http://www.channelregister.co.uk/2007/1 ... d_updated/

"Confirmation that a Maxtor hard disk drive was infected with a
Trojan by a manufacturing sub-contractor in China is spooking
Taiwanese authorities, one of the countries where examples of
the infected kit have begun to appear.

As first reported by El Reg in September a pre-installed Trojan
named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
3200 external hard drives sold in the Netherlands. Maxtor is owned
Seagate. Initially, Seagate expressed skepticism about the reports.

But following a subsequent investigation the firm confirmed that an
unspecified number of Maxtor Basics Personal Storage 3200 drives
sold after August 2007 were indeed contaminated by malware during
the manufacturing process. It traced the problem to an unnamed
sub-contractor in China."

... full story ... link above

On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
<diy-er@privacy.invalid.com> wrote:

>
>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>
>As first reported by El Reg in September a pre-installed Trojan
>named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>3200 external hard drives sold in the Netherlands. Maxtor is owned
>Seagate. Initially, Seagate expressed skepticism about the reports.
>

Well, this means that Kaspersky is really the best antivirus available
for Windows...


--
Music, Arts, People, Ideas - Shopping articles and stories
http://manuelmarino.com - http://newonlineshopping.net

On Wed, 14 Nov 2007 08:49:29 +0100 'Manuel Marino'
wrote this on alt.comp.hardware.homebuilt:

>On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
><diy-er@privacy.invalid.com> wrote:
>
>>
>>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>>
>>As first reported by El Reg in September a pre-installed Trojan
>>named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>>3200 external hard drives sold in the Netherlands. Maxtor is owned
>>Seagate. Initially, Seagate expressed skepticism about the reports.
>>
>
>Well, this means that Kaspersky is really the best antivirus available
>for Windows...

Kaspersky also found the Trojan.system.poser recently when I
uploaded it to jotti. Several other online checkers did too.

Manuel Marino wrote:
> On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
> <diy-er@privacy.invalid.com> wrote:
>
>>
>> http://www.channelregister.co.uk/2007/1 ... d_updated/
>>
>> As first reported by El Reg in September a pre-installed Trojan
>> named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>> 3200 external hard drives sold in the Netherlands. Maxtor is owned
>> Seagate. Initially, Seagate expressed skepticism about the reports.
>>
>
> Well, this means that Kaspersky is really the best antivirus available
> for Windows...

How does it mean that? Perhaps Kaspersky just got hold of it first.

SteveH

On Wed, 14 Nov 2007 10:54:03 GMT, "SteveH"
<steve.houghREMOVE@MEblueyonder.co.uk> wrote:

>Manuel Marino wrote:
>> On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
>> <diy-er@privacy.invalid.com> wrote:
>>
>>>
>>> http://www.channelregister.co.uk/2007/1 ... d_updated/
>>>
>>> As first reported by El Reg in September a pre-installed Trojan
>>> named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>>> 3200 external hard drives sold in the Netherlands. Maxtor is owned
>>> Seagate. Initially, Seagate expressed skepticism about the reports.
>>>
>>
>> Well, this means that Kaspersky is really the best antivirus available
>> for Windows...
>
>How does it mean that? Perhaps Kaspersky just got hold of it first.
>
>SteveH
>

Yeah, that doesn't mean crap, if we continually reassigned
the award of "best" to whoever found any specific virus
first it would just make us all dizzy keeping track of every
single virus re-designation of "best" AV. Better would be
designation hall-of-shame awards for any AV product that
doesn't incorporate detection for anything after it has been
known in-the-wild for more than a week or so.

SteveH wrote:
> Manuel Marino wrote:
>> On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
>> <diy-er@privacy.invalid.com> wrote:
>>
>>>
>>> http://www.channelregister.co.uk/2007/1 ... d_updated/
>>>
>>> As first reported by El Reg in September a pre-installed Trojan
>>> named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>>> 3200 external hard drives sold in the Netherlands. Maxtor is owned
>>> Seagate. Initially, Seagate expressed skepticism about the reports.
>>>
>>
>> Well, this means that Kaspersky is really the best antivirus
>> available for Windows...
>
> How does it mean that? Perhaps Kaspersky just got hold of it first.
>
> SteveH

Or got the name mixed up with a Virus of same or simler name

--
Trev
You can always tell a Yorkshire man,
But you can't tell him much.

"Manuel Marino" <manuelmarino@marinosounds.com> wrote in message
news:s1alj3tin920o1agkc9929gs29pvlo56ie@4ax.com...
> On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
> <diy-er@privacy.invalid.com> wrote:
>
>>
>>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>>
>>As first reported by El Reg in September a pre-installed Trojan
>>named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
>>3200 external hard drives sold in the Netherlands. Maxtor is owned
>>Seagate. Initially, Seagate expressed skepticism about the reports.
>>
>
> Well, this means that Kaspersky is really the best antivirus available
> for Windows...
>
>
> --
> Music, Arts, People, Ideas - Shopping articles and stories
> http://manuelmarino.com - http://newonlineshopping.net
>
>
>
The best anti virus program out there is Linux.
,,!,, Microsoft

RIAA wrote:

X-Newsreader=Microsoft Outlook Express 6.00.2900.3138

> The best anti virus program out there is Linux.
> ,,!,, Microsoft
>
>

Hmmm... Statements like that are only valid if the poster is actually
using Linux at the moment of posting.

Microsoft Outlook Express IS a virus, it infects Usenet. Get that
replaced / seen to as soon as possible

--
Adrian C

On Wed, 14 Nov 2007 08:11:11 -0500, "RIAA" <poken@uranus.org> put
finger to keyboard and composed:

>The best anti virus program out there is Linux.

Actually the Windows platform appears to have a lot less
vulnerabilites than Linux/Unix.

Cyber Security Bulletin 2005 Summary
http://www.us-cert.gov/cas/bulletins/SB2005.html

"This bulletin provides a year-end summary of software vulnerabilities
that were identified between January 2005 and December 2005. ... There
were 5198 reported vulnerabilities: 812 Windows operating system
vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058
Multiple operating system vulnerabilities."

List of vulnerability summaries:
http://www.us-cert.gov/cas/bulletins/index.html

- Franc Zabkar
--
Please remove one 'i' from my address when replying by email.

Franc Zabkar wrote:
> On Wed, 14 Nov 2007 08:11:11 -0500, "RIAA" <poken@uranus.org> put
> finger to keyboard and composed:
>
>> The best anti virus program out there is Linux.
>
> Actually the Windows platform appears to have a lot less
> vulnerabilites than Linux/Unix.

That is pure FUD.

> Cyber Security Bulletin 2005 Summary
> http://www.us-cert.gov/cas/bulletins/SB2005.html
>
> "This bulletin provides a year-end summary of software vulnerabilities
> that were identified between January 2005 and December 2005. ... There
> were 5198 reported vulnerabilities: 812 Windows operating system
> vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058
> Multiple operating system vulnerabilities."
>
> List of vulnerability summaries:
> http://www.us-cert.gov/cas/bulletins/index.html

Look more closely at the stats and count up the number for each specific
OS listed. Don't just group them all together!

Linux != Unix != OS X != FreeBSD != HP UX != HP Tru64 != IBM AIX !=
NetBSD != OpenBSD != Solaris

I see at least 10 different OS's there with substantially different
source code that have all been grouped under the one "Unix/linux" heading.

Then remove all the multiple updates for each vulnerability and the
number becomes very much smaller. The reason for the multiple updates
is because the linux developers release patches usually within hours of
the vulnerability being discovered and don't always get the fix right
the first time. Sometimes it takes multiple iterations of a patch to
close the vulnerability entirely, though it is usually patched within a
day or two. OTOH, M$ can takes weeks or months to patch a vulnerability
and during that time the vulnerability is available to be exploited.
More secure? Don't make me laugh!

On Thu, 15 Nov 2007 07:24:06 +1100, Franc Zabkar
<fzabkar@iinternode.on.net> wrote:

>On Wed, 14 Nov 2007 08:11:11 -0500, "RIAA" <poken@uranus.org> put
>finger to keyboard and composed:
>
>>The best anti virus program out there is Linux.
>
>Actually the Windows platform appears to have a lot less
>vulnerabilites than Linux/Unix.
>
>Cyber Security Bulletin 2005 Summary
>http://www.us-cert.gov/cas/bulletins/SB2005.html
>
>"This bulletin provides a year-end summary of software vulnerabilities
>that were identified between January 2005 and December 2005. ... There
>were 5198 reported vulnerabilities: 812 Windows operating system
>vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058
>Multiple operating system vulnerabilities."
>
>List of vulnerability summaries:
>http://www.us-cert.gov/cas/bulletins/index.html
>
>- Franc Zabkar

Two unlocked cars in my driveway are safer than one
down-town.

It's not the # of vulnerabilities that matters, it's whether
they're targeted as frequently.

On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
<diy-er@privacy.invalid.com> wrote:

>
>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>
>"Confirmation that a Maxtor hard disk drive was infected with a
>Trojan by a manufacturing sub-contractor in China is spooking
>Taiwanese authorities, one of the countries where examples of
>the infected kit have begun to appear.

What real risk is this anyway?

M

On Nov 14, 7:49 am, Manuel Marino <manuelmar...@marinosounds.com>
wrote:
> On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
>
> <diy...@privacy.invalid.com> wrote:
>
> >http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>
> >As first reported by El Reg in September a pre-installed Trojan
> >named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
> >3200 external hard drives sold in the Netherlands. Maxtor is owned
> >Seagate. Initially, Seagate expressed skepticism about the reports.
>
> Well, this means that Kaspersky is really the best antivirus available
> for Windows...
>
> --

Nice one batman. You`re sarcasm is right, I bet it is an ad!

I didn`t notice myself. I only glanced at it so that`s my excuse.
Actually, if somebody posts something that looks like crap or even if
it is not, i tend to look at a few replies just to see what the
discussion is, they should pick out core excerpts, and may have good
comments. Indeed, it was crap. Ad or not.

A question that occurs to me though.. it is a windows virus i think..
So there were files on the hard drive?!!! Or was it a boot sector
virus.
I never heard of hard drives shipping with windows installed, and they
cannot ship the hard drive with windows, nowadays people don`t use win
9x, they use Win NT , which unlike 9x, does not usually have the
ability to be installed on one motherboard and work on another.



..

On Thu, 15 Nov 2007 09:32:11 +0000 'Mark'
wrote this on alt.comp.hardware.homebuilt:

>On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
><diy-er@privacy.invalid.com> wrote:
>
>>
>>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>>
>>"Confirmation that a Maxtor hard disk drive was infected with a
>>Trojan by a manufacturing sub-contractor in China is spooking
>>Taiwanese authorities, one of the countries where examples of
>>the infected kit have begun to appear.
>
>What real risk is this anyway?

The article which I quoted a link to explains what this and a
previous trojan attempt to do. My hunch is that it probably only
comes into play when you install one of the infected HDDs as an
additional drive, not as a Windows system drive but I could be
wrong.

On Nov 15, 10:51 am, diy-er <diy...@privacy.invalid.com> wrote:
> On Thu, 15 Nov 2007 09:32:11 +0000 'Mark'
> wrote this on alt.comp.hardware.homebuilt:
>
> >On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
> ><diy...@privacy.invalid.com> wrote:
>
> >>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>
> >>"Confirmation that a Maxtor hard disk drive was infected with a
> >>Trojan by a manufacturing sub-contractor in China is spooking
> >>Taiwanese authorities, one of the countries where examples of
> >>the infected kit have begun to appear.
>
> >What real risk is this anyway?
>
> The article which I quoted a link to explains what this and a
> previous trojan attempt to do. My hunch is that it probably only
> comes into play when you install one of the infected HDDs as an
> additional drive, not as a Windows system drive but I could be
> wrong.

even so
if it is a file. An executable file. Somebody would have to execute
the file.
could it be a dll? something in the boot record?
how would anybody not notice the file there. Is its attribute set to
hidden!
Be interesting to know what they named a single solitary EXE file on a
new hard drive!!

the technical details here are what is more interesting. And not
provided.

reminds me of when I had one on an old machine I used to use in my
early school days. I didn`t have any notes on my computer. The way I
saw it was "oooooh a virus, this is interesting". Ran MSAV.EXE got a
few alarm bells. Wasn`t that interesting. Might have been had I known
assembly language.

I think people here would notice such a thing And if they cannot
detect it, what are they meant to do. It`s just crap man! Why don`t
you buy one and then tell us

On Thu, 15 Nov 2007 04:12:54 -0800 (PST),
"jameshanley39@yahoo.co.uk" <jameshanley39@yahoo.co.uk>
wrote:


>> The article which I quoted a link to explains what this and a
>> previous trojan attempt to do. My hunch is that it probably only
>> comes into play when you install one of the infected HDDs as an
>> additional drive, not as a Windows system drive but I could be
>> wrong.

No matter where you put it, if it's wiped or formatted
before windows is booted it wouldn't matter. If Autorunning
drives is disabled in windows/explorer it should also
prevent it running.

If it were used as a Windows system drive, the first thing
one normally does is format it and install the OS. Thus it
would be gone.


>
>even so
>if it is a file. An executable file. Somebody would have to execute
>the file.
>could it be a dll? something in the boot record?


Autorun virus is noteworthy in that it uses windows
autorun.inf feature to have explorer automatically launch
whatever is called for in the autorun.inf file, unless a
savvy user has disabled this autorunning feature of Explorer
(which IMO is a very good idea to prevent malware from
retain media CD/DVD as well as viri or other malware from
launching)


>how would anybody not notice the file there. Is its attribute set to
>hidden!

Well... it seems somebody did notice it, but if someone
installed the drive as a non-OS drive then booted windows,
then explorer may execute it at which point it copies itself
elsewhere.


>Be interesting to know what they named a single solitary EXE file on a
>new hard drive!!
>
>the technical details here are what is more interesting. And not
>provided.
>
>reminds me of when I had one on an old machine I used to use in my
>early school days. I didn`t have any notes on my computer. The way I
>saw it was "oooooh a virus, this is interesting". Ran MSAV.EXE got a
>few alarm bells. Wasn`t that interesting. Might have been had I known
>assembly language.
>
>I think people here would notice such a thing And if they cannot
>detect it, what are they meant to do. It`s just crap man! Why don`t
>you buy one and then tell us

I'd imagine quite a few people here would install a new
drive then boot up windows without first checking what might
be on the drive. If the drive is not booted itself and
Autorun feature is disabled, this should be safe providing
the user or some app doesn't try to launch anything on the
drive, i mean a pre-existing app.

On Thu, 15 Nov 2007 15:33:25 -0500, kony <spam@spam.com>
wrote:


>I'd imagine quite a few people here would install a new
>drive then boot up windows without first checking what might
>be on the drive. If the drive is not booted itself and
>Autorun feature is disabled, this should be safe providing
>the user or some app doesn't try to launch anything on the
>drive, i mean a pre-existing app.

Plus, being that it's an external drive it becomes easier or
more compatible to deal with it in windows, just plug it
into the system then Explorer would find and autorun it if
autorun feature isn't disabled.

On Thu, 15 Nov 2007 04:12:54 -0800 (PST)
'jameshanley39@yahoo.co.uk'
wrote this on uk.comp.homebuilt:

>On Nov 15, 10:51 am, diy-er <diy...@privacy.invalid.com> wrote:
>> On Thu, 15 Nov 2007 09:32:11 +0000 'Mark'
>> wrote this on alt.comp.hardware.homebuilt:
>>
>> >On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
>> ><diy...@privacy.invalid.com> wrote:
>>
>> >>http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
>>
>> >>"Confirmation that a Maxtor hard disk drive was infected with a
>> >>Trojan by a manufacturing sub-contractor in China is spooking
>> >>Taiwanese authorities, one of the countries where examples of
>> >>the infected kit have begun to appear.
>>
>> >What real risk is this anyway?
>>
>> The article which I quoted a link to explains what this and a
>> previous trojan attempt to do. My hunch is that it probably only
>> comes into play when you install one of the infected HDDs as an
>> additional drive, not as a Windows system drive but I could be
>> wrong.
>
>even so
>if it is a file. An executable file. Somebody would have to execute
>the file.
>could it be a dll? something in the boot record?
>how would anybody not notice the file there. Is its attribute set to
>hidden!
>Be interesting to know what they named a single solitary EXE file on a
>new hard drive!!
>
>the technical details here are what is more interesting. And not
>provided.
>
>reminds me of when I had one on an old machine I used to use in my
>early school days. I didn`t have any notes on my computer. The way I
>saw it was "oooooh a virus, this is interesting". Ran MSAV.EXE got a
>few alarm bells. Wasn`t that interesting. Might have been had I known
>assembly language.
>
>I think people here would notice such a thing And if they cannot
>detect it, what are they meant to do. It`s just crap man! Why don`t
>you buy one and then tell us

I have never bought Maxtor drives, only WDC.

jameshanley39@yahoo.co.uk wrote:

> Be interesting to know what they named a single solitary EXE file on a
> new hard drive!!

Call it Driveinstall.exe

How many Joe Publics, who know very little about computers, do you think
would double-click on that after they've just connected up the new drive?

On Nov 14, 11:54 pm, kony <s...@spam.com> wrote:
> On Thu, 15 Nov 2007 07:24:06 +1100, Franc Zabkar
>
>
>
> <fzab...@iinternode.on.net> wrote:
> >On Wed, 14 Nov 2007 08:11:11 -0500, "RIAA" <po...@uranus.org> put
> >finger to keyboard and composed:
>
> >>The best anti virus program out there is Linux.
>
> >Actually the Windows platform appears to have a lot less
> >vulnerabilites than Linux/Unix.
>
> >Cyber Security Bulletin 2005 Summary
> >http://www.us-cert.gov/cas/bulletins/SB2005.html
>
> >"This bulletin provides a year-end summary of software vulnerabilities
> >that were identified between January 2005 and December 2005. ... There
> >were 5198 reported vulnerabilities: 812 Windows operating system
> >vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058
> >Multiple operating system vulnerabilities."
>
> >List of vulnerability summaries:
> >http://www.us-cert.gov/cas/bulletins/index.html
>
> >- Franc Zabkar
>
> Two unlocked cars in my driveway are safer than one
> down-town.
>
> It's not the # of vulnerabilities that matters, it's whether
> they're targeted as frequently.

I would have thought that the fact that Microsoft OSs are so
cumbersome that they take months to sort out code problems was the
ultimate factor (after the mass market appeal that is.)

On Wed, 14 Nov 2007 14:27:33 +0000
Adrian C <email@here.invalid> wrote:

> RIAA wrote:
>
> X-Newsreader=Microsoft Outlook Express 6.00.2900.3138
>
> > The best anti virus program out there is Linux.
> > ,,!,, Microsoft
> >
> >
>
> Hmmm... Statements like that are only valid if the poster is actually
> using Linux at the moment of posting.
>
> Microsoft Outlook Express IS a virus, it infects Usenet. Get that
> replaced / seen to as soon as possible
>

OK I'll second it then

But it's not so much anti-virus, more like just immune to them.

--
If you can do ballet then you can do anything
except reach high things because you're dinky.
Kiera Best - Aged 6.

On Thu, 15 Nov 2007 02:22:31 -0800 (PST)
"jameshanley39@yahoo.co.uk" <jameshanley39@yahoo.co.uk> wrote:

> On Nov 14, 7:49 am, Manuel Marino <manuelmar...@marinosounds.com>
> wrote:
> > On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
> >
> > <diy...@privacy.invalid.com> wrote:
> >
> > >http://www.channelregister.co.uk/2007/11/12/maxtor_infected_hdd_updated/
> >
> > >As first reported by El Reg in September a pre-installed Trojan
> > >named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
> > >3200 external hard drives sold in the Netherlands. Maxtor is owned
> > >Seagate. Initially, Seagate expressed skepticism about the reports.
> >
> > Well, this means that Kaspersky is really the best antivirus available
> > for Windows...
> >
> > --
>
> Nice one batman. You`re sarcasm is right, I bet it is an ad!
>
> I didn`t notice myself. I only glanced at it so that`s my excuse.
> Actually, if somebody posts something that looks like crap or even if
> it is not, i tend to look at a few replies just to see what the
> discussion is, they should pick out core excerpts, and may have good
> comments. Indeed, it was crap. Ad or not.
>
> A question that occurs to me though.. it is a windows virus i think..
> So there were files on the hard drive?!!! Or was it a boot sector
> virus.
> I never heard of hard drives shipping with windows installed, and they
> cannot ship the hard drive with windows, nowadays people don`t use win
> 9x, they use Win NT , which unlike 9x, does not usually have the
> ability to be installed on one motherboard and work on another.

The disk wouldn't need to have Windows installed on it to contain a
virus, apart from the obvious boot sector virii you've mentioned you
only need have the disk formatted to contain an actual file. You would
need to consciously run the file in that case.

The first thing I do with a new disk is partition and format it so I would
question why it had a filesystem on it already although I gather these
were external HDDs so some people might expect a filesystem (I
wouldn't, and I found one I would see a file and wonder WTF it was
doing there)

--
If you can do ballet then you can do anything
except reach high things because you're dinky.
Kiera Best - Aged 6.

On Thu, 15 Nov 2007 04:12:54 -0800 (PST)
"jameshanley39@yahoo.co.uk" <jameshanley39@yahoo.co.uk> wrote:

> Be interesting to know what they named a single solitary EXE file on a
> new hard drive!!

Maybe Readme.txt.exe - think what that looks like with file extensions
for known types turned off. Sneaky eh?

I once received a file attachment in an email called http://www.yahoo.com,
that could fool somebody.

--
If you can do ballet then you can do anything
except reach high things because you're dinky.
Kiera Best - Aged 6.

Trevor Best wrote:

> On Thu, 15 Nov 2007 02:22:31 -0800 (PST)
> "jameshanley39@yahoo.co.uk" <jameshanley39@yahoo.co.uk> wrote:
>
> > On Nov 14, 7:49 am, Manuel Marino <manuelmar...@marinosounds.com>
> > wrote:
> > > On Tue, 13 Nov 2007 00:17:03 +0000, diy-er
> > >
> > > <diy...@privacy.invalid.com> wrote:
> > >
> > > > http://www.channelregister.co.uk/2007/1 ... ected_hdd_
> > > > updated/
> > >
> > > > As first reported by El Reg in September a pre-installed Trojan
> > > > named AutoRun-AH was discovered by Kaspersky Labs on Maxtor
> > > > 3200 external hard drives sold in the Netherlands. Maxtor is
> > > > owned Seagate. Initially, Seagate expressed skepticism about
> > > > the reports.
> > >
> > > Well, this means that Kaspersky is really the best antivirus
> > > available for Windows...
> > >
> > > --
> >
> > Nice one batman. You`re sarcasm is right, I bet it is an ad!
> >
> > I didn`t notice myself. I only glanced at it so that`s my excuse.
> > Actually, if somebody posts something that looks like crap or even
> > if it is not, i tend to look at a few replies just to see what the
> > discussion is, they should pick out core excerpts, and may have good
> > comments. Indeed, it was crap. Ad or not.
> >
> > A question that occurs to me though.. it is a windows virus i
> > think.. So there were files on the hard drive?!!! Or was it a
> > boot sector virus.
> > I never heard of hard drives shipping with windows installed, and
> > they cannot ship the hard drive with windows, nowadays people don`t
> > use win 9x, they use Win NT , which unlike 9x, does not usually
> > have the ability to be installed on one motherboard and work on
> > another.
>
> The disk wouldn't need to have Windows installed on it to contain a
> virus,

nobody said it did

> apart from the obvious boot sector virii you've mentioned you
> only need have the disk formatted to contain an actual file. You would
> need to consciously run the file in that case.
>

somebody mentioned autorun.inf, that it can apply to hard drives too.

> The first thing I do with a new disk is partition and format it

you are not unusual

> so I would question why it had a filesystem on it already although I
> gather these were external HDDs so some people might expect a
> filesystem (I wouldn't, and I found one I would see a file and wonder
> WTF it was doing there)


I wouldn`t wonder. I would be amused.

I once heard they come preformatted. I don`t know. Doesn`t matter to me
- or you.

class_a wrote:

> jameshanley39@yahoo.co.uk wrote:
>
> > Be interesting to know what they named a single solitary EXE file
> > on a new hard drive!!
>
> Call it Driveinstall.exe
>
> How many Joe Publics, who know very little about computers, do you
> think would double-click on that after they've just connected up the
> new drive?

How many of those people are in this newsgroup?

A possible use of posting this story may have been to warn any people
not this newsgroup that sell these things. And that is not a very
technical thing. Just Crap.

That is why I wrote the only vaguely interesting thing the OP could
have written was what the file was called. Just for the sake of mild
amusement. Or legend. Still a waste of time