Re: Security Issue, or Just Paranoid?

You are doing something wrong when you reinstall the operating system. You
need to make sure that the hard drive is formatted and not quick formatted
for ntfs when you do a pristine install of the operating system. Another
possibility is that you are using infected media [cdrom/DVD,USB, etc] to
compromise the computer, opening an email attachments that is infecting the
computer, downloading and installing infected software, or connecting the
computer to the internet without proper firewall and antivirus program.
Anything that you copy back to your computer from backup media must be
scanned for viruses first before you copy it to the new installation and
your installation disk must be a genuine install disk from Microsoft - not
some copy you got from someone. If other users have physical access to the
computer that could also be a cause for concern. Any scans for
malware/Spyware must be done with quality programs that are updated from the
vendors website before you do the scans and also scan in Safe Mode.

The links below may help and also you should always have backups of your
data to offline media such as cdrom, DVD, etc. If you make no progress you
may want to hire someone that specializes in securing operating systems and
networks. If you are using wireless network then lack of security for your
wireless network could explain a lot of what is going on. WEP is not secure
by today's standards unless you are using 802.1X and dynamic WEP. WPA with
PSK is much better as long as you use a PSK of at least 15 characters that
is complex. --- Steve

http://www.microsoft.com/athome/security/protect/windowsxpsp2/Default.mspx
--- Protect Your PC
http://www.microsoft.com/athome/security/viruses/default.mspx --- Viruses
and worms info from MS

"SueInCincy" <SueInCincy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:350A82C1-D518-4DDF-8D1C-9B67ED9AE276@xxxxxxxxxxxxxxxx
>A month ago, a hacker got into my system and wiped clean all the data from
> two computers -- and my automated backup hard drive. I have become
> something
> of a madwoman about this, as you can imagine.
>
> In the weeks since then, every security certificate I examine has an
> expired
> date on it. This includes the ActiveX control for automated updates from
> Microsoft!
>
> I just ran the system recovery media on an Averatec computer that has not
> yet been on the internet, and it has 25 compressed files that have names
> like
> DSOExploit (and DSOExploit1, 2, 3, 4), or are tucked in a directory called
> C:\program files\Spybot - Search & Destroy\updates, when Spybot Search and
> Destroy has not been installed on this computer.
>
> Another suspicious category is eight zip files with apparently identical
> contents, each named a different combination of 8 alphanumeric characters,
> filed in C:\windows\java\packages. So, for example, it's
> C:\windows\java\packages\7BRR3PZV.
>
> The thing that makes me really crazy is when I went into Recovery console
> from a Windows XP disk, I am asked for an administrator password, and I
> did
> not set an administrator password.
>
> What I think is happening is that this is a very clever hijack program
> that
> makes a copy of everything I have ever put on this computer. Thus, every
> method I have used to reformat the hard drive (and believe me, I have used
> a
> lot of different methods for this), or to control this menace, is copied
> as I
> shut down, and when I reboot, they have engineered the program so as to
> make
> it appear to work when it is not.
>
> I just read this thread called "Security Problem?" and it sounds like this
> is something that would be easy enough to do.
>
> Or am I really just crazy?
>
> Thanks!


.

Quantcast