Hey, guys. I've been noticing some small things with my computer lately. For example, I noticed that the way lists open (the type of list that comes up when you right click on the Windows desktop) open differently then before. They have more of an animation rather than just appearing. Today I also noticed that the volume button in the toolbar was turned all the way down, when I had specifically made sure the volume was all the way up just last night. I also just noticed that there is an account on my computer that nobody at my house made... and it can only be seen on the control panel. It's "ASP.NET Machine A..." I'm getting very suspicious... nobody uses my computer other than me. What do you think is going on?
Asp.net is used to interface disperate technologies. Its usually most often used for streaming media its a microsoft technology. http://www.microsoft.com/net/basics.mspx http://search.microsoft.com/results.aspx?mkt=en-US&setlang=en-US&q=asp.net If your buttons etc are more animated let me suggest this right click "my computer" (assumes XP machine) click advanced click performance settings click adjust for best performance go to the very last setting in the list on that dialogue box and click "visual styles" now click ok - until all the dialogus go away - and now try it - no more animation
Thanks, but I'm more interested in whether or not I should be worried that these things are happening. For the second time, this thing happened where while I was watching something there was a split second where there was some very loud music playing. It randomly happens and it's not part of the video, but both times it only happened while I was watching something. Simple programs like FireFox take 2 or 3 seconds to open now. I'm starting to get convinced somebody is illegally in my computer. What should I do? Please help me out.
I just ran the netstat command and at the moment nobody is connected my network other than me... so that's good. Let's hope it stays that way. I'm going to be checking it frequently over the next few days.
Ok heres what you do - download a program called "rootkit revealer" what this does is compares your microsoft files with a list of data it contains about the filesizes - attributes etc. then it may discover something based on that but it also does several other scans and tests which would show not just whether there is a "rootkit" on your system but what you could do to harden your security. It will not remove the rootkits it finds but alerts you to what they are / where/ etc. A rootkit is software which gives unlimited access/ and or administration rights over your computer - actually I am going to make some software available to you in my next post in this thread - hang on tight I will upload it to a server from which you can download it. I will explain the functions of it later.
Ok I have uploaded a program called pest patrol - its an antispy program with anti keylogger etc install it and on the system tray you will see its icon - right click it and open key patrol or key detector. You must check for keyloggers first else you dont know what info is going out and cant change passwords - I hope you use passwords else you cannot stop a hacker. Also your drives must be in NTFS format or again its useless to try stopping a hacker http://s19.quicksharing.com/v/668730/setuppestpatrolcorporate.exe.html This one is rootkit revealer download it and run that it takes bout 15 minutes to scan http://s19.quicksharing.com/v/1612082/RootkitRevealer.zip.html If you need any help let me know
Hey, Columbo. I somehow ended up not checking back on this thread. Thanks for helping. But when I click on the first link you gave me, I click the Download File link and it takes me to a page just listing some features of the site. EDIT: My c-drive and external harddrive (h-drive) are both NTFS, but my D-drive is FAT32. Is that ok? And would formatting my harddrive then reinstalling Windows XP get rid of any rootkits?
Yeah because the files are way out of date now - they only host them for 30 days if theres no activity on them they delete them http://www.majorgeeks.com/download4652.html click that link and then where it says "download from" click the words authors site Before you delete data - check for rootkits with rootkit revealer or similar software. Check for viruses using bit defender shareware Its up to you to decide if you want to re-format, but make all your drives NTFS unless you have a filesystem acessing them that cannot read ntfs drives - eg if you have a network with a windows 98 machine or some versions of linux you cannot access an ntfs drive. With a FAT32 drive you cannot secure a computer against attack because you cannot secure the drive as completely as an ntfs can be secured. If you can do this it would be best (I am against converting the drive to NTFS from FAT32 - I've seen people get into problems especially if the drive is corrupted - so I would say format rather than convert) After moving any data off the D-Drive format it as ntfs rather than converting it then put the data back on the d-drive - check the data on h and d for viruses move any data you need to save off the c-drive onto another disk reformat the c-drive and reinstall windows I would only reinstall windows if youre absolutely certain you have enough knowledge to do the job or are willing to teach yourself or if a virus or other malware is found other than that - right click the c-drive and click to check the drive for errors before attempting to re-install as sometimes it could be filestore errors
I used Sophos Anti-Rootkit and it found one discrepancy but it could not be cleaned, and it could not access two other things. At this point I think it would be best to just get rid of everything. BUT, I have a question. If I use system restore to restore my computer to the day I got it, would that truly get rid of any rootkits or viruses and such permanently? Or at least, could they never be used or exploited? That would be a much easier and faster alternative to reinstalling Windows. Whether I reinstall or use system recovery, I will do what you suggested I do with the D-drive. Thanks.
