RE: Reformat Methods Don't Work?
- From: Paul Adare <padare@xxxxxxxxxxx>
- Date: Fri, 9 Dec 2005 11:40:14 -0500
In article <D5672435-CAD3-4440-B347-AF53B6E9BCD0@xxxxxxxxxxxxx>, in the
microsoft.public.security news group, =?Utf-8?B?U3VlSW5DaW5jeQ==?=
<SueInCincy@xxxxxxxxxxxxxxxxxxxxxxxxx> says...
> Paul,
>
> I appreciate your experience, but please have an open mind that this might
> be something you've never seen before. A quite well-respected local
> consultant has had one of my "dirty" computers for over ten days, now, and he
> won't event return my calls about it.
>
> "Paul Adare" wrote:
> > > There are all kinds of troublesome files at the root of the C: Drive,
> > > including, pagefile.sys, hyberfile.sys, and NTDetect.com. All of which the
> > > computer manufacturer says should not be there at the point of just having
> > > run the system recovery media.
> >
> > Your computer manufacturer is full of crap. Pagefile.sys is the Windows
> > page file used for virtual memory and should in fact be there,
> > hiberfil.sys is used to hold the contents of RAM when hibernating and
> > should be there, ntdetect.com is required in order to boot a Windows
> > system. You're getting all freaked out about nothing at all.
>
>
> I certainly don't have the experience that you do, and I appreciate your
> taking time to write about this. I know that Pagefile and hiberfil should be
> there, but I am pretty sure they should not be at the root of the C: drive.
You'd be wrong. Pagefile.sys is located at the root of the C drive by
default and hiberfil.sys _must_ be located there.
>
>
> >
> > > Nor should all those compressed files be
> > > there, either.
> >
> > What compressed files are you talking about?
>
> As I mentioned earlier, those files include:
>
> -names that include "Java packages" and "Spybot SEarch and Destroy Updates"
> even though Spybot was never a part of the original operating system. Those
> Java Packages have password protected files inside them, and also,
> many copies of .exe Files, like "Windows Management Instrumentation" or
> WMI Performance Adapter Service, buried way deep inside, several layers
> deep.
As I mentioned in my original post, you're likely getting all concerned
about nothing. If you format a hard drive and then reinstall the OS,
nothing can "hang around" from a corrupted or compromised install.
My guess is that your computer's recovery CDs install more than just the
OS. Which manufacturer?
>
> >
> > More comments below.
>
> As always, I do appreciate your experience and advice.
>
> Sue
>
--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
.
- References:
- RE: Reformat Methods Don't Work?
- From: Paul Adare
- RE: Reformat Methods Don't Work?
- Prev by Date: Re: Unknown Admin Password in Recovery Console
- Next by Date: Re: Customzing Security Template Files
- Previous by thread: RE: Reformat Methods Don't Work?
- Next by thread: RE: Reformat Methods Don't Work?
- Index(es):
Relevant Pages
|
