jaclaz

It's not like "gambling". You connect to the "right" pins. Last character in the above sentence is a full stop or period. You can try making a loopback test (do READ the Read-me-first: http://www.msfn.org/board/topic/143880-seagate-barracuda-720011-read-me-first/ ) to verify that the TTL adapter is working. You can try with the PCB fully detached from disk. if it doesn't work, it is likely that your disk is suffering form ANOTHER problem (NOT BSY, NOT LBA0) or that the board is "dead" . jaclaz

It's not "news", it's more than two years old: http://www.istartedsomething.com/20120121/cicada-3301-cryptographic-puzzle-game-played-out-on-4chan-reddit-best-job-hire-in-disguise/ http://mentalfloss.com/article/31932/chasing-cicada-exploring-darkest-corridors-internet http://uncovering-cicada.wikia.com/wiki/What_Happened_Part_1_(2013) but I don't think it has been mentioned on MSFN.ORG. jaclaz

Yep , possibly, but Windows 9 will come in a nice set of 25 Blue Rays and will need 8 Tb just for the minimum install of the OS. If you go for the downloadable version it will be like (very rough estimation): 24 hours on fibre24 days on DSL24 years on dial up jaclaz

Yes, there is a "max size" of the attachments. You can upload the screenshots to a free hosting service, like -as an example - zshare: http://www2.zshares.net/ If you compare the screenshot you posted: http://www.msfn.org/board/uploads/post-384634-0-60686200-1385318959.jpg with this snippet of the DMDE Help: and based on your previous screenshot here: http://www.msfn.org/board/uploads/post-384634-0-91885300-1385309565.jpg you will see how everything confirms that the "good" voume is the one starting on 16373760, it is possible that you (or DMDE) are doing *something* that currently prevents the correct parsing of that volume data. Maybe you should try closing and restarting DMDE, then do a new scan, starting from fresh. When you get to this screenshot: http://www.msfn.org/board/uploads/post-384634-0-91885300-1385309565.jpg if you select the "NTFS0" it should open the "right" data. It is possible that something has been modified by your previous attempts with partition wizard or by the built-in Windows tools, but I doubt it, in any case there is "enough" to attempt a filesystem based recovery. (i.e. it is worth the time to make a dd-like copy of the disk as is) In DMDE re-open the Physical disk, then go to "Tools"-> Copy Sectors, click on Partition button, on the dialog that opens click on the PhysicalDisk listing and click OK (this will auto-compile the fields Start Sector and End Sector in the "Source" part of the dialog), choose in the "Target" part a file. Be VERY careful to choose a drive with enough space! The resulting file will be a 1:1 copy of the disk, so it will be 2 Tb in size! Consider that it will take several hours to make the copy and if - for whatever reasons - either the source or the target disk tend to heat up, it would be a good idea to add something to keep them cool, like a small fan. jaclaz

@ internalsio As a side note, are you sure-sure that: Windows XP based PE's (i.e. PE 1.x) actually ever used the 3 Mb "read only disk"? (surely they didn't have BOOTMGR or the \boot\BCD) jaclaz

No, there is a misunderstanding. in this screenshot here: http://www.msfn.org/board/uploads/post-384634-0-60686200-1385318959.jpg you must try selecting the "$No Name 02" (which is the one that starts at 16373760) and click "Open Volume". jaclaz

Why would you prefer not to publish it? jaclaz

Good. So DMDE found two possible NTFS volumes: NTFS 0 which has 4412 entries in the $MFT and that supposedly starts at sector 16373760 NTFS 1 which has 5 entries in the $MFT and that supposedly starts at sector 16370298 The sector 16373760 corresponds to CHS 1019/55/61 and is correctly "Mb" aligned, as 7995*1048576/512=16373760 The sector 16370298 corresponds to CHS 1019/1/1 (which is the data currently in the MBR) and is correctly "cylinder" aligned. It seems like originally the Disk has been partitioned/formatted under an OS (or with a tool) that aligns to Mb and that (for whatever reason) the tool you used cannot recognize such partitioning scheme and defaulted to a "cylinder aligned" values. If this is the case, if in DMDE you select the NTFS0 volume and press the "Open Volume" button, and in the window that opens you click on the [+] besides "Root", you should be able to see most if not all the files you had before. If you click on "Metadata" and click on the line that starts with $AttrDef, on the right panel you should see the $MFT entry and it's creation date (see if it "sounds" like the right one for the period when the disk was originally formatted). If you double click on the $MFT entry in the right top pane, in the lower one you should see the actual LBA of the $MFT and a hex view of it. See the attached screenshot of an "example" volume. Does this happen? What do you find instead? jaclaz

Wait a minute. It is possible that originally you made a (huge) Extended partition and created two logical volumes in it? That would explain how you managed to delete BOTH volumes from XP disk Management, and also the reason why in the posted screenshot of Minitool Partition Wizard the "lost" partition is seen as "logical". What we need to find is the $MFT of the volume that you had as H:. A "normal" NTFS partition sized above 5 or 6 Gb has it's $MFT on cluster 786432 and the default cluster size for a NTFS partition of that size should be 8 sectors. So, the $MFT should not be before 786432*8=6291456 sectors starting from the beginning of the volume. Here the problem seems to be that we don't know for sure where the volume exactly began. Try the following: in HxD, go to sector 6291456 of the disk once there Search->Find "search for=FILE0 Datatype=Text-string Search direction=ForwardIt may take a long time for the search to find a hit (if any). Alternatively, as it might be faster/better, do the following: get DMDE from here: http://dmde.com/ extract it to a directory run dmde Select the PhysicalDisk 3 click on the button "NTFS search" leave the scan areas settings "start sector" at 0 change the "end sector" by using the cursor to something around 20 Gb (jolt down the exact sector number) click on Search post a screenshot of results (if any) if no results are found, re-run the search by selecting "Range", this time use as "start sector" what you had before as "end sector" and limit the "end sector" to 40 Gb if no result repeat up to 60 Gb and then up to 80 Gb (I don't think there can be anything of use beyond this range) jaclaz

Actually you should have done the image BEFORE fiddling with the disk, and right now it would (unless you continue fiddling, doing "random" things to that poor little disk ) be just loosing some time. The idea is to first verify by ONLY reading some data on the disk, if it is recoverable (as filesystem). If it is not, the free space you have will become useful as target for the "file-oriented" recovery attempt. Ideally you should get "partition wizard", whatever it is, in the dustbin and not even think of using it again (unless told by someone to actually use it). Last time I checked them there were 3 or 4 programs called "partition wizard", WHICH one have you used? I need to: understand WHAT EXACTLY you did (please describe everything you did, with the most details you can remember)have you perform a couple of tests by reading/copying a few "key" sectorsThe point is this. IF you ONLY created a partition entry in the MBR AND did NOT "format" it, then it is possible that the filesystem is recoverable IF you - through any means - "formatted" the partition then IF it was a "quick" format, you have lost the filesystem for good BUT file recovery might be possible IF you - through any means - "formatted" the partition then IF it was a "full" format (as an example as performed by Vista or later) then not only the filesystem is lost forever but also each and every file that was there.To quickly disambiguate, of the above three actions, #1 is instantaneous, #2 would have taken several seconds/minutes, #3 would have taken hours. Without knowing what EXACTLY you did and under which EXACT OS and with WHICH EXACT tool, I cannot provide you with any meaningful support/advice. You seemingly do not know what is (let alone use it) a disk editor/viewer. Go here: http://mh-nexus.de/en/hxd/ http://mh-nexus.de/en/downloads.php?product=HxD and get this file: http://mh-nexus.de/downloads/HxDen.zip It is the portable English edition of the Nexus HD editor. Uncompress in a directory. Run Hxd.exe, it will ask you to create a configuration file in the directory, tell it "OK". Then Extras->Open Disk Select the disk, you want to choose among the Physical disks, and since it is /dev/sdc in TESTDISK, that disk should be Hard Disk 3 (the numbering is the same that you can see in disk management), LEAVE the tickbox to "read only". On the top bar there is an "edit box" Sector 0. Write in it 22661691 and press Enter. You should be now be on sector 22661691 of the disk. It should begin with "File0" and around the middle of it you should be able to see "$.M.F.T.". If you use the little up arrow beside the "Edit box" you can go on later sectors. Every other sector should begin with "File0", the next one beginning with "File0" should have around the middle "$.M.F.T.m.i.r.r." If you continue to go ahead, you should find a number of sectors with the "default" hidden fiels of a NTFS filesystem, like $LogFile, $boot, $Quota, etc. If you continue to go ahead, within a few sectors you should be able to recognize some file/directory names that were on the disk. If you can find some of them visually, there are good chances that the filesystem can be recovered, if after a few tens sectors there are no such filenames, the $MFT is lost (and your only chance is file based recovery). jaclaz

The screenshot shows very little. You should run TESTDISK again with a LOG (and post/attach the LOG, not a screenshot. Also, you did not provide an EXACT (enough) report of the actions you took. How EXACTLY (on which OS; with which tool giving which EXACT commands) did you try to delete the first partition? The issue (more or less) is the following (now). IF you recreated a NTFS partition starting on the SAME address (or a "near enough" one) you have effectively overwritten the $MFT of the original NTFS partition and you won't be able to recover the "previous" partition contents (but you might be able to recover most of the files in it, with file-oriented recovery software, very likely losing the filenames). IF on the other hand you recreated the new NTFS partition on a DIFFERENT address (or "far enough" one) like it would be if you created just a single partition starting from the beginning of the disk, there is a chance that the new $MFT did not overwrite the previous one and thus it is possible to recover a large part of the filesystem. The data "sector 16370235 and end at 3907024064 sector and total 3890653830 sectors" represent a "valid" partition created with the "old" Cylinder boundary standard (possibly through XP or a third party tool, not with Vista or later) On such a partition the $MFT should start at 786432*8+16370235=22661691 First check you should make would be to use a disk viewer/editor and verify that absolute sector 22661691 is the actual start of $MFT . jaclaz

You seemingly have this wrong. The LXDE "750 Mb" .iso is a "Live CD" including a "full" Debian distro using LXDE as desktop/graphical environment, there are a similar one using Fedora as base OS and yet another using Lubuntu (which is 696 Mb instead). They are "working builds" to demonstrate the use of LXDE. Normally you would install "a" Linux distro, then install to it LXDE and use it as desktop/graphical environment, replacing the one the "plain distro" uses by default. From this to re-package this install into a .iso (be it a Live CD or a simpler "install CD") there is a large (very large) leap. The slackware "mini", as explained here: http://www.slackware.com/~alien/slackboot/mini/ is the bare minimum to start installing (on hard disk and through packages) a "customized" Slackware. In layman terms, it is like you want to build a new house (without having ever worked in the field) and start by getting just a lot of timber, a hammer, a few nails and a hand saw. It is of course possible that you manage to build yourself (or adapt what you can find locally) all the pieces needed to have the house built, and assemble them properly, but it will be a loooong process. When it comes to making a .iso of it, it's more like you disassemble the house you just finished building, package every piece neatly and in order, make drawings and assembling instructions for it, and then give the whole lot to someone else that uses that for re-building the house. Not something I would advise. jaclaz

About the LG Smart TV issue, I would say that if "they" disable it (but still the device is "capable of" AND can be remotely managed - possibly through a "firmware update") the whole represents pure bull§hit as always. So you go to bed and find in your bed (say) a potentially dangerous/poisonous animal, let's say a biggish spider or a scorpion, what do you do: find a way to get it the heck out of your room/house or kill it go to bed and sing to it a lullaby (so that it also gets to sleep and thus becomes innocuous) jaclaz

What do you mean "tutorial"? (it is a rather "vast" topic) There are resources on the usage of available commands, if this is what you mean: http://ss64.com/nt/ Or you want something like an "introduction" to the command line and batch?: http://commandwindows.com/ More advanced: http://www.robvanderwoude.com/batchstart.php jaclaz

Check on the right column, under "Publications" on that page: http://www.wsusoffline.net/docs/ You will find a link to: http://www.h-online.com/security/features/Do-it-yourself-Service-Pack-747193.html which should clarify your doubts. The actual "Update Microsoft Windows and Office without an Internet connection" or the Introduction on: http://www.wsusoffline.net/ should actually have been enough, theory of operation is that you download from *any* machine connected to the internet all the updates for a given OS (independent from the actual hardware used for the downloading) then you transfer via "physical media" the downloaded files to the non-connected to the internet machine and upgrade the OS on that machine. jaclaz

You can try using WMIC (but I doubt it will be available at that stage ): http://setiathome.berkeley.edu/forum_thread.php?id=69381 Or you might need to use a third party tool, like: http://retired.beyondlogic.org/solutions/processutil/processutil.htm How to "automate" it, is another thing, but that should be T-39 stage, you may want to try DetachedProgram http://www.msfn.org/board/topic/19607-detachedprogram/ jaclaz BTW (and for the record): The original source of the "trick" is most probably: http://www.technostriker.com/2012/06/install-windows-xp-faster-then-ever.html which is NOT particularly supported by evidence, NOT EVEN anecdotal :

A .ini file has (AFAIK) the SAME capabilites of preventing the installing of the adware coming with Windows 7 as a .xml has. jaclaz

Does Windows 7 come bundled with adware? Can a unattend.xml file prevent the installation of the adware coming with windows 7? jaclaz

To be picky (as I am ) they also actually failed to design a mug for the left-handed, and (being also cheap ) US$ 7.99 for a mug? They will be geniuses if they manage to sell for 8 bucks something that costs to them less than 1 US$ apiece (example): http://salinaglass.com/promotional-coffee-mugs-c-1 AND they also make through these items their denigratory campaign. Now, if they would send me one of those mugs (free of shipping/handling charges), and together with it a US$ 80.00 check, then maybe we could talk of the matter. jaclaz

Well, you will need to list "the others" that thought that , last time we talked about this same topic I tried (vainly, as it results) to explain you why that is a mere assumption (specifically proven wrong) unless you analyze/know WHAT actually the manufacturer has included in the "Restore" and HOW EXACTLY it is performed: http://www.msfn.org/board/topic/163601-will-a-recovery-clean-the-hard-drive/ jaclaz

Happy to have been of use. Maybe you could detail the steps you did (for the benefit of other users that may find themselves in a situation similar to your one). jaclaz

JFYI, I am thinking to get a Motorolv or a Mdtdrdlv (NO, no typos ): http://www.dhgate.com/product/vintage-2013-cellular-phone-dual-sim-dual/172329567.html jaclaz

What makes you say that ? There are so many Vista haters out there who would say different. I liked the OS sure enough, but what makes it the Best Windows Yet? As erpdude said a few posts earlier, the "key" here is SP1. Anyone who had the Vista as it was provided originally (and it took 1 - one - whole year to get the SP1) cannot but hate it. Generally speaking, the "professional" user, long before the SP1 was released would have downgraded to XP and never looked back, the "common user" (who had it pre-installed on a PC) would have suffered one long year of "queer" behaviours and would have had so much time to hate the stupid OS that he/she cannot forget it. To the above you add that - still generally speaking - the Vista's coming with OEM hardware were invariably on seriously underpowered machines that contributed to spread the notion that VIsta is a resource hog (which BTW it is ). With SP1 Vista began behaving like a working OS, but it was too late. jaclaz

Well, I saw it coming since a loong time, JFYI (quoting myself from 2009! ): http://reboot.pro/topic/9915-the-good-thing-is-that-engineers-never-stop-to-surprise-me/ jaclaz

Good. But you will need to provide some background, like how you remember your disk was partitioned, and the like. Essentially the "relevant" part of the .log is: The "red" part is very possibly just a "glitch in the matrix", or however should not influence your booting. You seem like having the "typical" Windows 7 (or possibly 8) "boot" partition (what the good MS guys call "system") of 204800 sectors, which has some wrong geometry settings (this partition is normally hidden/not assigned a drive letter) and a second partition (which is the actual "system" and "data" partition). So you originally had just the "C:" drive, correct? If you re-run TESTDISK and press the P button when you have highlighted either the #1 or the #2 partitions, you should be able to see the "root" directory of each partition. in #1 you should be able to see at least: BOOTMGR <- file \boot\ <- directory in #2 you should be able to see the previous contents of your "C:" drive. Now, a good idea would be, before doing anything else/any attempt to repair, to make a copy a few "key" sectors. To do this, the easiest would probably be Hdhacker: http://dimio.altervista.org/eng/index.html The general way of operation is: first select (on the left side) WHAT you want click on the "Load Sector" Button click on the "Save Sector" Button and save the file on ANOTHER volume/disk/deviceYou will be accessing the \\.\Physicaldrive, normally the first disk will be \\.\PhysicalDrive0, the second disk (it seems from the TESTDISK log that you have two disk on the machine on which you are attempting the repair) will be \\.\PhysicalDrive1 and the third disk you will be trying to extract the data should be \\.\Physicaldrive2 (you can check in Disk Management, the numbering of Disks is the same) HDhacker uses the convention of numbering sectors starting from 1 (unlike "normal" LBA notation). You want to save sectors: 1 <- the MBR for the extension of 1 sector 2049 <- the PBR of first partition for the extension of 16 sectors 206848 <- (hopefully) the bootsectormirr of first partition for the extension of 1 sector 206849 <- the PBR of second partition for the extension of 16 sectors 572939712 <- (hopefully) the bootsectormirr of second partition for the extension of 1 sector then you compress the resulting 5 files (please meaningfully named ) into a .zip archive, upload it to zippy or the like and post a link to the file. With these data I should be able to suggest (hopefully) next steps to take. jaclaz