News Ticker


Browsing "Older Posts"

Browsing Category "data recovery"

Easeus Data Recovery Free Download 2020 For Windows 10, 7, 8

Sunday, July 25, 2021 / No Comments


Easeus Data Recovery Free Download 2020 For Windows 10, 7, 8

The free edition of EaseUS data recovery wizard is a program entirely dedicated to recovering the deleted files or the files that you might have thought were lost. This data recovery wizard goes deep into the darkest, most unattainable corners of the system to recover data. First, the free recovery wizard permits you to simply recover any file that you have deleted utilizing shift + Del. If you do not utilize that command for deleting data, but you’ve emptied your recycling bin of the files that you require back, you can recover them as well using data recovery wizard. You can try to recover the lost data when the system was formatted using this wizard.

System Requirements For EaseUS Data Recovery Wizard Technician 2020

Before you start EaseUS Data Recovery Wizard Technician 2020 free download, make sure your PC meets minimum system requirements.

  • Memory (RAM): 1 GB of RAM required.
  • Operating System: Windows XP/Vista/7/8/8.1/10
  • Processor: Intel Dual Core processor or later.
  • Hard Disk Space: 100 MB of free space required.

WD USB to SATA Conversion Compatible PCB Guide

Sunday, September 20, 2020 / No Comments

701605 - 701499
701615 - 701499
701635 - 701572
701650 - 701499
701675 - 701672, 701609, or 771672
771737 - 701692 or 771692
771754 - 701692 or 771692
771761 - 771692
771801 - 771823
771814 - 771820
771859 - 771852
771939 - 771959
771949 - 771959 or 771939 (771960 works electronically, but doesn't fit physically)
771961 - 771960, 771939, or 771959
771962 - 771931 or 771959 (771960 works electronically, but doesn't fit physically)
771817 - 771820
800038 - 800025
800041 - 800022-000 (for 3Tb) 800022-002 (for 4Tb)
800069 - 800066 (confirmed) or possibly 800052 (??? unconfirmed ???)
800067 - 800065 (Requires Unlocked PCB)

Please post updates below and I'll update the list. Thanks!

Seagate F3 Terminal Command Set

/ No Comments


Seagate F3 Terminal Command Set

Here's a consolidated version of all the Seagate terminal commands collected so far. It's not intended to be an exhaustive list, but rather a collection of commands useful in data recovery. If you have more info to share please post it and I'll add it to the list:

The Very Basics:

TTL Default Settings:

Bits per second - 38400

Data Bits - 8

Parity - None

Stop Bits - 1

Flow Control - None

Ctrl + z (initiates the terminal connection and should prompt with level T>)

Ctrl + a (displays drive info, Package Version, Serial #, Model # (useful for missing label), Servo FW, etc.

Ctrl + l (displays drive info, # heads, serial, preamp type, family ID, etc.)

Ctrl + c (tells some drives to spin down, can be used immediately after CTL + z)

Ctrl + x (displays log of history commands)

/X (used to change levels, replace X with level 2, 3, 4,... 7, T, etc.)

2>Z (puts drive to sleep)

2>U (spins drive up)

7>X (test read/write head resistance)

T>B[N] (sets baud rate to N, so for example T>B921000 sets to 921000 baud. If invald rate is input, e.g. B1, drive will report supported rates)

T>V1 (returns slip defect list - confirm translator loading)

T>V2 (checks T-List)

T>V4 (checks G-List entries)

T>V10 (checks P-List)

T>V40 (checks for non-resident G-list entries)

1>G6A (clear P-List - Not Recommended!)

T> i2,2,22 (clear T-List - Non Recommended!)

C>Q (returns list of all available commands, sometimes just says "No Help Available" on all of them)

1>N1 (clears S.M.A.R.T)

1>N5 (returns SMART values in terminal window)

T>i4,1,22 (clears G-List)

7>m100 (clears DOS config tables)

T>J (displays CAP which has some drive info such as internal model, family ID, serial numbers, etc.)

C>U10 (regenerates the media cache)

F Command: (thanks to

This is helpful for drives stuck in pending reallocate mode (E.G. InitiateMarkPendingReallocateRequest for disc_lba: )

All commands issues at level T>. Also HDD needs to be power cycled after issuing.

F (lists out all the parameters and bytes that can be modified within the F command)

F"RWRecoveryFlags",00,22 (disables read sparing, write sparing, and enables correction)

F"RWRecoveryFlags",01,22 (disables read sparing, write sparing and disables correction)

F"BGMSFlags",00,22 (disables background media scan)

F"PerformanceFlags",043C,22 (disables offline sparing and deferred auto reallocation)

F"ReadRetries",00,22 (disables read retries - possibly better performance in software like ddrescue)

F,,22 (resets to default - sometimes necessary to get sector access back afterward)

r & w Commands:

Commands issued at level T>

r command is used to read system files (E.G. T>r93 requests system file 93)

w command is used to write system files (E.G. T>w28 initiates write for system file 28)

These commands can also be used to read/write a specific volume/copy of a system file. The command is issued as follows:



So for example to read system file 28 volume 3, copy 1: T>r28,3,1

To write system file 93 volume 3, copy 0: T>w93,3,0

(Most SA modules are in the default volume 3, just FYI)

These read/write operations are carried out using Y-Modem protocol supported by some terminal programs.

SSHD Specific (Rosewood Drives):

O>I (Clear NAND of Donor in preparation for PCB replacement w/ ROM transfer)

M Command Quick Reference: (thanks to PCLab)

All commands issued at level T>

m0,6,2,,,,,22 (most commonly used to regenerate translator)

m0,2,1,,,,,22 ( To rebuilt slip list, V1 )

m0,2,2,,,,,22 ( To rebuilt G list, V2 )

m0,2,3,,,,,22 ( To rebuilt P list, V3 )

m0,5,1,10,3,,,22 ( To zero fill with slip list )

m0,5,2,10,3,,,22 ( To zero fill with G list )

m0,5,3,10,3,,,22 ( To zero fill with P list )

m0,8,1,10,3,,,22 ( To format with slip list )

m0,8,2,10,3,,,22 ( To format with G list )

m0,8,3,10,3,,,22 ( To format with P list )

m0,D,1,,,,,22 ( To repair bad sector by Slip list )

m0,D,2,,,,,22 ( To repair bad sector by G list )

m0,D,3,,,,,22 ( To repair bad sector by P list )

m0,20,1,,,,,22 ( To format (seacos XF) by Slip list )

m0,20,2,,,,,22 ( To format (seacos XF) by G list )

m0,20,3,,,,,22 ( To format (seacos XF) by P list, most powerfull to repair bad sectors, red and green blocks )

m0,2,2,,,,,22 ( Format user area partition without certifying defects and relocate defects. not effect Data in a drive )

m0,2,1,,,,,22 ( Format user area partition with user slip list with certify defects. DATA WILL BE LOSS )

m0,D,3,,,,,22 ( Format user area partition with repairing of bad sector, auto add bad sector into G list and in the last it will be shifted to P list )

m0,5,1,,,,,22 ( it used for erasing of all sector )

m0,8,2,,,,,22 ( it is used for formatting hard disk sectors )

M Command Full Explanation: (thanks to irs)

Seagate Terminal M Command.doc

(17.67 KiB) Downloaded 5656 times

Terminal Errors Explained: (thanks to HDDGuy)

TCC-001A[0x000042F9][0x000042F9]ZZZZMMMMMMMMMMMMMMMZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZMMMMMMMMMMM.... = This error relates to an inability to read Servo or Overlays. This message is also displayed at some Grenada models when PCB/ROM is not native.

Failed to load overlay 00000004 - this is usually associated with some hardware error and can be caused by non-native adaptives (i.e non-original ROM)

SIM error 1002 = this message alerts us to some error with one or more defect list. Potentially P-list or NRG list can be bad.

SIM error 2044 - Translator tables cannot be read or are damaged.

SIM error 1009 - Module 17A is damaged

SIM Error 203F / SIM Error 2040 / SIM Error 2044 / SIM Error 3005 - Also seem to be damaged or unreadable translator related errors

LED:00000047 FAddr:FFFFFFFE - Usually this relates to Media Cache

LED:000000BC FAddr:00006220 - Usually this also relates to Media Cache or some relocation parameters.

More Terminal Errors Explained: (thanks to jol and acelabs)

SIM ERROR 3005 (mean that “format corrupted flag” in on and Translator is not loaded in RAM)

“No HOST FIS-ReadyStatusFlags” (reason message: why translator is not loaded).

More Terminal Errors Collected From the Web By Your's Truely

LED:0x000000BD FAddr:0x00009887 or LED:000000BD FAddr:0000988E - Usually relates to Media Cache or other background processes in System File 93. Some have reported clearing SMART as having fixed the issue.

MCMTFileHandler: EXCEPTION: Failed MCMT read request - Relates to System file 346 being damaged, or possibly media cache

LED:000000CC FAddr:0024A7E5 - Bad Translator. Short read channel, clear smart, regenerate translator.

SMI init (or) Training Failed - Bad PCB

Disc FW failed to load - Bad PCB

Sense code = xxxxxx82 – problem with sector translation (broken translator) (x's will be other numbers)

Sense code = xxxxxx81 – uncorrected error (bad sector, not translator)

LED:00000067 - Normal if PCB is removed from HDA. Otherwise it's heads/media damage

SimError - Remaining in BootFW

Perform a double download without a power cycle (This error occurs with non-original ROM code or PCB)

Last Updated: 2/6/2019

How to prevent ransomware ?

Friday, August 7, 2020 / No Comments

What is ransomware and how do you prevent it?

Ransomware attacks are on the rise, but what is it? And what can you put in place to prevent your company from being a victim of this growing malware?

Over the last few years, ransomware has been increasing at an alarming rate. Unfortunately, the rise of technology comes hand in hand with an increase in cybercrime. But how much do you know about the ever-evolving ransomware threat? And do you know what steps to take to prevent an attack?

An increasing risk

Cybersecurity needs to be a top priority for businesses of any size to protect itself again from the ever-evolving threat network. According to ISACA, CMMI, and Infosecurity Group's "State of Enterprise Risk Management 2020" study, 53% of respondents stated that they had seen increased risk to their organization over the last 12 months. Additionally, 29% of respondents found that cybersecurity is the most critical risk category facing enterprises today, and 33% believe that information/cybersecurity risk will be the most crucial category of risk facing their organization in the next 18-24 months.

Source - ISACA, CMMI and Infosecurity Group's "State of Enterprise Risk Management 2020

Ransomware definition 

Ransomware is a form of malicious software designed to either block access to a computer system or publishes a victim's data online. The attacker demands a ransom from the victim, promising – not always truthfully – to restore access to the data upon payment.

Around since the 1980s, the last decade has seen various ransomware Trojans crop up, but the real opportunity for attackers has ramped up since the introduction of Bitcoin. This cryptocurrency allows attackers to easily collect money from their victims without going through traditional channels.

Who is behind ransomware?

Those behind ransomware attacks are usually highly knowledgeable scammers with expertise in computer programming. Typically, ransomware will infect your computer via an email attachment, network, or infected browser.

How does ransomware work?


The most common delivery system for ransomware is via phishing spam – attachments that arrive in a victim's email, masquerading as a file that they can trust. According to research from a security software firm, Trend Micro, 91% of cyber attacks and the resulting data breach begin with a spear-phishing email.

Once you download and open the attachment, the malware will take over the computer, encrypting some or all of the files. When this happens, the only way to decrypt the data is through a mathematical key only known to by the attacker.

There have also been cases where malware will display a message claiming that the user's 'Windows' is locked. The user is then encouraged to call a "Microsoft" phone number and enter a six-digit code to reactivate the system. The message alleges that the phone call is free, but this isn't true. While on the phone calling the fake 'Microsoft', the user racks up long-distance call charges.


Another malware is called leakware or doxware; this is where the attacker will threaten to release sensitive data about the victim unless they pay a ransom. Often targeting emails and word documents, there have also been cases of mobile variants where private messages, pictures, and contact lists from users' phones have been released.

Doxware is known to be more effective than ransomware – in terms of getting the money from the victim. With ransomware, you can maintain separate backups of data that is no longer accessible. Still, with doxware, once an attacker has information that the victim doesn't want to be made public, there is little to be done apart from paying up.

What damage can ransomware do?

You would think that paying a ransom to gain access to your data was bad enough, but that can pale into comparison to the actual damage costs involved with an attack. Ransomware attacks can cause:

The damage and destruction (or loss) of data

Lost productivity

Post-attack disruption to the normal course of business

A forensic investigation

The restoration and deletion of hostage data and systems

Reputational harm

The need for employee training in direct response to the attacks

When you take the above into account, it is no wonder that ransomware attacks cost organizations an average of $36k!

Should I pay the ransom? 

When you speak to cybercrime experts, most urge you not to pay the ransoms as funding ransomware attackers will only help create more ransomware.

Although, many organizations go against this advice weighing up the cost of the encrypted data against the ransom. 2018 saw 45% of US companies hit with ransomware pay their attackers. But why?!

The general advice is not to pay ransomware attackers. However, refusing to pay may not be the best case of an action for many businesses, especially when there is a chance the company may permanently lose access to vital data, incur fines from regulators or go out of business altogether. For many companies, the choice between paying a relatively modest ransom or staying in business is a no brainer.

In some ransomware cases, the attacker will set the ransom demand at a point that it's worth their while but will ensure that it is low enough that it is often cheaper for the victim to pay rather than to reconstruct their lost data. Attackers will sometimes offer discounts if their victim pays within a specific timeframe, e.g., three days.

With that in mind, some companies are building up reserves of Bitcoin specifically for ransom payments.; this is mainly being seen in the UK, where organizations seem more likely to pay ransoms. According to Gotham Sharma, managing director at Exeltek Consulting Group, "About a third of mid-sized British companies report having Bitcoin on hand to respond to ransomware emergencies when other options can't be immediately exhausted."

How to stop ransomware 

If you find yourself infected by ransomware, first, you need to find out what kind of ransomware it is. For example, if you can't get past a ransomware note on your screen, then you probably have been infected by screen-locking ransomware. If you can browse through your apps but can't open your files, movies, etc. it's likely encrypting ransomware has affected your system – the worse of the two. If you can navigate your network and read all your files, then it's probably a fake that is just trying to scare you into paying.

How to prevent ransomware

-Ensure you have a good backup of all your files.; this way, if anything does happen, restoration of your files from a backup is the fastest way to regain access to your data.

-When answering emails, unsolicited phone calls, text messages, or instant messages do not provide any personal information. Phishers can try and trick employees into installing malware or gain intelligence by claiming they are someone from your IT department.

-Ensure you have reputable antivirus software and a firewall. There is a lot of fake software on the market, so your antivirus and firewall must be good enough to ensure you're safe from malware threats.

– Make sure you have content scanning and filtering on your mail servers. Scan every inbound email for known threats and block any attachment types that could pose a threat.

-If you are traveling for work, ensure that you inform your IT department beforehand, especially if you think you may be using public wireless internet points. Make sure you have a trustworthy Virtual Private Network (VPN) when accessing any public Wi-Fi spots.

– Make sure all your computer software is up to date; this includes the operating system, browser, and any toolbar plug-ins you use.