Secret Sector Backdoor / Security Breach

  • Thread starter Security.Concerned.User@gmail.com
  • Start date
S

Security.Concerned.User@gmail.com

Hello everyone,

Recently I've realized that Windows XP Pro (SP1) secretly writes data
to hard-disk sector(s) that were beyond its installation-partition
boundaries
at that time I used a basic Windows XP installation on a 3-GB
partition,
and the rest of the harddisk was unformatted, for all Windows cared.

I should also mention that my WinXP partition is formatted on FAT32,
but I am capable of accessing NTFS partitions, if need be, using
NTFS4DOS,
(which I didn't).

Obviously I was only able to have discovered that with an MSDOS-run
Disk Editor
capable of accessing all 160 million sectors of my 80GB hard disk, and
making
a text-based datafile containing sector numbers (Cyl., Head, Sector +
Index),
that was runnable under pure MSDOS mode avaiable by booting
from a BootCD / BootDVD.

I wasn't quite sure what the nature of that data was,
and whether or not it was a copy of the swapfile
(e.g., PageFile.SYS), or some other data off RAM,
or maybe password(s) or other sensitive data
that I may have been working on prior to re-booting
from my BootDVD.

So my questions are:

1. Would anybody be familiar with that sector-writing stuff?
2. If so, what is the nature of the data written?
3. Would password(s) typed at MSDOS-based program(s), run within
Dos-Box windows, be secretly saved there too?
4. How Am I do prevent that from happening?
5. How Am I to erase such data?

Thanks much,
SCU
 

Similar threads

H
Replies
0
Views
60
Hrishikesh Remesh
H
A
Replies
0
Views
154
AnuragKashyap1
A
M
Replies
0
Views
125
MahmoudAbu Awad
M
Back
Top Bottom