, since the technology of copying key floppy disks is well mastered. These utilities allow you to save recoverable files to another drive. Therefore, it can be used without fear of irretrievably losing information. Nevertheless, if the disk is highly fragmented, then this utility is often not able to recover information (at least, this applies to the case when both copies of FAT are completely destroyed).

In the process of recovering information on disks infected with the Win95.CIH virus, the capabilities of the TIRAMISU utility were tested in the EPOS service center. The utility confidently coped with the task in many cases when disk fragmentation was not very significant. However, with the help of this utility it was not possible to restore a single disk from those that came from the accounting departments of enterprises. Moreover, it was impossible to recover information on such disks with the help of Norton utilities. In the accounting department of any enterprise, intensive work with databases is carried out, most often with the use of programs written in FoxPro. In this case, a lot of temporary files are created in the process. Database files are constantly being updated. Therefore, on accounting machines, file fragmentation occurs in a very short time and develops very quickly.

Viruses are serious, and Win95.CIH is not alone
Currently, there are quite a few viruses that destroy the contents of CMOS. For example, the stealth virus FindMe (stealth virus - “invisible virus”, like the stealth bomber), the destructive…

...

This is the sonorous name of Athlon
Well, AMD is completely out of control. Rolls new processors out of the cornucopia. Most recently, on February 23, AMD announced two new processors: AMD-K6®-III-400 and AMD-K6®-III-450. By the way,…

...

Ways of spreading viruses
How are viruses and, in particular, the Win95.CIH virus spread? It is generally believed that the main path is the Internet. Other viruses cause a lot of controversy about the…

...

The thickness of the magnetic layer of the disk
Removable magnetic media, manufactured by Iomega for Bernoulli drives, were extremely durable and reliable and cost quite a bit. The special 3-inch disks used in Zip are very similar to…

...