Is MBAM is a 100% safe application?

[~BD~]

FromTheRafters wrote:
> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
> news:JOSdndli_pDIk0HWnZ2dnUVZ8vqdnZ2d@bt.com...
>
> [...]
>
>> At that link it says - quote:-
>>
>> "When you run the fdisk command to create, delete, or change a
>> partition, all of the data on that partition is permanently deleted".
>>
>> I've always understood that to mean that any malware would be
>> destroyed too!
>
> Bad sectors (or sectors *marked* as bad) in this case might be
> considered "outside" any partition.
>
> [...]
>
>> That is my understanding too. My niggling concern has always been that
>> malware (call it what you will) might remain 'somewhere' within a box
>> ready to continue with it's malicious activity even though it's been
>> flattened and windows reinstalled (or even if a *new* hard disk has
>> been installed!).
>
> Warning - - an analogy follows:
>
> Some vaguely described monster has finally been *killed* by the monster
> hunter and you have an uneasy feeling that the monster can rise from the
> blood at the scene of the killing. Well, it ain't gonna happen, but when
> you asked an expert if an entity like that could be resurrected from its
> blood - he said yes and told you about DNA and sheep, cats, etc...
>
> The thing is, the expert wasn't asked if the entity could self-resurrect
> from the blood left behind after the killing of the monster.
>


You should try your hand at writing stories for children, FTR!

[David H. Lipman]

From: "~BD~" <BoaterDave@hot.mail.co.uk>


| So now we are in a situation where someone (drdos) has posted
| information on a well known technical forum saying one thing ....... and
| Mr David H Lipman (whoever he may *really* be!) making a post on Usenet
| groups claiming that the original poster is wrong.

| Take a step outside the box, David.

| How could anyone simply 'visiting' these groups have any notion of who
| is actually telling the truth?

| I am /inclined/ to believe what *you* say - but there is no supporting
| evidence to that effect - is there?

| Is it reasonable for readers to accept that, as you have made no
| disparaging comment to the contrary, that "Most wiping, erasing,
| formatting, and partitioning tools will not overwrite logical bad
| sectors on the Disk, leaving the Rootkits and their accompanying payload
| of malware behind and still active."?

| If so, what action would one recommend one takes before reinstalling an
| operating system on a previously used disk - Darik's Boot and Nuke?
| http://download.cnet.com/Darik-s-Boo...-10151762.html

| Or, maybe FDISK will do? http://support.microsoft.com/kb/255867

| Or does one simply assume that one's disk is Rootkit free and simply use
| a Windows set-up disk and the in-built formatting facility?

| --
| Dave

Show us *any* malware in the wild that; infects or resides within the; BIOS, Motherboard
or Video-card.
**And I do not mean some engineer in lab environment who found he could introduce malware
into the BIOS, Motherboard or Video-card.

There is not taking a step outside the box. This is the reality.
There is NO malware that infects or resides within the; BIOS, Motherboard or Video-card.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[~BD~]

David H. Lipman wrote:
>
> Show us *any* malware in the wild that; infects or resides within the; BIOS, Motherboard
> or Video-card.
> **And I do not mean some engineer in lab environment who found he could introduce malware
> into the BIOS, Motherboard or Video-card.

I cannot do that ...... and you know it!

However - that does *not* mean that it *doesn't* happen!

> There is not taking a step outside the box. This is the reality.
> There is NO malware that infects or resides within the; BIOS, Motherboard or Video-card.

So you say, David.

Please review my answers to Dustin Cook.

BD

[David H. Lipman]

From: "~BD~" <BoaterDave@hot.mail.co.uk>

| David H. Lipman wrote:

>> Show us *any* malware in the wild that; infects or resides within the; BIOS,
>> Motherboard
>> or Video-card.
>> **And I do not mean some engineer in lab environment who found he could introduce
>> malware
>> into the BIOS, Motherboard or Video-card.

| I cannot do that ...... and you know it!

| However - that does *not* mean that it *doesn't* happen!

You can't becuase there are none!

While there are none, you are pushing FUD.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[~BD~]

David H. Lipman wrote:
> From: "~BD~"<BoaterDave@hot.mail.co.uk>
>
> | David H. Lipman wrote:
>
>>> Show us *any* malware in the wild that; infects or resides within the; BIOS,
>>> Motherboard
>>> or Video-card.
>>> **And I do not mean some engineer in lab environment who found he could introduce
>>> malware
>>> into the BIOS, Motherboard or Video-card.
>
> | I cannot do that ...... and you know it!
>
> | However - that does *not* mean that it *doesn't* happen!
>
> You can't becuase there are none!
>
> While there are none, you are pushing FUD.
>
>

To whom do you consider that I'm "pushing" Fear, Uncertainty and Doubt?

All I've *ever* been doing is asking questions!

--
BD

[David H. Lipman]

From: "~BD~" <BoaterDave@hot.mail.co.uk>

| To whom do you consider that I'm "pushing" Fear, Uncertainty and Doubt?

| All I've *ever* been doing is asking questions!

To all the readers of the x-posted news groups and all the http front-ends that access
them.

As for ...
"In particular, do you agree that "Rootkits can also hide in the Firmware
of Hardware Components, in the BIOS, Motherboard, Video-card EEPROM or
Alternate Data Streams....." ?

The part about Rootkits hiding in the Firmware of Hardware Components, in the BIOS,
Motherboard, Video-card EEPROM has already been answered. You brought it up before, a few
times, and you were told that it is incorrect. By you re-incarnating the subject matter
you are introducing FUD as if what you had been previously told was not factual.

As for ADS that is a whole different concept and is a way of hding a RootKit.
http://en.wikipedia.org/wiki/Alternate_data_stream

There is a kind of RootKit methodology that has been used, that was NOT even mentioned,
and was used by the Gromozon malware family (which also used ADS) and was described quite
well by Marco Guiliani of Prevx.

Find that information and report back what that methodology is. That's worth discussing,
not "In particular, do you agree that "Rootkits can also hide in the Firmware
of Hardware Components, in the BIOS, Motherboard, Video-card EEPROM" ****.



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Dustin Cook]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in
news:hrfemu0i3o@news2.newsguy.com:

> From: "~BD~" <BoaterDave@hot.mail.co.uk>
>
>
>| So now we are in a situation where someone (drdos) has posted
>| information on a well known technical forum saying one thing .......
>| and Mr David H Lipman (whoever he may *really* be!) making a post on
>| Usenet groups claiming that the original poster is wrong.
>
>| Take a step outside the box, David.
>
>| How could anyone simply 'visiting' these groups have any notion of
>| who is actually telling the truth?
>
>| I am /inclined/ to believe what *you* say - but there is no
>| supporting evidence to that effect - is there?
>
>| Is it reasonable for readers to accept that, as you have made no
>| disparaging comment to the contrary, that "Most wiping, erasing,
>| formatting, and partitioning tools will not overwrite logical bad
>| sectors on the Disk, leaving the Rootkits and their accompanying
>| payload of malware behind and still active."?
>
>| If so, what action would one recommend one takes before reinstalling
>| an operating system on a previously used disk - Darik's Boot and
>| Nuke?
>| http://download.cnet.com/Darik-s-Boo...d-DVD/3000-209
>| 4_4-10151762.html
>
>| Or, maybe FDISK will do? http://support.microsoft.com/kb/255867
>
>| Or does one simply assume that one's disk is Rootkit free and simply
>| use a Windows set-up disk and the in-built formatting facility?
>
>| --
>| Dave
>
> Show us *any* malware in the wild that; infects or resides within
> the; BIOS, Motherboard or Video-card.

And evidently, has some sort of universal translator for the code
differences found between them all.

> **And I do not mean some engineer in lab environment who found he
> could introduce malware into the BIOS, Motherboard or Video-card.

I would prefer it further if said engineer was able to demostrate
operational code instead of a storage site for potentially malicious code
which will never get run control; and thus, remain quite... harmless.

> There is not taking a step outside the box. This is the reality.
> There is NO malware that infects or resides within the; BIOS,
> Motherboard or Video-card.

Only few malware samples which would make an effort to corrupt the BIOS;
and it required very specific hardware in order to do it's deed. One size
doesn't fit all.




--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior