Vote For Warrior Matrix at Conspiracy Top Sites

daily quote warrior matrix

Follow Us On Facebook
"restarting due to disk write"...

Post new topicReply to topic
   Warrior Matrix Forum Index -> Computer Security
View previous topic :: View next topic  
Author Message

Joined: 05 Feb 2005
Posts: 355
Location: Aberdeen, WA

PostPosted: Sun Nov 06, 2005 1:21 am    Post subject: "restarting due to disk write"... Reply with quote

OK, I want to offer a big "sorry!" in advance if I'm taking this category where it should not go. But my question is about processes that are running and affecting my system, that I cannot find.

The reason this worries me is that the restarting due to disk write, detailed below, indicates to me that I have some stealth process running on my computer. And I don't like that.

I was trying to use Norton Wipe Info to overwrite free space on my disk, but it keeps restarting due to disk write. I turned off everything except the myriad norton processes and explorer. Turned off task manager, turned off screen saver and energy saving timers. Why would these things need to write to disk anyway, don't they just look at the clock?

So, even though Norton, Spybot, the online PC-Cillin etc believe my computer is clean as a whistle, I still have something running that keeps writing to the disk. Is there something obvious that I'm missing?

Anyone know of applications that will a) detect all processes running and possibly their dependencies, or b) do a wipe/overwrite of previously existing info on disk, including swap file?

Aargh! I keep trying to learn to use Linux, but have never been able to establish a POP connection.

Windows 98 SE, venerable Pentium 550MHz, lots of RAM, a dinosaur that in general has been absolutely stable.

I have been through several difficulties in the last month or so that have made me think it is malware that is keeping Spybot from immunizing against a few algorithms.

Thanks for any help offered, and again, not trying to turn this into the "computer boost request" category!

Back to top
View user's profile Send private message Send e-mail Visit poster's website

PostPosted: Sun Nov 06, 2005 2:33 am    Post subject: Reply with quote

Hijack This! is a program that lists all running processes and startup programs. This may sound horrible to some, but Micro$oft's Anti-spyware - They didn't write it, GIANT did...then Microsoft bought their company - anyway it was the best anti-spyware program on the market, and now it is a free download from MS. Get it and see what it says about your problem.

http://www.majorgeeks.com/download3155.html - Hijack This!

http://www.microsoft.com/athome/security/spyware/software/default.mspx - MS Anti-spyware
Back to top

PostPosted: Sun Nov 06, 2005 2:46 am    Post subject: Window Washer Reply with quote

There is a program called Window Washer, it is by Webroot. It does what Norton wipe says it is supposed to do. I have never had it complain about disk writing. I first started using it to clean-wipe machines that may have had sensitive data on them. It will write over the hard drive a specified number of times (3 will usually do the trick, I use 7) so that the information will NEVER be retrieved.

http://www.webroot.com/consumer/products/windowwasher?rc=266&ac=383&wt .srch=1&wt.mc_id=383
Back to top

Joined: 27 Apr 2005
Posts: 140
Location: Lakemont, Pennsylvania

PostPosted: Fri Dec 02, 2005 10:25 pm    Post subject: Reply with quote

Scott, if you have time to read and answer this, great, if not, that's great too Shocked

You'd mentioned "clean wiping" machines to remove sensitive data. I take this to mean you are clean wiping everything (OS, registy, all files, everything, etc) from a machine so that you can start from scratch with a formatted disk afterwhich you proceed to make a fresh and clean functioning computer again.

My question pertains more to selectively wiping disk areas from an otherwise still functioning computer so that it remains a functioning computer Embarassed . (yes, many times I've started off on the "selective hunt" only to end up accidentally wiping something vital, in turn leaving little recourse but to wipe the entire machine and start over loading an OS).

Case in point, I do a fair number of web credit card purchases (mostly orgonite related of late). This I know leaves tracks somewhere in the registry among other places on my computer. The dilemma I have is knowing exactly where these kinds of tracks are left so I can go to them, delete as I choose, then go on with my computer life. It is kind of annoying that I know buried within my computer are CC account numbers, passwords, transaction info, etc and that while I don't know exactly how to selectively delete them, a hacker, should they gain access to my computer, easily knows how and where to retrieve this info. I actuaally took the time (over an entire night) going through each and every registry entry on an older and much slower ME machine........ effective, but what a slow treat in the process Sad The trouble I have with a lot of these "wipe" programs is that they sort of assume the user knows precisely which parts of the disk they want to wipe so as to leave the other areas untouched and functioning. I've used a couple different ones, one was actually called "eraser" or "disk eraser" or something like that, and it was basically like this Window Cleaner program you mentioned.

Is there a good reference (one that is straightforward english and does not require an MS-Windows degree to understand), book, tutorial, whatnot, that you know of that easily shows how to locate these kinds of computer/disk storage areas that in and of themself are a potential security reisk? If not pinpointing the exact disk/registry location, it would help quite a bit if I could at least narrow the choice down to a parituclar registry category (for instance, based on XP and the five categories - HKEY CLASSES ROOT; HKEY CURRENT USER; HKEY LOCAL MACHINE; HKEY USERS; HKEY CURRENT COFNIG ) ?


Back to top
View user's profile Send private message

Joined: 24 Jan 2005
Posts: 424

PostPosted: Fri Dec 02, 2005 11:16 pm    Post subject: Reply with quote

I was fortunate enough to have an inquisitive mind and a knowledgable computer teacher when PC's were starting to come into the public mind. The principles of computers are still the same.

When one refers to a disk wipe, they are referring to the entire hard disk being overwritten as a 1 or 0. A HD is nothing more than a medium that retains a library of 1's and 0's. These two states of 1 or 0 is called a bit. These 1's and 0's are represented as a positive or negative charge. These charges have a variance, a range, or how strong the charge is. I don't recall what the range is, but for discussion let us say that a positive charge is anything from .00001 to 1 and a negative charge is -.00001 to -1.

When a wipe occurs, the medium is being overwritten as a string of 1's or 0's. It may not fully change the charge from a 0 to a 1, otherwise known as switching polarity. A positive charge may go from .250 to .125 when it was supposed to go negative.

There is software that will read what the real value of the charge is, usually in multiple passes to gather an average, and reconstruct the data. When you wipe multiple times, the medium is getting charged multiple times to push the charge to its furthest limit and not some degree of its variant.

Wiping occurs on the entire medium, usually a hard disk. I haven't seen software that will wipe a particular file, although it should be theoretically possible.

Back to top
View user's profile Send private message Send e-mail

PostPosted: Sat Dec 03, 2005 3:44 am    Post subject: Reply with quote

I wasn't clear earlier.

Window Washer will wipe temporary files, cookies, MRU (Most Recently Used) Lists, Recycle Bin, blank space and other things like that. What I was trying to say was that I started using the company's software to wipe entire hard drives, but then found that they had a separate program (Window Washer) that wipes only ceratin areas.
Is that clearer?

To answer your questions about the registry,
HKLM = HKey_Local_Machine
HKCU = HKey_Current_User
Start by checking:
These contain program command lines that run at startup. Remove anything unneccesary to speed up your Windows load time.

Both contain program information, check these for programs you have uninstalled to make sure there is no leftover info bloating the registry.

It is kind of hard to tell where certain things are going to be stored, but a simple search Ctrl+F will help. Credit Card info wouldn't really end up in the registry.

Delete the contents of any folder on your hard drive that is named 'temp,' 'temporary,' etc.

Still, this is not exactly deleting the info so much as marking it safe for overwriting. That's why programs like Window Washer come in handy. It wipes all info marked safe for overwriting so that it *theoretically* cannot be retrieved. Read about it here:
Back to top

Joined: 24 Jan 2005
Posts: 424

PostPosted: Sat Dec 03, 2005 10:16 am    Post subject: Reply with quote


My guess would be due to the swap file being set to "dynamic". Reboot and press F8 when you hear the beep and/or the end of the device detection until a text menu comes up. Choose "safe mode" then disk wipe. If that doesn't work, set the swap file to none as described below, reboot into "safe mode" and wipe.

If you are running a dynamic swap file, you can get better performance by changing it to permanent. The best perm swap file is one that resides in one contiguous space on the hard disk. General computer use creates "data holes" that make discontiguous space. Switching straight from dynamic to permanent will likely allocate space in the discontiguous space, which is not optimal.

The way to get a contiguous space for a perm swap file is to be booted in normal mode and setting the swap file to NONE. To change the swap file method, go to control panel > system > advanced > performance > settings. Reboot into safe mode and degragment the hard drive. Defragmenting moves all the data to the front, filling all the "data holes" and leaves the remaining space free which is...tada... contiguous. After defragmenting, set the swap file to permanent with the mix and max values the same - anywhere from 128 to 512 in my estimation - and reboot.

When windows comes back into normal mode, it should perform better. This does not account for optimizing startup programs, services, spyware or badly written (bloated) software such as MS Office - use OpenOffice! Smile


BTW, I did a search on "file wipe" and there are indeed programs out there that will wipe a single file, so now I can qualify that I've heard of them, just not used them. Smile
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topicReply to topic
   Warrior Matrix Forum Index -> Computer Security All times are GMT
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum