What are Lost Clusters and How To Delete Safely

What are Lost Clusters and How To Delete Safely

This is in response to a group list I am a member of with a real gem here…..
“> Useful tip?
> A link that resolved this problem:
> http://blog.dotsmart.net/2008/06/12/solved-cannot-read-from-the-source-file-or-disk/#comment-1995
>
> I recently had my PC lock up during a defrag which resulted in a corrupted 0
> byte  file on my desktop that I was unable to even ‘delete on next boot’,
> rename etc. Kept getting “Cannot read from the source file or disk” ……

My response……
I have seen in malware removals – specifically spyware installations – that a fragment or piece of the files/registry keys installations left over can cause a similar problem and may be the definition of the actual “unreadable / undeleteable file” . It is called “lost clusters”. When spyware is trying to “hide its tracks” like when using SMTP Mailers or transmissions of any sort of personal data it snooped on, they will cause violent brute force crash/dump/reboots of the system performing mini dumps of communication data and logs etc.  Once they have their information stolen, they really don’t care what happens to the pc stolen from – and always lack sophistication of programming with Windows and are just their best efforts at hacking the system and earn their name “malware”.

My experience with other than the Windows built in Disk Defrag are that they seem to have problems actually performing the task and can cause problems. I do NOT use them. In my experience, they have been created at both the ignorance of the Windows User not knowing that Windows has these accessories already included with Windows and also that the freeware/shareware software utilities always want to promise much faster speeds than Windows Accessories to perform like-tasks.

Computer Maintenance is necessary for optimum healthy performance of the Windows Operating System. In years past to present, at various groups/lists/forums with tech help and malware removal help – too many users balk at this and end up there for help. Novices (newbies, as I once was) do not realize this until way down the line with one helluva slow computer and start looking for help. The newer generation of Windows Users seem entranced with the media eye candy blitz and gaming. Any type of maintenance or security tasks turns a deaf ear in too many cases. In fact, in security products – this ignorance and apathy of Windows Users has given birth to “cloud computing” security products and the step down of the secure Vista system to Windows 7.  Microsoft and the security products industry have catered to these type users as actually a majority. These have done their best to keep these PCs free of malware that affects the entire world web community – networks, ISPs, and consumer PCs – that, if infected, continually pump out spam and malicious wares to infect others and bog down bandwidths and are an expense.

With Lost Clusters (file/key fragments no longer belonging to files or softwares or programs or installations) can and should be cleaned up with Files and Registry Cleaners. This is done with regular Computer Maintenance. This is the one main area that Windows Accessories does not perform adequately. A couple products I have used work well to delete these in clean up sweeps…. the original Trend Micro antispyware had the free included clean up utility that addressed these. I believe it is still part of their newer suite. The Uniblue clean up products in fact have the exact phrase “Lost Clusters” to check in a clean up sweep. A really good ‘Genuine Freeware’ (not ad driven) has been CCleaner used by millions and millions (they accept donations).

Cleaning up junk files should be performed daily – even hourly or per session. “Internet Tracks” are a spyware target. These cleaners also, generally all of them, clear caches as well that free session use memory and speed up navigation instantly. The only dangers is to be careful, specifically, with Windows TEMP files clean up. (This can be done safely with the Windows Accessories / Disk Clean Up time to time – weekly/monthly) and I recommend reading a blog I did on this ….. https://bluecollarpcwebs.wordpress.com/2010/01/14/temporary-internet-files-windows-temp-files-safe-to-delete/ …..briefly, the dangers with these are corrupting a newly installed software or like Windows Update etc. These use these up to a week or so, depending on whether there has been actual use of the new installation.

The whole idea of my reply is not targeted at you, but you have a good topic here and I have added my experience comments that others may read or add to or may have helped. The idea here in my context is that this occurrence may have been easily prevented by ongoing Computer Maintenance tasks that clean these up and add navigation speed and general computer health for optimum safe performance. It takes a while to realize that a desktop computer is kind of like a young or teenage child that needs your attention time to time and can not be ignored.

HERE is the technical definition…..

What is lost cluster? – A Word Definition From the Webopedia ..
http://www.webopedia.com/TERM/L/lost_cluster.html
“Also called a lost allocation unit, or a lost file fragment. A data fragment that does not belong to any file, according to the system??s file management system, and, therefore, is not associated with a file name in the file allocation table. Lost clusters can result from files not being closed properly, from shutting down a computer without first closing an application or from ejecting a storage medium, such as a floppy disk, from the disk drive while the drive is reading or writing. ”

In the defrag process, apparently it could not move and assign the lost cluster fragment to any software, file, or program and caused the error message. Again, computer maintenance clean up performed before the defrag process to achieve a tight speedy disk may have prevented this.

Of course this is my opinion from the college of hard knocks in personal experience as not a programmer etc. As well, I have discovered many forums have administrators and moderators that actually run PC Repair Shops or services and have intentionally or ignorantly deliberately given bad advices to these and similar scenarios which then cause further problems down the line or immediately. On the larger scale you can google the “Unscrupulous PC Repair Guy”. They are real scams. They love to use the term “snake oil” for these and malware removal practices and may even recommend never needing antivirus ! Unbelievable.

gerald philly pa usa
webmaster http://bluecollarpc.us/
(Community Help Site)

Advertisements

Surprise: Comodo Internet Security Earns the Prestigious VB100 Virus Certification

Comodo Internet Security Earns the Prestigious VB100 Virus Certification
HostReview.com (press release)
Jersey City, NJ, April 14, 2011
To earn the VB100 award a product must have been tested by Virus Bulletin and in those tests it must have demonstrated, in its default mode, 100 percent detection of In the Wild test samples and no false positives in a selection of clean files. …
http://www.hostreview.com/news/110414-comodo-internet-security-earns-prestigious-vb100-virus-certification
 
[This is great news. They have been a free community product service for a couple years (free Comodo Antivirus, Firewall) and already had a high detection rate, though could have been higher. We applaud their obvious intensive work and in winning the VB 100 Award ! ]

Posted in BlueCollarPC WordPress Blog. Tags: , , , , . Comments Off on Surprise: Comodo Internet Security Earns the Prestigious VB100 Virus Certification

New virus infects Linux and Windows platforms (cross-platform infections)

New virus infects Linux and Windows platforms (cross-platform infections)…..

  
Winux Virus
New virus infects Linux and Windows platforms
: security technology studies microsoft windows versions linux viruses malicious payload william stearns….
http://antivirus.about.com/library/weekly/aa032801a.htm
  
Winux: Two in One Virus 
 The first Windows, Linux cross-platform virus discovered 
http://antivirus.about.com/library/weekly/aa032801a.htm
“Virus researchers have discovered a new breed of virus that infects both Windows and Linux files on Intel-based Pentium PC’s. Considered a proof-of-concept virus, it has not been found in-the-wild. As such, it is not posing a threat to users, but could signal the beginning of a new precedent in virus writing – the cross-platform threat. Within less than a day of discovery, the new virus has already been assigned a number of different names, including Linux.PEElf.2132, W32.Winux, Linux.Winux, W32/Lindose, and W32.PEElf.2132.  …..
 
HISTORY…..
 
Cross-platform Virus Infects Linux And Windows
http://www.networkcomputing.com/data-protection/cross-platform-virus-infects-linux-and-windows.php
April 7, 2006
A Russian security company announced Friday that it had found a cross-over virus that can infect PCs running either the open-source Linux or Microsoft Windows operating systems. Dubbed “Linux.Bi.a” and “Win32.Bi.a,” the split-personality malware doesn’t do any damage. Instead, said Moscow-based Kaspersky Labs in an online briefing, it’s a proof-of-concept to prove that a cross-platform virus is possible.
 
Java Based Cross Platform Malware Trojan (Mac/Linux/Windows)
http://www.darknet.org.uk/2011/01/java-based-cross-platform-malware-trojan-maclinuxwindows/
20 January 2011
It’s pretty rare to read about malware on the Linux or Mac OSX platforms and even more rare to read about cross-platform malware which targets both AND Windows by using Java. A neat piece of coding indeed, it targets vulnerabilities in all 3 operating systems – the sad thing? The malware itself is vulnerable to a basic directory traversal exploit, which means rival gangs can actually commandeer the infected targets.
They went to lengths to keep it secure and unseen (encrypted communications etc) – but didn’t program the malware itself securely…
 
Computerworld –
http://www.computerworld.com/s/article/110330/Kaspersky_warns_of_cross_platform_virus_proof_of_concept
Kaspersky Labs is reporting a new proof-of-concept virus capable of infecting both Windows and Linux systems.
The cross-platform virus is relatively simple and appears to have a low impact, according to Kaspersky. Even so, it could be a sign that virus writers are beginning to research ways of writing new code capable of infecting multiple platforms, said Shane Coursen, senior technical consultant at Kaspersky.
 

RELATED:
Torvalds Patches Linux Kernel, Fixes Broken Virus –
http://www.pcworld.com/article/125461/torvalds_patches_linux_kernel_fixes_broken_virus.html
PCWorld 
After discovering that the virus didn’t work on recent versions of Linux, …
” We may see another virus using the same method of cross-platform infection. … ”
 
Linux malware From Wikipedia, the free encyclopedia 
http://en.wikipedia.org/wiki/Linux_malware
A new area of concern identified in 2007 is that of cross-platform … was discovered that contained a script that used the infected Linux PC in denial-of- service attacks. … There are a number of anti-virus applications available for Linux, …. Windows Viruses”.
 
FROM OUR BLOG ON THIS……
 
My Linux choice – Ubuntu (dual boot systems, security myth already)
August 15, 2010 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2010/08/15/my-linux-choice-ubuntu-dual-boot-systems-security-myth-already/
“….Of course as webmaster of the BlueCollarPC since 2005, I am obviously very, very, very security oriented and share this as a Community Help site – free (Windows OS). We can review original ‘horn locking’ from mid-decade (2000 – 2010) in the several arguments that Firefox browser, Linux OS (operating system) , Apple/Mac were safer than Windows between the two operating system users and conclude that in this new decade Windows users may begin to flock to Linux as a “back up system” to Windows being inoperative due to malwares. This is along the lines that much malware on Windows used the Active X maliciously (like trojans or malware toolbars, etc.) in Internet Explorer browser and the Mozilla Firefox browser operated without it. So the arguements began and the hype and so on that “Firefox is safer than Internet Explorer” and many, many Windows users have installed Firefox as a back up browser to use in the event malware affecting the Internet Explorer in some lock out denial of service manner occurred. In the early days this was working to achieve logging onto the internet when you could not on IE (Microsoft Internet Explorer, part of Windows OS). But cybercrime has evolved greatly in a very, very, very short time and with today’s botnet activities and infections – they can simply block many browsers from navigating to security sites for removal help and software and utilities. There was also a cross-infection that was achieved between the two browsers – Firefox and IE.
 
So, although this may be true in the Linux add on as a back up system right in the same computer (dual boot) with Windows – along those same lines as the ‘back up browser’ – cyber crime no doubt has and is working on some “cross platform” type infection ability – cross operating system malware – to rule this out, meaning as fast as we get there with this idea – they have already seen us coming. Suddenly just a couple years ago, all the Linux and Apple/Mac malwares were discovered and do not forget the other argument – Linux and Apple/Mac were safer simply because 90 percent of the world was on Windows and are the target of the cyber criminal underground meaning Windows users are “where the money is”. This is relating to the malicious ID Theft activity by cyber criminals and other various spyware scenarios and nefarioius use.
In this new decade (2010 – 2020) – I obviously predict this occurrence of the cross operating system infection for dual boot observing this – user security options as adding another OS creating a dual boot system computer. It will be exploding with all the ways in a dual boot system using Linux and Windows of how you can use Linux to actually hack back into the infected Windows sytem to get rid of malware infection. This is already possible in various ways. Not long and it is going to be the same with just Windows as with dual boot systems – in worst infections there will be no way in to remove it. …..”
 
ESET NOD32 has won the most awards for Windows protection…
(about 25 percent more than second and third place worldwide – Symantec, Sophos)
ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 – still
the highest of any antivirus vendor!
December 2009 – ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html
 
….So you figure if you absolutely need/want protection – they are a superb company….
ESET NOD32 Antivirus 4 for Linux Desktop Beta Program
Whether you use your Linux desktop to surf the Web or work on shared office documents, it is vulnerable to direct attacks by malware or may be targeted as a carrier for cross-platform viruses and other threats designed to target Windows and Macs. Network shares, email and removable media like USB keys are easy ways for multiplatform malware to spread under the radar.
Runs on the following distributions: Debian, Fedora, Mandriva, RedHat, SuSE, Ubuntu, and other RPM and DEB package manager based installations.
kernel >= 2.6
GNU C Library 2.3 or newer
GTK+ 2.6 or newer
LSB 3.1 compatibility recommended
 
THE MORE LINUX IS USED, THE MORE THE NEED AND REALIZATION OF COMBO PACKAGES FROM SECURITY PRODUCTS NO DOUBT !
 
Research Item:
Executable and Linkable Format
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Executable_and_Linkable_Format
 
 
I personally have been hedgy about dual boot (Linux and Windows on same computer) and have mine (Ubuntu Linux) on my Windows Vista machine of the which Vista is noteably the safest Windows operating system EVER conceived that does not allow viruses to “write to the computer disk” and any virus can only achieve residing temporarily in the tempfiles which would need stupidity or being duped to click and execute the infection. As well with UAC (User Account Control) on as recommended that does this protection -there is NO rootkit that can possibly run on Vista EVER found. ….
 
Vista’s Despised UAC Nails Rootkits, Tests Find – Business Center …
http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html
May 25, 2008 … Most users find it annoying, but Vista’s Account Control
feature proves most effective in security tests…..
QUOTED….
“….Love or hate its nagging prompts, Vista’s Account Control feature (UAC) has a security feature that marks it out from any other type of Windows security programme — it can spot rootkits before they install.
This is one finding buried in a report published in two German computer magazines some months ago after testing by the respected AV-Test.org, which set out to find out how well antivirus programs fared against known rootkits.
The answer was not particularly well at all, either for Windows XP, or Vista-oriented products. Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to the six web-based scanners assessed. Only four of the 14 specialized anti-rootkit tools managed a perfect score.

Best Protection

The best of the all-purpose suites was Avira AntiVir Premium Security Suite, which found 29 active rootkits, with Norton finding as few as 18. The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER, Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect scores. The scores for removal were patchy, however, with all failing to remove any of the rootkits they had found.

The results for Vista products were harder to assess because only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista’s UAC itself spotted everything thrown in front of it.

Only three of the 17 AV tools for Vista managed to both detect and successfully remove them, F-Secure Anti-Virus 2008, Panda Security Antivirus 2008, and Norton Antivirus 2008.

Once on a PC, rootkits can bury themselves quietly, but they have to get to that point first. As long as users interpret prompts from the UAC system attentively, or those messages haven’t in some way been spoofed, rootkits struggle to jump to the PC without drawing attention to themselves.

That UAC can tell a user when a rootkit is trying to install itself is not in itself surprising, as Vista is supposedly engineered from the ground up to intercept all applications requests of any significance.

Posted in ANNOUNCE, BlueCollarPC WordPress Blog. Tags: , , , , , , , , . Comments Off on New virus infects Linux and Windows platforms (cross-platform infections)
%d bloggers like this: