S
Security.Concerned.User@gmail.com
Hello everyone,
Recently I've realized that Windows XP Pro (SP1) secretly writes data
to hard-disk sector(s) that were beyond its installation-partition
boundaries
at that time I used a basic Windows XP installation on a 3-GB
partition,
and the rest of the harddisk was unformatted, for all Windows cared.
I should also mention that my WinXP partition is formatted on FAT32,
but I am capable of accessing NTFS partitions, if need be, using
NTFS4DOS,
(which I didn't).
Obviously I was only able to have discovered that with an MSDOS-run
Disk Editor
capable of accessing all 160 million sectors of my 80GB hard disk, and
making
a text-based datafile containing sector numbers (Cyl., Head, Sector +
Index),
that was runnable under pure MSDOS mode avaiable by booting
from a BootCD / BootDVD.
I wasn't quite sure what the nature of that data was,
and whether or not it was a copy of the swapfile
(e.g., PageFile.SYS), or some other data off RAM,
or maybe password(s) or other sensitive data
that I may have been working on prior to re-booting
from my BootDVD.
So my questions are:
1. Would anybody be familiar with that sector-writing stuff?
2. If so, what is the nature of the data written?
3. Would password(s) typed at MSDOS-based program(s), run within
Dos-Box windows, be secretly saved there too?
4. How Am I do prevent that from happening?
5. How Am I to erase such data?
Thanks much,
SCU
Recently I've realized that Windows XP Pro (SP1) secretly writes data
to hard-disk sector(s) that were beyond its installation-partition
boundaries
at that time I used a basic Windows XP installation on a 3-GB
partition,
and the rest of the harddisk was unformatted, for all Windows cared.
I should also mention that my WinXP partition is formatted on FAT32,
but I am capable of accessing NTFS partitions, if need be, using
NTFS4DOS,
(which I didn't).
Obviously I was only able to have discovered that with an MSDOS-run
Disk Editor
capable of accessing all 160 million sectors of my 80GB hard disk, and
making
a text-based datafile containing sector numbers (Cyl., Head, Sector +
Index),
that was runnable under pure MSDOS mode avaiable by booting
from a BootCD / BootDVD.
I wasn't quite sure what the nature of that data was,
and whether or not it was a copy of the swapfile
(e.g., PageFile.SYS), or some other data off RAM,
or maybe password(s) or other sensitive data
that I may have been working on prior to re-booting
from my BootDVD.
So my questions are:
1. Would anybody be familiar with that sector-writing stuff?
2. If so, what is the nature of the data written?
3. Would password(s) typed at MSDOS-based program(s), run within
Dos-Box windows, be secretly saved there too?
4. How Am I do prevent that from happening?
5. How Am I to erase such data?
Thanks much,
SCU