jaclaz

Well, that's calling for it! And here is the stern look of disapproval : jaclaz

Of course it depends on the particular dog, some can even be happy bunnies (in the basket) : And, for NO apparent reason, camouflage example! jaclaz

The issue generally speaking is that the BIOS "interrogates" the hard disk at boot time (or reboot with CTRL+ALT+DEL) and the disk should reply with some info. If it is in BSY state (or any other of a list of issues) the hard disk does not reply and the BIOS does not see it. In some cases, for *whatever* reason, an "unbricked" disk foes not show in BIOS but is found if connected to a running system through an USB adapter (or viceversa, it is seen in BIOS but not through the USB adapter). It is possible that - again for *whatever* reasons that the disk is very slow in replying to the interrogation and thus it is recognized only once every n boots or it is recognized only if you do a CTRL+ALT+DEL immediately after having initiated booting (or do it several times). As I see it the only possibilty is to try again and when you manage to get it recognised dd it's contents to a new disk. Once the data (or as much data as possible) will be residing on a fully working disk, then attempt recovering it. If you look a bit around in this forum: http://www.msfn.org/board/forum/169-hard-drive-and-removable-media-issues/ you will find quite a few similar cases, some successful , some failed , of this approach, so that you get an idea of the things that need to be done. jaclaz

Actually I could , but as a matter of fact you started it, and Charlotte only provided additional sources and commented only on the comments... Naah, I'll blame just you , at the most Charlotte could deserve a stern look of disapproval, which I have ready, in case of need : jaclaz

No prob , glad to have contributed to another happy bunny in the basket: Well, since your wife is a designer, I may ask you/her a happy bunny image to celebrate the success? About firmware, the bootable .iso is ALWAYS better (not because it is a .iso but because it provides a "simple", "clean" DOS environment). Cannot say if the .iso will work "as is" with an external disk, though (I actually doubt it), possibly in your case you are forced to use the .exe from your running Windows, BUT what the thingy seemingly does (at least one of the version I saw) is to actually add a (tinycore) Linux to your system through some GRUB2 and - without having tested it - I wouldn't personally run that .exe on a "production machine". Still personally, I would postpone the firmware updating until you can have a "normal" PC with that hard disk directly connected to it and run the .iso.. After all, the worse that can happen with the old firmware is that the drive bricks itself again, and you now know how to unbrick it. jaclaz

Sure , but the "other people" had not have been warned before by me , that makes a big difference . Really, the syllogism "someone made a study/research/poll/whatever" = "the study has been carried with correct sampling and conclusions were drawn correctly and are unbiased and representing reality" is something that should be - by this time - found to be vastly false. In the case of Soluto, their sample can be hardly representative of the "entire" Windows 8 user base as what they sell (and from which they gathered usage) seems like being aimed to either the geek or to technical users involved in remote assistance of some kind (which of course tend to have as customers people that have to work) No real news that such users do not use NCI much. Actually that should be the work of a good journalist, besides pumping up the news about it, he/she should verify the "soundness" of the study. Statements like: http://www.neowin.net/news/study-60-of-windows-8-desktop-users-launch-a-modern-app-less-than-once-a-day are - to say the least - inconsistent. The number of times in a week you "launch" your e-mail app has really nothing to do with how much you "love" it or how "friendly" is it's interface, it is something that you either *need* to do or that you *need* it not. Counterexample: In (say) Texas cars of comparable year of manufacturer have a higher mileage than in New England, and there are far more 4WD pickups per 100 people in Texas than in NewEngland. This does NOT mean that Texans: love driving get along well with 4WD pickups it may mean that. it may also mean that their homes are on average further from their workplace and there are less paved roads in the state It may also mean that since Chuck Norris drives one of those, you must have one too, or you are a sissy . jaclaz

You need to look at history. Once upon a time disks were NOT partitioned. There simply wasn't a FDISK like program in early Operating systems. The filesystem was (ealry MS-DOS) FAT12 (with a limit of 16 Mb) and simply disks that big did not exist. But disk sizes grew, and grew.... So you had lot of space but no way to address it fully, and you had to partition the disk. DOS (which has been for years the "standard") FDISK would allow only one primary partition and one extended partition (with as many logical volumes in it as you like BUT anyway limited to the D-Z range of drive letters) Then filesystem became FAT16 (with a limit of 32 Mb). Then came FAT16 but with a much larger 2Gb size limit. Then NTFS (initially with some limits as well, but of different nature), than FAT32. Then on NT (windows 2000) mountpoints removed the limit of 24 volumes And filesystem continued growing in addreesable size up to the current NTFS, the recent exFAT (sometimes called incorrectly FAT64) and the newish ProtogonFS. For a period of time having one or more logical volumes in an extended partition was simply the ONLY way to use the whole size of a disk drive. Nowadays it is only a (still IMHO right) choice. Read here: http://www.goodells.net/multiboot/ it should clear many of your doubts. jaclaz

As a side note, anyone can read something their own way. I read this: http://news.techworld.com/security/3447306/internet-explorer-10-blocks-more-malware-than-chrome-or-firefox-test-finds/ https://www.nsslabs.com/reports/2013-browser-security-comparative-analysis-socially-engineered-malware%20 as: http://www.imdb.com/title/tt0083658/quotes?item=qt0378266 I don' t want/need MS (or google for that matters) tell me what I can access and what not (a friendly warning is one thing, but we all know how this kind of things tend to become "wider" and "intrusive", the leap from this to "restricted access" or to "government approved" content is smaller than it might seem ) Humanity is doomed . jaclaz

Re-check everything (wires, connections, hypereterminal settings, etc.). If you get to the F3 T> it means that it connected (and later from what you describe it seems like it lost connection). jaclaz

Backspace? You cannot actually "cancel" an input, you can go back and overwrite it. jaclaz

Switch everything off (yes, physically remove power to everything, wait some sixty seconds before re-applying power, reboot the PC - just in case) and start again from scratch. No harm should have been made. BUT be very careful, and I mean VERY careful when you type commands (BEFORE pressing [ENTER] check, double check and triple check everything) this time you gave a non-existing command, but there are DESTRUCTIVE commands that are valid and that can botch the disk for good . jaclaz

@JorgeA Please re-read, slowly this time , this post (AND links in it): You cannot use/trust a source only because - casually - it has the same opinion as you have. MInd you, the guys over there seem all like very nice peeps, and possibly their software is the third best thing in life after sliced btread and ice cream , but they are seemingly too young and enthusiastic (which are very nice characteristics, BTW) to be able to provide any unbiased opinion or meaningful data. Right now (and no offence whatever intended to the good guys ) the one in their team that I would trust more (generally speaking, not on PC related technology ) would be Speedy : http://blog.soluto.com/2013/01/a-peek-inside-soluto-hq/ And BTW, the good Soluto guys did choose Azure (coincidence? ): http://blog.soluto.com/2013/01/an-apology-from-the-soluto-team/ In the spoiler the most relevant part: jaclaz

Well, you are back to #1, so seemingly the (put here any adjective heavily offending your customer's mental capabilities) guy provided you with the wrong disk? However, nothing prevents you from re-writing ONLY the (good) DATA of the MBR you had before on the current MBR (which has now the McAfee CODE). Of course IF part of the CODE contains a form of checksum, it won't work, but trying doesn't harm anyone. In a MBR offsets: 0-445 Code (including Disk Signature on Windows NT OS at bytes 440-443) 446-509 DATA partition table, 4 parttiion table entries, each 16 bytes 510-511 Magic bytes 55AA So basically you have to copy bytes at offsets 440-443 (4 bytes, the disk signature) and bytes 446-509 (48 bytes, the partition table) from the "old" MBR and replace the corresponding bytes on the "new" McAfee one. Next step would be to create THREE copies (images) of the disk, wipe (write with 00's) the area where the "middle missing partition" is, then format with the same OS originally used (I believe 7) the "missing partition in the middle" as NTFS, then attempt installing the encryption using the same keys. Then compare the three of them, two at a time. If they result (at least the first few sectors) substantially similar, then you may have a chance. Explanation: When you format two filesystems you do it (obviously) one after the other, the result is that the freshly formatted filesystem will never be identical, because the volume serial (which is misteriously created by the OS on a semi-random base) will be different and expecially on NTFS filesystem structures will have different timestamps. The point is if the encryption algorithm (the "initial loading part") uses just the provided keyfiles and/or password or it uses a "salt" based on "specific data": What you can reproduce is: size of the volume position of the volume of disk contents of it's first few sectors (but not the volume serial) if anything else (like the volume serial or current date/time or date/time of any filesystem structure) has a role in the encryption algorithm yu will have different results (and thus you won't be able to recreate the original "headers"). There is a possibility, still, (again it may depend on the exact version of the software used), at least in older releases there was the possibility of accessing a ("sound") encrypted volume without original key and password by using a "tech access" and a "daily code" (or something like that). Such an approach may work even with the headers of a "different" volume, but it is really hard to say. JFYI : jaclaz

The "basic error" (besides the various attempts you made - particularly erasing the G-list), is/was to assume that an unbricked disk: still has a perfectly functional filesystem can still boot a "complex" OS like a NT one as it did before the bricking Both the above are gratuitious assumptions. The whole point is WHY did it "brick itself" originally, if it bricked because of the original issue with the log entry, then those assumptions may be correct, if it bricked itself for any other reason those are VERY unlikely to represent reality. The only thing that you can do (and that you should have done BEFORE attempting booting from the disk and before attempting accessing files on it's filesystem) is to image the disk on another disk (you will need a slightly larger disk, NTFS formatted (if using Windows) or EXT3/4 formatted (if using Linux) or clone it to a similarly sized disk, surely functional. You would normally use datarescuedd (Windows) or dd_rescue or ddrescue (Linux) and try to image the whole disk, if needed in "chunks". Once the filesystem has been transferred (hopefully successfully and the whole of it) on a surely functional media, then you start attempting recovery of the filesystem (if possible) or recovery of the files in it (still as possible). If you need help in doing the above, please start a new thread, as once the disk is not anymore BSY or LBA0, it exits the scope of the present thread. jaclaz

Definitely: http://www.theverge.com/2013/5/21/4352596/the-xbox-one-is-always-listening For a firm established since 1975, i.e. 38 (thirty-eight) years ago, it is good to know that they had privacy as a top priority for more than ten years, the issue is whether they are last ten years or so or from 1975 to 1985.... jaclaz

Well, if you cannot afford a tool like the mentioned one: http://forum.hddguru.com/viewtopic.php?t=17926&start= At least get some "medicine blisters", at least Scott Moulton: http://myharddrivedied.com/ can move heads with them: (please remember to count the number of platters of the disks shown in the above video) Naaah, the air being "condensed" is the least of the issues here. jaclaz

Yes, but usually (cannot say specifically) there is an option in the encryption software to "convert" the encrypted disk to non-encrypted without booting it. I am not familiar with McAfee encryption software, and there are more versions of it than stars in the sky, if I recall correctly, how exactly did you write the bootsector? Maybe the emergency disk "unencrypted" the existing bootsector (which was altered before) instead of replacing it with the original one. But the partitioning would never be affected by any change to the PBR or VBR or bootsector, if the partitioning layout changed it means that the McAfee Emergency disk changed the MBR! Still following - no offence intended towards the guy that encrypted that disk, that surely did that in perfect good faith - my theory that on average users of encryption solution don't know enough about data preservation, it could be that what was given to you was the recovery disk generated on another machine. I mean, a "normal" MBR (and/or PBR/VBR/bootsector) is made of two parts, code and data. It is possible that the *whatever* the emmrgency disk wrote was the "right" code (generic) but the "wrong" data (belonging to another machine). Yes, but 100 Mb is the "default" for Windows 7, an OEM (like Toshiba) might well have decided that a larger one was needed/smart/whatever. Out of the three partitions 1st and 3rd were OK, so I doubt that You need to check if Mcafee (or a third party) provides a solution to "convert the disk" to unencrypted (without changing/restoring/whatever) the MBR or the bootsector. jaclaz

What about forfiles? http://ss64.com/nt/forfiles.html jaclaz

Bad burn? http://www.bleepingcomputer.com/forums/t/81736/error-installing-windows/ jaclaz

Good. Which drive letter gets the partition on the external disk drive? Let's say it is E:\. Open a command prompt. In it type: CD /D E:\ [ENTER] then: DIR [ENTER] How much space does it see as available? jaclaz

Ah, well, that explains a lot, giving plenty info on the EXACT procedure used. jaclaz

To continue: You ignored what the Win2flash tool intended scope is (and its instructions/documentation) and managed to attempt making your internal disk an "install disk for XP" . Now a couple of questions: You mentioned a WinPE, which WinPE is it? Is it on a boot CD/DVD or on a USB stick? (or however can you move it to a USB stick or other NON-read-only device?) jaclaz

No, the encrypted partition was simply "not mountable" (either due to the encryption or to the corruption) the Kaspersly, besides having stupidly written on the [system] partition (NOT on the [HDDRECOVERY] one) is innocent. The "stupidly" may be referred BOTH to the good Kaspersky guys and to the good guy that attempted running an Antivirus on a disk where there was an encryption/partition issue AND having that machine connected to the Internet . It is more likely that the "bootsect.exe /nt60 all /force" has made some damages. Rule of the thumb (for next time ) is to NEVER (and when I say NEVER, I do mean NEVER) write anything before having made an image (at least of what you are going to overwrite, like the MBR and the PBR's). Consider how - particularly Notebooks with "recovery partition" and or with hard disk encryption connected to the motherboard - may use non-standard MBR code (less likely non-standard PBR code) and possibly also use some of the hidden sectors, but what the heck, we are talking here of saving a bunch of sectors, not necessarily image the whole disk (for which one may be unable to provide a big enough storage space). JFYI : http://en.wikipedia.org/wiki/Primum_non_nocere jaclaz

Nonsense of the day: http://www.pcworld.com/article/2038912/windows-8-wont-hit-critical-mass-in-enterprises-forrester-says.html "better shape"? Either an infrastructure (whatever it is ) is "compatible" with Windows 8 or it is not. And no, I cannot see ANY way in which an infrastructure with ONLY Windows 7 "clients" may be in any way "in better shape" than one that has already been tested and found working for several years with XP's and at least 2 years already with BOTH XP's and Windows 7's. One thing is "complete migration" to Windows 7 (that I believe very few companies did) as well as "no windows 7 machines" (that I also believe very few companies are into) and another is "mixed environments with any possble flavour/type of XP, Vista and 7 + Server 2003 and Server 2008 and Server 2008 R2 - and possibly even a couple 2K servers" which is most probably the "average" situation. jaclaz

You are welcome . Re-thinking about the Read-only that cannot be cleared, maybe it is because as soon as you put the disk online volume on it were mounted to a drive letter. Maybe all volumes need to be unmounted to allow to change the read-only status? jaclaz