Re: hard drive problem

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance




Yes, there could be malware (virus or other), not just fragments, but
entire malware files. But it doesn't matter at all. They can't run from
there and there can be *no* danger from *anything* in those spaces.


But if a program had access to the IDE disk interface it could force reads
from specific addresses, which as I vaguely recall uses some logical block
addressing, independent of any file system.

so no file system could run any code in those spaces, but I can force a disk
to seek at any LBA address I can dream up and read whats there, so it seems
to me in a lightly sustainable paranoia that some program could generate
seeks in certain locations, if it was always every nth offset?

malware loads some data, emails some and puts some in packets with LBA
offsets, user detects virus and formats, new virus comes along and reads
specific LBAs once again? still there.

Ive got no clue what stats are for virus infestation and what actions are
done and what re infestation precent is, if you do? Im interested to study
it

iow, 200 samples of some list of viruses, remedial action: none, delete
files, format, military wipe, shred disk
and what the results were

I dont know how likely it is, just know format doesnt zap everything, and
low level IDE can read any location, so assume the worst




Messenger Service can often be useful. For example you can use it to
send messages from one computer on the network to another; I use it


The fix is to run a firewall.

100 percent agree
--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



.

Relevant Pages

  • Re: OT-Malware/Virus-What to do
    ... I'll be reinstalling the malware or virus along with the files. ... format the drive and reinstall everything. ...
    (rec.music.makers.guitar.jazz)
  • Re: Trojan horse Downloader.Generic.ML
    ... >> Malware doesn't make arbitrary changes, ... > so data diddlers don't exist? ... is the now extinct Ripper boot virus. ... As to disinfection vs integrity restoration, everything disinfection can do, ...
    (comp.security.firewalls)
  • Re: Trojan horse Downloader.Generic.ML
    ... >> Malware doesn't make arbitrary changes, ... > so data diddlers don't exist? ... is the now extinct Ripper boot virus. ... As to disinfection vs integrity restoration, everything disinfection can do, ...
    (alt.computer.security)
  • Re: RFC: virus handling
    ... > the virus or the test conducted. ... English speakers where the malware in question was not forged from some ... > their infection and should thereafter be disconnected entirely or ... Connect to open wireless network. ...
    (Bugtraq)