December 19th, 2002, 01:46 AM
How can I tell?
Everyone tells me that the transmissions that are coming thru my computer are "normal" or "just kiddies messing around" or a "virus" but the truth is I've been hacked. My computer's OEM is Windows 98, I'm now running XP Home with Zone Alarm Pro and the latest McAfee Anti-virus. However, I have been unable to do a "clean install" and despite messages that my "old version of Windows will be eliminated" I have Windows 95, Windows 98, and Windows NT/2000 as options in my Setup when I boot the computer. Additionally, there is a "network boot" in my setup boot options. Inasmuch as I have never installed 95, NT or 2000 on this computer, how did they get there? Can I get rid of them? I know that XP contains some files for NT, but its the other OS's that bother me. Additionally, I am being "hit" from all over the world, and files change/add everytime I'm online despite the firewall. Does this website have any port control software I can download? Lot's of questions, I know. But I'm a dumb (former) blond!!! Help please.
December 19th, 2002, 03:01 AM
If you have the media to a clean install (and the disks needed to start the system -for w2k its a 4 floppy collection + the CD -created via emergencey repair not sure how its done for XP) you could format the drive (format c: ) and reinstall XP or 98. This will do a clean install -XP will require that you get a new registration key. Format all drives if you have multiple for a fully clean install. I just wrote some more on this in http://www.antionline.com/showthread...hreadid=237855
You can check the boot.ini for the different boot options (I believe that's where they go in older versions it was a cross between boot.ini and msdos.sys).
ZA pro provides an internet lock down option that should sever all connections. You can also specify which porgrams are alllowed access to the system.
If you want to see all who are connected you can do netstat -a. You can also play with ping -a <ip address to determine where people are coming from but its not always accurate>.
Its also generally advisable to disable file and print sharing. I hope that helps you might want to do a search of the discussion forms for more info. google is also a great source of info.
If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke