So I Reformated My Comp In Hopes Of Getting Rid Of
<div class="IPBDescription">a virus, and the hacker strikes again!</div> Yea, I reformated it, and the lights on my modem are blinking for some odd reason still, even though nothing is downloading. Also, the comp is sporadically changing in comp use in the windows task manager. I could seriously go on for 12 years about how messed my comp is still after the reformat. One thing you guys need to know is that system32 is still on my harddrive, which from what I read from a site, is a backdoor trojan program that lets hackers have complete access to your comp.
What should I do?
What should I do?
Comments
also some program like hacker tracer maybe....
also if a hacker strikes again after u reformated... its cuz u had something precious befor u reformated most probly
and id say he went by ip so he can easly do that...
use Zone alarms (serch on google)
and other programs :8
2) secure your computer
you say you formatted? great. format again, but this time, dont connect yourself up to the internet. get an uninfected computer to download the patches, firewalls, security, etc that you need. dont connect to the internet right after a format, especially if you have no hardware firewall between you and the net, youre just begging to be reinfected by the virus.
go download some virus scanners, and patch your system
Are you on a static IP, or dynamic ? You could be being targetted, but I reckon probably not. On balance of probability, I think you've been unlucky.
[edit]
Just had a another thought - consider where you got your OS CD from. It is possible that the trojan is acutally being installed when you install the OS itself. That applies to any apps you're installing too.
Most of the "intrusion attempt"s your firewall reports are innocent little port scans and infected computers trying to send you a virus.
Most of the "intrusion attempt"s your firewall reports are innocent little port scans and infected computers trying to send you a virus. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
its true about the viruses scanning you, but i wouldnt call the hacker/cracker port scans 'innocent'.. if they find anything, or they know what theyre doing, not so innocent <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html//emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /><!--endemo-->
Trust me on this, my friend kept on being hacked by some anonymous person and didn't have no clue until my other friend told him to get a firewall. Well, we could say the firewall worked wonders....until 5 days later that is <!--emo&:(--><img src='http://www.unknownworlds.com/forums/html//emoticons/sad.gif' border='0' style='vertical-align:middle' alt='sad.gif' /><!--endemo-->
And CFor, port scans aren't as harmless as you think. Sometimes it may be a malicious one disguised as a harmless portscan, and that's not good.
In short, NEVER trust portscans.
And _Creep may be right about the CD. My brother bought a CD with one in it, and needless to say, his favorites were son filled with pr0n and he enjoyed it, maybe except when the person decided to throw in a keylogger and change the password.
What should I do? <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
reformat again (if the HDD came with a utility disk, use that and low-level format it), or add it as a slave to an uninfected computer and format it there.
if your computer is messed up by reformatting, something is seriously wrong. as per other people's suggestions, get a software firewall or a router.
and this "system32", could you actually describe it? (is it a dll, vbs, what?)
If you must use windows, here's how y'do it without needing a secondary computer.
-A) Use FDISK or some other utility (preferably a 'clean' version, or one from the IS Install CD to make sure yours isn't infected) to format the disk.
-B) Install from the OS install disc. Do NOT connect it to any network, even an in-house LAN or (especially) wireless.
-C) Start->Control Panel->Network Connections.
-D) Right-click on each of your network interface devices in turn, selecting 'properties', then the 'Advanced' tab, and checking the 'Enable Internet Connection Firewall' box.
-E) Now that they say 'protected', you can attach the system to the net/web with a slight measure of security from the most blatant crud. Immediately go to the 'windows update' tool and installl all security patches/updates.
-F) Go to www.zonealarm.com and grab the free version. It's worth it.
-G) Disable NetBIOS message sends.
-H) Download Mozilla. Install. Forget IE/OE ever existed.
-I) Do a sanity-scan at <a href='http://antivirus.housecall.com' target='_blank'>http://antivirus.housecall.com</a> to make sure nothing really got through. DO NOT INSTALL THAT POS 'NAV'.
Sure it's quite a few steps, but it'll make relatively sure that you won't have a virus from the get-go.
Then again, there's a reason I run all of my computers behind a Linux NAT/firewall, and the only reason any of my Windows workstations have ever been virally infected is when a friend brought a laptop over, said 'it's okay, it's clean' and hooked up without actually running a scan.
What should I do? <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
reformat again (if the HDD came with a utility disk, use that and low-level format it), or add it as a slave to an uninfected computer and format it there.
if your computer is messed up by reformatting, something is seriously wrong. as per other people's suggestions, get a software firewall or a router.
and this "system32", could you actually describe it? (is it a dll, vbs, what?) <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
system32 is a folder which lots of system files are kept, usually nobody goes in there, so spyware likes to hide in there as theres TONS of files
Sneaky stuff, but virii (eg Blaster) and spyware love to hide there, due to the fact that NOBODY would like to touch them (except for the extra leet computer savvy people who can memorize everything in there)
i have to delte crap out of there once every week :/
Have a cookie everyone:
<img src='http://www.whoi.edu/generalinfo/buttery/cookie.gif' border='0' alt='user posted image' />
Use thermite to destroy the infected hard drive.
Problem solved. <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html//emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /><!--endemo-->