Welcome to Smokey's Security Forums.
Guests have only limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Guests now allowed to post for Malware Removal help.

There are a few rules governing this, so please check the link below for more information:

   Guests allowed to post for Malware Removal help

OTL Log Analysis and Malware Removal - Qualified PC Disinfection & Cleaning - Microsoft Security Info & Alert Center - Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on Del.icio.usShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on TwitterAuthorTopic: Cryptoswap not working  (Read 277 times)

0 Members and 1 Guest are viewing this topic.

Jetico

  • Jetico Support Engineer
  • *
  • Offline Offline
  • Posts: 611
Re: Cryptoswap not working
« Reply #2 on: January 11, 2010, 06:10:12 AM »
Firstly, we did not change CryptoSwap in BCWipe v4. Exactly the same module works in both versions.

It is certainly not possible to read the contents of acrive pagefile with any text editor.
Any text editor will read the disk sectors through the CryptoSwap driver, so the contents will be decrypted by the driver.
To see the real contents of the pagefile you have to read the file when the operating system is not loaded.
For example, move the hard drive to other computer and insert it as non-system drive, or - if your have dual-boot system - boot to other operating system and read the file.

I have no idea how you read the pagefile with version 3 of BCWipe and were able to see the encrypted contents.

lordbeauTopic starter

  • Member
  • *
  • Offline Offline
  • Posts: 1
Cryptoswap not working
« Reply #1 on: January 07, 2010, 12:28:36 PM »
Cryptoswap on BCWipe 3 worked fine on Windows 7 RC7100 but BCWipe 4 with Windows 7 RTM does not work for me. Yes, I set Cryptoswap, rebooted, and it says "active" but when I examine the pagefile with a text editor, it is all sitting there in plain text. Anyone else have this experience? (Use Flexhex to examine the page file and look for the word 'Windows' under a search - if it displays it for you, then the pagefile is in the clear).
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
 BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content Copyright © 2006 - 2010 Smokey Services™ -- All rights reserved

Surf Smokey's with confidence: all external links in posts are checked and rated by WOT - Web of Trust
Security Knowledge-, Alert- & News Center and Comprehensive Microsoft Windows Information & Download Center
Board- and databases search functions and the download of post attachments are only available to registered board members

    


==>Think your PC is infected? Click here for OTL Log Analysis and Malware Removal Assistance<==


Smokey's Security Forums provide full qualified OTL Log Analysis & Cleaning Services
OTL (formerly OTListIt2) by OldTimer is a sophisticated, comprehensive log analysis tool to clean PCs with malicious content

Microsoft Security Info & Alert Center - most recent, real-time released Microsoft Security Bulletins, Alerts, Advisories and Vulnerabilities:
<div style="background-color: none transparent;"><a href="http://www.rsspump.com/?web_widget/rss_widget" title="rss widget">Rss widget</a></div>