Re: Problem with XP scheduler?
- From: "David Craig" <drivers@xxxxxxxxxxxxxxx>
- Date: Sun, 20 Dec 2009 17:49:26 -0800
I sure wouldn't want to waste any more time on this since it has so many
totally wrong statements. While it is possible to write a BIOS vector, I
have not seen one. If you have, then the symptoms are possible. On many
motherboards there is a fallback BIOS in ROM and not in the flash memory.
Using some jumpers you can blow away the BIOS settings, replace the flash
BIOS chip and force it to boot from the ROM. Then you can program the flash
chip with a clean version.
If the malware is only based upon the hard drive, then it is easy to wipe
the HD and start over with a OS install. Boot to a MS-DOS CD and run
something to wipe the first few hundred sectors on the drive or even easier
just replace the drive. If you have more than one drive, disable all but
the new one. You may have to clean those up after you get a new OS
installed. You will probably have to take ownership of all files on the
drives as you reconnect them. With SATA drives, you can connect the data
cable while the OS is running to add a drive back, but I would verify there
is no autorun files on the drive from the MS-DOS CD or inhibit all autorun
capability in the newly installed OS. One trick is to use the WAIK to build
a bootable DVD-ROM on a system with no hard drives connected. Use an
EZ-Dock from Kingwin that permits USB and eSATA connections to a HD. As you
connect the device you can search for any files in the root directory. All
of this does require some experience and skill, but you can keep trying
until you get it right.
The reason for a lack of malware on Unix, Linux, MAC, etc. is that those
writing malware want to make money. With 90% of computers running Windows
and many untrained users it makes sense to attack that platform. With the
other platforms it is natural for the malware writers and users to believe
those machines are being run by someone who is much better trained and
knowledgeable.
"tanix" <tanix@xxxxxxxxx> wrote in message
news:hgmhad$sd$2@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In article <#75VbkcgKHA.5792@xxxxxxxxxxxxxxxxxxxx>, "m" <m@xxx> wrote:
I am glad that you have found a workaround for your problem. I must
interject however, that as someone who has worked on many HW and software
platforms, some of your comments are silly. No version on *nix is immune
to
the attacks that you describe as plaguing Windows - even though many
builds
are better at hiding their deficiencies ;)
It is true that there are fewer viruses for *nix then for Windows, but
that
should surprise no one, and does not imply that it is less vulnerable.
Similarly, it is easily possible to abuse the kernel in either OS, but
more
commonly done for Windows since those who would try for UNIX, simply make
their own custom Linux build with whatever changes, detrimental or
otherwise, that they desire. And as the security model for both is nearly
identical, downloading and installing software bears the same risks in
either OS - but the lack of functionality in some kinds of programs for
Windows is a plaguing problem for me too!
Wut?
First of all, when I get some package on Linux,
I get it from the trusted site by definition.
Since there is no "copyright" issues, I am mean it when I quote it,
there is really no need for you to even bother downloading something
from some funky site.
True, there is no fundamental difference between different O/Ses,
as far as security goes.
But...
For some strange reason, there is no such a concept in Linux
as viruses or trojans.
When my box was rooted with the "latest and greatest" rootkit,
that was as sophisticated as I have EVER seen anything,
and after me, trying to recover for it for few days, thanx
to my monitoring firewall, the more I was digging into it,
the more my hairs rose as I began to realize that even if
i reformat my drive, it won't help anything. The rootkit
is still there.
Even if i throw that drive away, does not help.
The rootkit is still there.
Here is what I found:
First of all, since it is possible to modify your boot
record on a hard disk, that means you can insall a jump
vector and totally control the boot process or anything
else for that matter.
Even if you flush BIOS, you are "flushing" it under the
rootkit supervision. So all those "OK" mesages are
meaningless.
What happens is this:
During the boot process, they modify your MBR, and I did
verify it for fact. So, they make one of your parititions
smaller and you don't even notice any of that.
ALL that happened is you lost about 6 megs of memory
in my case.
Now, they store tons of trojans and viruses between
partitions and they can run them any time they want more
or less, no matter what you think or do.
No antivirus program is capable of detecting this kind of
thing even in principle.
Do I have to tell you more?
Well, I WAS able to recover. I took me more than a month,
and it was a matter of principle for me.
Eventually, I found its weaknesses and simply cut a vain
on their throat, again, thanx to my monitoring fireawall.
And I logged their entire global network so bad, that
some "rulers" on IRC and specifically on #ubuntu channel
got freaked out for some reason.
Well, that is good enough for now.
I do not want to waste more time on this.
"tanix" <tanix@xxxxxxxxx> wrote in message
news:hgl16j$l5e$2@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In article <DAB9CB7C-E4B5-4FC2-90DC-90736DF1D9F6@xxxxxxxxxxxxx>, "Pavel
A." <pavel_a@xxxxxxxxxxxxxxx> wrote:
"tanix" <tanix@xxxxxxxxx> wrote in message
news:hgjpef$el6$3@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In article <81878418-E87A-4C50-B6BA-EDBE053B03E2@xxxxxxxxxxxxx>,
"Pavel
A." <pavel_a@xxxxxxxxxxxxxxx> wrote:
Then, let me explain this again.
Since the system becomes not responsible, it looks like a kernel mode
problem.
Yep. That is what I thought first.
Except Windows is not trully multi-tasking system
and I saw plenty of times the system is freezing
because of some not well behaved program so far.
Understood. Yes, this should not normally occur, even on Windows.
Yet this can occur because of bugs in certain video drivers & BIOS,
various utilities that install hooks in various places, malware and
anti=malware.
That is why I asked: is there a low level kernel mode driver
in firefox? Cause that is about the only thing I can think of
that can possibly cause this kind of a behavior. To freeze the
kernel so bad that it even stops executing its normal disk
activity as you disk stops flashing the disk access light?
I really do not see what can possibly be the reason for the
app to cause such a behavior, unless firefox does some fast
rendering via their own kernel mode driver.
Windows still is a true multitasking system (unless abused).
Well, that is not my experience.
But let is slide for now. I could care less.
It is what it is and I have to live with it
even though Linux Ubuntu seems MUCH more pleasant and stable
to me. Plus the very fact that you do not have security
related issues, such as trojans and viruses, is becoming
one of the prime criterias for me.
Plus the ability to have as many desktops as you like
is also a big plus for me.
Plus the ability to install just about anything I possibly
want without all the hassle and without worrying about security
issues is also a big plus.
Even such issues as text editors are much better on Linux
then on windows, even though notepad++ is quite a nice editor.
This is one of the things I care about quite a bit.
Plus the ability to do all sorts of installs on line and
not needing to reboot the box, is quite a plus for me.
Plus knowing that Linux IS in fact a true multitasking system
and that no app, no matter what, can possibly freeze your
box or make your system non responsive as I saw WAY too many
times on windows, counts for me.
Probably about the only reason I am forced to stay with win
for now is very poor performance of the JVM (Java Virtual Machine),
which translates in my case in doubling the time of processing
some big job I regularly do that takes hours if not days to
complete.
Another thing is GUI is not as fine grained as Windows
and it looks a bit bulky.
Beyond that, I'd be willing to swith to Linux entirely
and forget all these windows horror trips. Cause they do
get under my skin to the point that just one more thing
may make me switch to Linux forever.
Regards,
--pa
--
Programmer's Goldmine collections:
http://preciseinfo.org
Tens of thousands of code examples and expert discussions on
C++, MFC, VC, ATL, STL, templates, Java, Python, Javascript,
organized by major topics of language, tools, methods, techniques.
--
Programmer's Goldmine collections:
http://preciseinfo.org
Tens of thousands of code examples and expert discussions on
C++, MFC, VC, ATL, STL, templates, Java, Python, Javascript,
organized by major topics of language, tools, methods, techniques.
.
- References:
- Problem with XP scheduler?
- From: tanix
- Re: Problem with XP scheduler?
- From: m
- Re: Problem with XP scheduler?
- From: tanix
- Re: Problem with XP scheduler?
- From: Pavel A.
- Re: Problem with XP scheduler?
- From: tanix
- Re: Problem with XP scheduler?
- From: Pavel A.
- Re: Problem with XP scheduler?
- From: tanix
- Re: Problem with XP scheduler?
- From: m
- Re: Problem with XP scheduler?
- From: tanix
- Problem with XP scheduler?
- Prev by Date: Re: Problem with XP scheduler?
- Next by Date: Re: Problem with XP scheduler?
- Previous by thread: Re: Problem with XP scheduler?
- Next by thread: Re: Problem with XP scheduler?
- Index(es):
Relevant Pages
|
