dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1090

GarbageFan
@cox.net

GarbageFan

Anon

Infected Harddrive Buffer Memory

Okay, I will admit it... There was no mass conspircy "that I can prove" by Microsoft update or C0X, to corrupt my system.

But something is going on with my harddrive and I now suspect the 8 megabyte buffer is keeping the infected, injected packet.

So my question is: How do you format the harddrive buffer memory? In this case it's 8mb's and partitioned so fdisk can see it but doesn't seem to erase it. Is their an attribute I need to use? example: /fdisk -s

Thank you
kpatz
MY HEAD A SPLODE
Premium Member
join:2003-06-13
Manchester, NH

kpatz

Premium Member

You can't infect the hard drive's buffer. It only acts as a cache for data being read or written from the drive.

If you have an infection on the drive, and you clean it off, or reformat the drive, the infection is gone. Kaput. It doesn't stay in the buffer (unless the drive has some kind of firmware bug in its caching algorithm). In that case, cut power to the drive and turn it back on. Buffer empty. End of story.
dave
Premium Member
join:2000-05-04
not in ohio

1 edit

dave to GarbageFan

Premium Member

to GarbageFan
quote:
How do you format the harddrive buffer memory? In this case it's 8mb's and partitioned so fdisk can see it but doesn't seem to erase it.
fdisk can't see internal drive buffer memory. You don't 'format' (=create file system structures) internal drive buffers. The end.

This posting is a wind-up, isn't it?

jdong
Eat A Beaver, Save A Tree.
Premium Member
join:2002-07-09
Rochester, MI

jdong to GarbageFan

Premium Member

to GarbageFan
The buffer is fully cleared whenever the computer is reset.
ftzsee
Premium Member
join:2001-11-22

ftzsee to GarbageFan

Premium Member

to GarbageFan
Shut off the computer for fifteen seconds?

I doubt your hard drive buffer has become infected. Perhaps you could post a bit more about what your problem is, and people here could help you out.
B04
Premium Member
join:2000-10-28

1 edit

B04

Premium Member

Not sure what you meant by "wind-up" but perhaps this makes more sense than it appears to...

If GarbageFan is correct that "it's 8MB and partitioned so FDISK can see it" then maybe there IS a small 8 MB partition on his or her drive, and perhaps there's something wrong with it. Otherwise, of course, the post makes no sense ("infected, injected packet", etc.).

In any case, GarbageFan, as everyone else said, a hard drive buffer is RAM, just like system or video RAM, and when the power cuts out it's gone. And even during operation, that buffer is completely transparent to the PC and the programs -- it's entirely contained within the hard drive's circuitry. So there's no way to specifically affect it.

-- B
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

said by B04:
Not sure what you meant by "wind-up"
American translation: "he's yanking our chain".
dave

dave to GarbageFan

Premium Member

to GarbageFan
Could we just be talking about the zone that, as far as I remember, the 2000/XP disk manager reserves at the end of a disk, just in case you want to convert from basic (i.e., DOS) partitioning to dynamic partitioning?

Of course, this is not "buffer memory", and if you're not using dynamic partitioning, it's just unused disk space, so it hardly matters what's on there since no-one ever looks at it, much less tries to execute it.

FishPants
The Art Of Pants
Premium Member
join:2001-11-19
Canada Eh?

FishPants to GarbageFan

Premium Member

to GarbageFan
Don't forget that certain manufacturers (Compaq, Dell etc) do (or at least used to) install their "Bios utilities" on a small partition at the beginning of the disk. That could be what he's seeing in Fdisk.

You really don't want to wipe out that area. Anyways as others have said, post your problem here and we will all try our best to help you solve it. Some things worth asking:

1. What Antivirus solution are you using? Have you updated it and performed a full virus scan?
2. Have you ran spybot and/or ad-aware on your system to look for malware? Was it updated?

Those are some good initial steps when dealing with PC problems, sprinkle in a good defrag and mix. Rinse and repeat.

Epyon9283
Premium Member
join:2001-12-26
Trenton, NJ

Epyon9283 to dave

Premium Member

to dave
said by dave:
Could we just be talking about the zone that, as far as I remember, the 2000/XP disk manager reserves at the end of a disk, just in case you want to convert from basic (i.e., DOS) partitioning to dynamic partitioning?

The 8mb left over is space it reserves. I have a 2mb buffer on my hard drives and the 8mb is still sitting there.
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

said by Epyon9283:
The 8mb left over is space it reserves. I have a 2mb buffer on my hard drives and the 8mb is still sitting there.
Right. That's what I'm saying. "Space reserved for partition management" is completely unrelated to internal drive buffering. Space reserved for partition management shows up on the disk.

Internal drive buffering does not show up on the disk -- it'd be pretty pointless to have a buffer for disk content that's actually on the disk, since the buffer holds content that going to or from the disk.

In other words, the original poster is hopelessly confused. Or it's a wind-up.
B04
Premium Member
join:2000-10-28

1 edit

B04 to Epyon9283

Premium Member

to Epyon9283
said by Epyon9283:
said by dave:
Could we just be talking about the zone that, as far as I remember, the 2000/XP disk manager reserves at the end of a disk, just in case you want to convert from basic (i.e., DOS) partitioning to dynamic partitioning?

The 8mb left over is space it reserves. I have a 2mb buffer on my hard drives and the 8mb is still sitting there.

No, no. The 2 MB buffer is RAM that is BUILT INTO THE DRIVE ENCLOSURE. It has nothing to do (okay quite the opposite really) with hard drive space. It's like the L1 and L2 cache RAM on a CPU versus system RAM.

-- B

Epyon9283
Premium Member
join:2001-12-26
Trenton, NJ

Epyon9283

Premium Member

I CAN type IN CAPS too.

I know that the buffer is completely separate from the 8mb that gets reserved on the disk.

GarbageFan
@cox.net

GarbageFan

Anon

After, the post I just unplugged the system and hooked up another.

Thought, things over and came to the conclussion that either:

A) It was a virus that resided in resident memory
B) When Enable write caching is *Enabled* after a power outage sometimes $hit can hit the Fan "no pun intended."

Suspect: yes, I suspect a hit from our enemies up north (though, unintended as it was just meant to map the network) But instead crashed (1) neglected system *bravo*

Reality: Memory Dump, corrupted my harddrive due to "write caching."

I just like to be, Paranoid...G
GarbageFan

GarbageFan to dave

Anon

to dave
No farting in here...jk

But the space reserved for partition management surely can be infected. As with the bios, all freaking memory can be infected.

That *was* what I was saying, and I suspect a 75k file that could only have been *injected* into my packets or unsecure system, through layers of firewalls. I sespect the packet traffic was to much for this machine to handle (since its already running video security software in the gigs) and only reboots when it takes a ...dump.

All the original hardware has been up and running now for close to 24hrs.
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

said by GarbageFan:
But the space reserved for partition management surely can be infected. As with the bios, all freaking memory can be infected.
The crucial point is that the CPU can execute instructions out of RAM or ROM. The CPU cannot execute instructions off the disk without first reading it into RAM (and I don't mean a RAM buffer in the drive).

By the way, no-one calls disk "memory".

Therefore, it does not matter what bit-patterns are stored on unused disk space, because no-one's going to execute the unused disk space, because it's unused disk space.

The stuff abpout "injecting" a "file" into your "packets" is merely confused.

FishPants
The Art Of Pants
Premium Member
join:2001-11-19
Canada Eh?

FishPants to GarbageFan

Premium Member

to GarbageFan
said by GarbageFan:


That *was* what I was saying, and I suspect a 75k file that could only have been *injected* into my packets or unsecure system, through layers of firewalls. I sespect the packet traffic was to much for this machine to handle (since its already running video security software in the gigs) and only reboots when it takes a ...dump.

I hope you have a nice tinfoil hat to protect someone from injecting packets through your skull? LOL

It's likely your system just frogged from being used nonstop as a monitoring station, since it sounds like a windows station; if you leave a workstation running for a week or two, it's a virus in itself until you reboot it.

GarbageFan
@cox.net

GarbageFan

Anon

Suspect: yes, I suspect a hit from our enemies up north (though, unintended as it was just meant to map the network) But instead crashed (1) neglected system *bravo*

six-five.ninety-two.eighty-eight.two-three-four

Logs, will be posted shortly.
GarbageFan
join:2003-12-18
San Diego, CA

GarbageFan

Member

Again, I was one of the first to be zapped. Back up and running about twelve hours later, but; "You all thought I was just crazy...:p"

»www.theregister.co.uk/co ··· 610.html

FishPants
The Art Of Pants
Premium Member
join:2001-11-19
Canada Eh?

FishPants

Premium Member

said by GarbageFan:
Again, I was one of the first to be zapped. Back up and running about twelve hours later, but; "You all thought I was just crazy...:p"

»www.theregister.co.uk/co ··· 610.html

I am slow.. How does an IE Vulnerability correlate to your virus problem in your buffer memory space?