A+ Guide to Software

Managing, Maintaining and Troubleshooting THIRD EDITION

Chapter 10

Supporting Hard Drives

You Will Learn…

 About supporting hard drives and making backups  About viruses and other computer infestations, and how to protect against them  How to troubleshoot hard drives A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 2

Managing Hard Drives  Keeping the drive clean and free from errors  Drive compression  Disk caching  Backups A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 3

Defrag and Windows Defragmenter  Clusters that make up a file are stored together in a

chain



Fragmentation

occurs when a single file is placed in several clusters that are not directly next to one another 

Defragmentation

fragmentation detects and repairs A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 4

Windows XP Defragmenter A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 5

Using ScanDisk to Correct Cross-Linked and Lost Clusters 

Cross-linked cluster

is pointed to by more than one file 

Lost cluster (allocation unit)

is a cluster that no file in the FAT points to 

Chkdsk /F

can be used to repair  Windows 9x ScanDisk repairs these problems and others A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 6

Lost and Cross-Linked Clusters A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 7

Windows XP Drive Properties A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 8

ScanDisk Results A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 9

ScanDisk in MS-DOS Mode A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 10

Disk Cleanup A convenient way to delete temporary files on the hard drive  Frees up space  Improves performance A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 11

Disk Cleanup (continued) A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 12

Disk Compression  Helps meet demand for more space on hard drives to hold software and data  Two methods usually used in combination:  Store data on a drive in one big file and manage how data and programs are written to that file  Rewrite data files in mathematically coded format that uses less space A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 13

Disk Compression in Windows 2000 and Windows XP  A file, folder, or an entire volume can be compressed as long as it uses NTFS  A file/folder placed on a compressed volume will automatically be compressed  A compressed file will be decompressed as it is read  Will be recompressed when it is saved back to the compressed volume A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 14

Disk Compression in Windows XP and Windows 2000 (continued) 1.

2.

3.

4.

To compress an NTFS volume: 5.

Open Windows Explorer Right-click the volume to be compressed Select

Properties

from shortcut menu On the

General

tab, check

Compress drive to save disk space

, click

OK

Select whether to compress entire volume, click

OK

A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 15

Compressing an NTFS Volume A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 16

Disk Compression in Windows 9x 

DriveSpace

used by Windows 95 and Windows 98 on a FAT16 file system  Compressed volume is somewhat unstable A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 17

Disk Caching  Temporary storage area in RAM for data being read from or written to a hard drive  Speeds up access to hard drive data  Two kinds  Hardware cache  Software cache A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 18

Disk Caching (continued) 1.

The CPU asks for data from hard drive 2.

Hard drive controller reads data from the drive and sends it to the CPU 3.

CPU requests more data, often data that immediately follows previous data 4.

Hard drive controller reads data from the drive and sends it to the CPU A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 19

Disk Caching (continued) A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 20

Hardware Cache or Software Cache  Hardware Cache  Built right into controller circuit board  BIOS on controller contains cache program  RAM chips on controller hold the cache  Disadvantages • Slower • Upgrading to a faster cache is impractical A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 21

Software Cache      Stored on hard drive like other software Usually loaded into memory when computer is booted Uses system RAM to hold the cache Disadvantage  RAM is used that might otherwise be used for applications software and its data Advantages  Faster because of where data is stored  Upgrading to a faster cache is practical A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 22

How Disk Caching Methods Have Changed 

DOS

used

buffers

to speed disk access 

DOS with Windows 3.x

used

SMARTDrive

, a 16-bit, real-mode software disk cache utility 

Windows 9x

uses

VCACHE

, a 32-bit, protected mode, built-in caching program 

Windows NT/2000/XP

uses automated caching as an inherited Windows component A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 23

Enabling Disk Caching in Windows XP A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 24

Making Backups  A

backup

is an extra copy of data or software that can be used if the original becomes damaged or destroyed  Hardware and software needed  Traditionally involve backup to tape  Full, incremental, and differential backups  Scheduled backups A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 25

The Child, Parent, Grandparent Method A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 26

Full, Incremental, and Differential Backups 

Full backup

 All data from a hard drive 

Incremental backup

 Only files that have changed or been created since last backup, whether or not it was a full backup 

Differential backup

 Files that have changed or have been created since last full backup A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 27

Scheduling Backups 

Manual

: done by a user sitting at a computer 

Automatic

: scheduled to run without user interaction  Windows 98 and Windows NT/2000/XP support scheduling any program A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 28

Scheduling Backups (continued) A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 29

Scheduling Backups (continued) A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 30

Scheduling Backups (continued) A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 31

Backup Software  Most tape drives come with backup software  Third-party backup software  Windows backup software A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 32

Windows 2000/XP Backup A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 33

Scheduling a Windows 2000/XP Backup A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 34

Windows 9x Backup Utility Msbackup.exe can be used to back up to removable disks and tape drives  Windows 98 supports backup devices that Windows 95 did not  Use third-party backup software to back up to drives and tapes not supported by Windows 9x A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 35

Disk Cloning Software

Disk cloning, disk imaging,

or

drive imaging

 Replicates a hard drive to a new computer or to another drive on the same computer  Examples of software  Drive Image by PowerQuest  ImageCast by Innovative Software  Norton Ghost by Symantec Corp A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 36

Planning for Disaster Recovery  Verify that you can use backup tape or disk to successfully recover the data  Keep records of backups and recovery procedures, including:  Folders or drives backed up  Date of backup  Type of backup  Label identifying tape, disk, or other media A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 37

Viruses and Other Computer Infestations 

Infestation

 Any unwanted program transmitted to a computer without knowledge of the user  Designed to do varying degrees of damage to data and software; does not damage PC hardware  Categories of infestations  Viruses  Trojan horses  Worms  Logic bombs A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 38

Viruses and Other Computer Infestations (continued) 

Virus

(most common)  Replicates by attaching itself to other programs  Might simply replicate, might do damage immediately, or might do damage in the future 

Worm

 Spread copies throughout a network without a host program  Overloads memory or hard drive space by replicating repeatedly A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 39

Viruses and Other Computer Infestations (continued) 

Trojan horse

 Does not need a host program  Substitutes itself for a legitimate program  Usually cannot replicate 

Logic bomb

 Dormant code added to software  Triggered by a predetermined time or event A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 40

Where Viruses Hide   1.

2.

3.

Virus Incubation period Contagious Destructive    Types Boot sector virus File viruses (macro viruses) Multipartite viruses A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 41

Boot Sector Virus  Hides in the boot sector program  Hard drive • Master Boot Record program • OS boot record program  Floppy Drive • Boot sector program  Usually spread with a boot floppy  CMOS often protects against this virus A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 42

File Virus  A

File virus

hides in an executable program or in a document macro  A

Macro

is a small program contained in a document 

Macro viruses

are the most common viruses spread by email  Melissa spread around the world in one day A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 43

Multipartite Virus  A combination of boot sector virus and a file virus  Can hide in either type of program A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 44

Cloaking Techniques 

Virus signatures

are the distinguishing characteristics of a virus  Antivirus (AV) software detects a virus by its signature  Important to update AV software  A Virus attempts to hide from AV software  Changing its signature  Attempting to mask its presence A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 45

Cloaking Techniques (continued)  Viruses are classified by three cloaking techniques:  Polymorphic virus: changes as it replicates  Encrypting virus: transforms into non replicating program, then reverts  Stealth virus • Masks the size of the file it infests, or • Substitutes an uninfected file when file is opened A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 46

The Damage an Infestation Can Cause  Minor (e.g., altered monitor display)  Major (e.g., erasure of files, or even entire hard drive)  Infestation damage is called the payload A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 47

Results of a Harmless Virus A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 48

How Infestations Spread  Executing email attachments without scanning for viruses  Trading floppy disks containing programs  Connecting a computer to unprotected network  Buying software from unreliable sources  Downloading programs from Internet A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 49

How Infestations Spread (continued)  Using floppies from unknown sources  Using shared network programs  Using used, preformatted floppy disks  Reading email that automatically runs a word processor to read attachment  Not write-protecting original program disks A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 50

How a Virus Replicates A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 51

How a Trojan Horse Gets into Your Computer  A Trojan horse is an infestation masquerading as a legitimate program  People pass the program around thinking that it’s useful A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 52

How a Worm Gets into Your Computer  Most worms come to your computer or network through the Internet  Usually through an open port  A firewall is the best defense against worms A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 53

Worms Spread Through Open Ports A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 54

Virus Hoaxes  Warn about a nonexistent virus  Useless traffic overloads email systems  Check virus hoax Web sites  http://hoaxbusters.ciac.org

 http://www.hoaxinfo.com

 http://www.hoaxkill.com

 http://www.viruslist.com

 http://www.vmyths.com

A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 55

Protecting Against Computer Infestations  Make regular backups  Use antivirus software regularly  Keep Windows current with updates and patches  Implement a firewall  Use wisdom when managing program A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 56

Virus Symptoms  A downloaded document contains macros  A program takes longer than normal to load  The number and length of disk accesses seem excessive for a simple task  Many more: see p. 435 A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 57

What to Do When You Suspect a Virus Infestation  Run a virus scan program to detect and delete the virus  Get latest upgrade of AV software or try another AV program  Download recent virus definitions  Check Web site of the AV software vendor for information A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 58

Antivirus Software A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 59

Choosing Antivirus Software  Can it download new software upgrades and virus definitions from the Internet?

 Does it automatically execute at startup?

 Can it detect macros in a word processing document as it is loaded?

 Does it automatically monitor files being downloaded from Internet, including email?

 Does it email you about new viruses and updates?

A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 60

Using Antivirus Software  Scan memory and boot sector for viruses each time the PC boots  Consider scheduling AV software to run at the same time every day  Some AV software can run continuously in the background A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 61

Using Antivirus Software (continued)  Set your AV software to scan:  Files as they are downloaded from the Internet or a network  Documents for macro viruses each time a document is opened by a word processor  Both files and boot sectors of hard drives and disks A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 62

Troubleshooting Hard Drives  Determine main priority and focus on it  Data  Software  Hardware  Resources  Documentation  Manufacturer’s Web site  Technical support from ROM BIOS, hardware, and software manufacturers A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 63

Troubleshooting Hard Drives with Third-Party Software  Norton Utilities  Easy-to-use tools to prevent damage to hard drive, recover data from damaged hard drive, and improve system performance  PartitionMagic  Manages partitions on a hard drive more quickly and easily than Fdisk or Disk Management  SpinRite  Can recover data from a failing hard drive when other software fails A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 64

Software Problems with Hard Drives  Root cause is often a virus  Corrupted OS files  Corrupted partition table, boot record, or root directory, making all hard drive data inaccessible  Corruption of area of the FAT that points to the data, data’s directory table, or sector markings where data is located  Corrupted data A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 65

Resolving Hard Drive and Data Access Problems  Partition table  Boot record  FAT and root directory  System files  Data and program files A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 66

Data and Program File Corruption  To restore a data file that is not backed up  Use OS tools and commands  Use third-party software  Use a professional data recovery service A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 67

Data and Program File Corruption (continued)  If a file has been accidentally erased or the disk is otherwise damaged  Don’t write anything to the disk  For a floppy, use DOS Diskcopy, Copy Disk in Windows Explorer, or third-party program A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 68

Data and Program File Corruption (continued)  Problems with files and the file system  Corrupted file header – read the file as a text file to recover the contents  Lost clusters – Chkdsk or ScanDisk turn lost clusters into files in the root directory  Erased file – look in the Recycle Bin, try the Unerase or Undelete command A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 69

Summary

 Supporting hard drives and making backups  Viruses and other computer infestations, and how to protect against them  Troubleshooting hard drives A+ Guide to Software: Managing, Maintaining and Troubleshooting, Third Edition 70