|
Avid Pro Audio CommunityHow to Join & Post • Community Terms of Use • Help Us Help YouKnowledge Base Search • Community Search • Learn & Support |
#1
|
|||
|
|||
Diskwarrior 4.2 saves the day (again!)
Got hit by a New Years Day bit volume virus... disk utility and Norton couldn't repair. I have three older versions of DW but there is a special CD version that boots into Tiger CD44... a few weeks more and the new ROM from Apple will be available to Alsoft and the new DVD with 4.2 will boot 09+ macintels.
Just a head's up. Tel# 281 353 4090 When you preview damage disks, have a large Sandisk Cruzer or another firedrive partition to store 'unrecovered data' that way you may not loose anything. Yep there is a warning going out re: tiny urls and phishing... but it may be a lot worse, as in port forwarding or DNS hacks on servers, even Airport and newer routers. Just another head's up. Yep 30-50 pages of compressed code (Trojan) hidden with a url shortening service, so beware of email and iChat any messenger system coming from 'buddy' list or address book (this is a botnet). Last edited by aka21stCentury; 01-12-2011 at 09:31 AM. Reason: Please read below for Windows 7 and TDL-3 variant rootkit |
#2
|
|||
|
|||
Re: Diskwarrior 4.2 saves the day (again!)
Quote:
__________________
Scott Formerly Hobo Wan Kenobi Core 2 Specs Page ASUS P6T6 Revolution | i7 930 | 12GB OCZ DDR3 1600 7-7-7-20 | PTLE 10 | CPTK | 003 | Presonus D8 | 11Rack | Alesis AI3 | Presonus HP60 | Mercury + Studio Classics | Sound Toys | MasseyPack | Axiom61 | MAudio Keystation Pro 88 |
#3
|
|||
|
|||
Re: Diskwarrior 4.2 saves the day (again!)
That number FYI is Alsoft sales. If you have an '09 or '10 Apple call first to see if the boot rom available on the DVD will boot your mac. A newer boot rom is expected any day from them to boot the newer machines. 10.6.6. was just released.
SOL -- these are Flash Security Settings. Mine were hacked late Dec and my drive crashed with data coming in off my router, lighting write LED's on my boot firewire drive (apple).... then BLUE SCREEN, but because I was able to save my boot disk I could see with Better Security Addon to Firefox the SOL hack. No password is required. Support Apple in their movement against Adobe/Macromedia -- as Apple iMacs and Laptops were the first to come out with onboard video cameras this is a big concern for Apple IT team & security consultants. If you have an HP Printer Flash 6 installs at root even if root is not enabled by default on all Macs. This security flaw is similar to what is now being seen on W-7 64 bit. I.e. the print spooler on W-7 has root access. It is being exploited by the new variant below. THIS NEW THREAT IS CALLED TDL-3 variant or Aluero TDL3 rootkit still large issue for anti virus programs Free TDL3 removal with Hitman Pro ----------------------------------------------------------------------------------- Hengelo, January 19, 2010. Occasionally a new virus appears that is clever enough to completely deceive anti virus programs. TDL3, a variant of the TDSS rootkit (also known as Alureon) is such a sophisticated virus that is causing sleepless nights for anti virus researchers. The first variant, TDL1, appeared in the summer of 2008 and is still capable to prevent detection by many anti virus programs. In the summer we saw the 2nd variant TDL2. *"The TDL3 is one of the most sophisticated viruses I have seen"*, according to CEO Mark Loman. *"The rootkit is piggybacking on a standard driver to avoid detection by anti virus programs."* How does TDL3 work? TDL3 registers itself first as print processor. The printer subsystem (spoolsv.exe), that has administrative rights, loads this Print Processor. Virus scanners that monitor the behavior of processes will not be alarmed because the printer subsystem is a trusted part of Microsoft Windows. TDL3 has now full system access rights as Print Processor and infects the lower level system driver that is responsible for the communication with the hard drive. When virus scanners want to check this driver, they see the original file so they are unable to recognize the infection. TDL3 places an encrypted file system on top of the standard file system on the last sectors of the hard drive. The encryption ensures that these files cannot be read directly from disk to avoid detection by anti virus programs. The encrypted file system is used to store other threats that are downloaded from the Internet. *"It is like a hotel"*, says Mark Loman. *"Other virus writers can book a room in this 'TDL3-hotel' and use it to hide their virus from anti virus programs"*. How to remove TDL3? The number of infected computers is growing quickly. The latest guest of the TDL3-hotel is redirecting search engines to malicious websites so many people refer to this as the Google Redirect Virus. There are only a few anti virus programs that detect a TDL3 infection. And the number of anti virus programs that can remove the infection is nearly zero. Also see http://www.eset.com/resources/white-...3-Analysis.pdf ------------------------------------------------------------------------------------------------------------------------------------ end of quote From 21stCentury -- it was my boot volume. Two other partitions were fine. Not a HD crash. This was an attack targeting data. Probably because I am behind three firewalls I was spared worse damage. FYI - I actually watched as I booted to a firewire disk (Oxfords) the write LED's light. I rarely boot online. Then blue screen. I bought a much more secure router prior to going online. I don't work for any companies mentioned above, although I am a former sys admin and Cisco trained IT network dimwit. Last edited by aka21stCentury; 01-12-2011 at 10:38 AM. Reason: Please AVID lockdown this forum. HTTPS encrypted logins! |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
DiskWarrior to the rescue! | pennyco | Pro Tools 9 | 0 | 03-24-2011 10:12 AM |
Beware Diskwarrior | songman | Pro Tools TDM Systems (Mac) | 8 | 12-30-2009 04:04 PM |
DiskWarrior | Stig Eliassen | Pro Tools TDM Systems (Mac) | 12 | 02-16-2005 07:04 AM |
DiskWarrior | antnyzman | 003, Mbox 2, Digi 002, original Mbox, Digi 001 (Mac) | 10 | 12-31-2003 07:16 PM |
diskwarrior saved the day | David McRell | Pro Tools TDM Systems (Mac) | 9 | 08-06-2000 03:40 PM |