How secure is partitioning?

  cocteau48 20:51 24 May 2007

I posted this thread last night
click here with surprisingly no response (which is a first for me!)so I will try again from a slightly different angle if I may.
My 80GB hard drive is factory partitioned into two:72GB for the main drive (C) containing the O/S and all files and folders etc. and a 2.44GB Recovery partition (D) - 78% of which Treesize tells me is the Windows i386 folder.
Yesterday a deep scan with A squared found the (C) partition to be totally clean but discovered a copy of (Adware.win32.Dm.i)within the i386 folder in the recovery (D) partition.
The Recovery partition has never been been used so how is it possible for malware/adware to find its way onto this section of the hard drive?
Can you get cross contamination between different partitions?
The offending file was quarantined and deleted,no problem,but I would be interested to know if this is something to be looking out for in the future

  Technotiger 21:06 24 May 2007

Hi, I am only guessing, this may not be a techie type answer, but, the way I see it is that partitioned or not, it is all one hard drive, so what is to stop any part of that drive being prone to attack! I never partition, preferring instead separate hard drives.

  VoG II 21:07 24 May 2007

Partitioning is so twentieth century. Totally unnecessary.

  cocteau48 21:14 24 May 2007

I agree with you totally about partitioning but as that was the way the machine was set up when I bought it..............
I'm kinda stuck with it that way.
I do not want to start messing with the recovery section in case I should need it some day.

  skidzy 21:32 24 May 2007

I find it pretty amazing that this could get at your recovery partition,as nothing should be able to access that.

What i would say is,to check that the recovery still works before its to late,but first create an image using Acronis TI 10 for a backup incase the recovery partition fails you.

  Fruit Bat /\0/\ 21:42 24 May 2007

Unfortunately you quarentined and DELETED the file that the spyware was in.
Losing this file may have already compromised the recovery.

If you can remember the file name perhaps you need to download a copy and replace in the appropriate place in the recovery partition.

It was probably a false warning by A2.

  cocteau48 21:49 24 May 2007

Way ahead of you skidzy. Got my TI 10 image safe on ext HD already.(without adware!)
I also have a Recovery CD so the recovery partition is not really necessary but I do not want to ditch it just for the sake of it. I do not need the space.
Like you I was more concerned that something could access the recovery partition at all,and if it can break in how easy is it to break out again back into the main part of the HD?
Also as I said in my original posting Googling for the adware in question only leads to one place -
A squared's website. No other anti spyware seems to have info on it.

  cocteau48 21:55 24 May 2007

Fruit Bat /\0/The only thing deleted was a copy of (Adware.win32.Dm.i)

  skidzy 21:58 24 May 2007

If indeed that was a false positive cocteau48,it may well be that deleting the file you have deleted an important file needed to use the recovery.

Basically asquared has misidentified something and could be important.

  cocteau48 22:24 24 May 2007

We have a three pronged line of defence here:
I have a full TI 10 image to fall back on,
I have a recovery CD in case I need to reinstall the original O/S and do not need the recovery partition,and
The deleted file still exists on a previous restore point which I ran today with the aim of establishing just that point.
The question here is not whether my recovery capability has been compromised - it is more to do with how did adware which is in A squared's current top ten get into the recovery partition and not show up in the corresponding location in the main partition - false positive or not?
I would have thought that if something was going to be misidentified it would be misidentified in both places that it exists.

  skidzy 22:30 24 May 2007

Sorry i spoke !

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5 review

50 best online Adobe XD tutorials

iPad Pro 10.5in (2017) review

Comment connecter un MacBook à une TV ?