Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Any way to block other computers from my network?


  • Please log in to reply
27 replies to this topic

#1 tryingmybest

tryingmybest

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 27 May 2013 - 03:12 PM

I have a wired connection with my ip.  For over 2 1/2 months, my Norton Internet Security 2013 Network Security Map and history have shown up to three other computers on my network. There shouldn't be any.  My remote discovery and remote assistance are both turned off.  
I have an MSI K9n6pgm2 mobo with a built in ethernet card.  I've used Wipedrive and reinstalled Windows 7 three times already.  
I don't want ANY other computers on a network with mine.  Is there any way I can do that?  Thanks!

 



BC AdBot (Login to Remove)

 


#2 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 27 May 2013 - 03:24 PM

Hello can I ask what type of device your modem is? Is it capable of broadcasting a wireless signal? If you are not sure about this, look at your modem that your ISP gave you and post the make and model number, The model number would be on the label located near where your Ethernet cable is plugged in.

 

Also, if you have a Netgear or Linksys Cisco type device hooked up in your network, chances are you have a wireless signal transmitting with the default unsecured network name and pass code. Anyone knows those and can log into your network, which could put you at some risk of intrusion into your computer if the person knows how to get you to accept this invite unknowingly.

 

Bruce.


Edited by MrBruce1959, 27 May 2013 - 03:26 PM.

Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#3 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 28 May 2013 - 12:55 AM

I have a new Motorola SB6121 Surfboard DOCSIS 3.0. I made sure it wasn't a combo modem/router when I bought it :--) I registered it with my ip but my computer isn't finding it. I think they originally got in through a Netgear Wi-Fi router I was using at the time.
Just to see, I got on my computer this afternoon using my phone as a hotspot and the other computers didn't show. Could they be using iSCSI to get in through my ethernet card?
Also, I have a dynamic ip address but they made it static. I have a couple hundred log files and screen shots of documentation on all this

#4 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 28 May 2013 - 02:24 AM

While waiting for further suggestions from BC Advisor MrBruce1959, please see the Norton Network Security Map details and features.

 


 

Tekken
 


#5 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 28 May 2013 - 10:44 AM

Could they be using iSCSI to get in through my ethernet card?

Check this link and tell me if you see anything that might be allowing them access through iSCSI.

 

http://en.wikipedia.org/wiki/ISCSI

 

Also I want to thank Jhayz for adding the link.

 

Bruce.


Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#6 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 28 May 2013 - 02:29 PM

I was trying before to see if I might have a virus and ran a dds. This is the link. http://www.bleepingcomputer.com/forums/t/495278/hackers-still-on-computer-after-doing-full-wipe-and-new-install/#entry3061114
I have a document showing when they did something major. I sent a copy of it to two trusted people. It showed up in my sent file and in their emails in code. It refers to an intercept and a lot of times, I'll see /intercept after my ip in a log.
Yesterday, in a log, I saw my regular computer name followed by /$ and then my computer name again. The $.shows up a lot in different things.
I hope some of this helps......
Thanks!

Edited by tryingmybest, 28 May 2013 - 02:31 PM.


#7 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 28 May 2013 - 03:22 PM

This is the first email I was talking about. I deleted the Participant ID for security reasons.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><meta body></html> ><html><head><meta http-equiv="refresh" content="0;url=http://finder.cox.net/main? InterceptSource=0&ClientLocation=us&ParticipantID=(deleted byme)&FailureMode=1&SearchQuery=&FailedURI=http%3A%2F%2Ftrack2.nsdiflw.info%2Finstall.php&AddInType=4&Version=2.1.8-1.90base&Referer=&Implementation=0"/><script type="text/javascript">url="http://finder.cox.net/main? InterceptSource=0&ClientLocation=us&ParticipantID=(deleted by me)&FailureMode=1&SearchQuery=&FailedURI=http%3A%2F%2Ftrack2.nsdiflw.info%2Finstall.php&AddInType=4&Version=2.1.8-
1.90base&Referer=&Implementation=0";if(top.location!=location){var w=window,d=document,e=d.documentElement,b=d.body,x=w.innerWidth||e.clientWidth||b.clientWidth,y=w.innerHeight||e.clientHeight||b.clientHeight;url+="&w="+x+"&h="+y;}window.location.replace(url);</
script></head><body></
/body></html>

#8 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 28 May 2013 - 03:28 PM

While waiting for further suggestions from BC Advisor MrBruce1959, please see the Norton Network Security Map details and features.
 



Thanks:-). I learned some things I didn't know about.

#9 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 28 May 2013 - 03:41 PM

Okay it's been a while since I posted this, so let's hope it still works. Hehe. :lmao:

 

If it does not work I'll make corrections to it.

 

Here's what I am going to have you do, you're going to post your IP config information.

 

WINDOWS XP AND WINDOWS 7

 

Go to CMD.EXE right click and choose run as administrator

 

Type:

ipconfig /all >> c:\ipconfig.txt

 

Check C:\ for ipconfig.txt

 

 

Post the contents in your next reply or if you wish you can attach the text file to your reply.

 

Bruce.


Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#10 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 28 May 2013 - 03:48 PM

Also here's another way:

 

You can investigate unwanted connections:

  • Click start-->Run
  • Type cmd in your Windows Run box.
  • Type netstat -b 5 > activity.txt at the command prompt and press enter.
  • Wait 2 minutes or so and press Ctrl+C, then close the command window (the longer you wait, the bigger the log).
  • Open a command window again and Type activity.txt at the command prompt then press Enter to open the log file in notepad.

This .txt file will have a record of everything that has made an Internet connection during those few minutes...you can then check your task manager to find out where and what it is that's connecting and take care of it.
 

Bruce.


Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#11 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 29 May 2013 - 06:54 PM

I did the ipconfig.txt before and after I signed on:
Windows IP Configuration

Host Name . . . . . . . . . . . . : Barbara-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Physical Address. . . . . . . . . : 8C-89-A5-61-39-8A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes

Windows IP Configuration

Host Name . . . . . . . . . . . . : Barbara-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Physical Address. . . . . . . . . : 8C-89-A5-61-39-8A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes

Windows IP Configuration

Host Name . . . . . . . . . . . . : Barbara-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : br.br.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Physical Address. . . . . . . . . : 8C-89-A5-61-39-8A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::384d:4196:8188:a590%11(Preferred) IPv4 Address. . . . . . . . . . . : 184.190.197.51(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, May 29, 2013 5:51:36 PM Lease Expires . . . . . . . . . . : Thursday, May 30, 2013 5:51:36 PM Default Gateway . . . . . . . . . : 184.190.197.1 DHCP Server . . . . . . . . . . . : 172.19.113.13 DHCPv6 IAID . . . . . . . . . . . : 244091301 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-38-55-30-8C-89-A5-61-39-8A DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.br.br.cox.net:

Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2002:b8be:c533::b8be:c533(Preferred) Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301 DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1435:27d:4741:3acc(Preferred) Link-local IPv6 Address . . . . . : fe80::1435:27d:4741:3acc%19(Preferred) Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . . . . . . . : Disabled

Windows IP Configuration

Host Name . . . . . . . . . . . . : Barbara-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : br.br.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Physical Address. . . . . . . . . : 8C-89-A5-61-39-8A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::384d:4196:8188:a590%11(Preferred) IPv4 Address. . . . . . . . . . . : 184.190.197.51(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, May 29, 2013 6:04:55 PM Lease Expires . . . . . . . . . . : Thursday, May 30, 2013 6:04:56 PM Default Gateway . . . . . . . . . : 184.190.197.1 DHCP Server . . . . . . . . . . . : 172.19.113.13 DHCPv6 IAID . . . . . . . . . . . : 244091301 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-38-55-30-8C-89-A5-61-39-8A DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.br.br.cox.net:

Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2002:b8be:c533::b8be:c533(Preferred) Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301 DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4ed:34df:4741:3acc(Preferred) Link-local IPv6 Address . . . . . : fe80::4ed:34df:4741:3acc%19(Preferred) Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . . . . . . . : Disabled

Windows IP Configuration

Host Name . . . . . . . . . . . . : Barbara-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : br.br.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) Physical Address. . . . . . . . . : 8C-89-A5-61-39-8A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::384d:4196:8188:a590%11(Preferred) IPv4 Address. . . . . . . . . . . : 184.190.197.51(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, May 29, 2013 6:04:55 PM Lease Expires . . . . . . . . . . : Thursday, May 30, 2013 6:04:55 PM Default Gateway . . . . . . . . . : 184.190.197.1 DHCP Server . . . . . . . . . . . : 172.19.113.13 DHCPv6 IAID . . . . . . . . . . . : 244091301 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-38-55-30-8C-89-A5-61-39-8A DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.br.br.cox.net:

Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : br.br.cox.net Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2002:b8be:c533::b8be:c533(Preferred) Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301 DNS Servers . . . . . . . . . . . : 68.105.28.11 68.105.29.11 68.105.28.12 NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4ed:34df:4741:3acc(Preferred) Link-local IPv6 Address . . . . . : fe80::4ed:34df:4741:3acc%19(Preferred
Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . .
Disabled

#12 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 29 May 2013 - 07:00 PM

BTW, I'm using my phone for anything I post on here so sorry for any typos or duplications.

#13 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 29 May 2013 - 09:02 PM

Okay, let's get down to business here.

 

First, let's get your hardware documentation into this forum for reference:

 

First here is your owners manual:

 

http://www.timewarnercable.com/content/dam/residential/pdfs/support/internet/buy-or-lease-your-modem/MOTOROLA-SB6121-Installation-Guide.pdf

 

 

Other information from Motorola:

 

http://www.motorola.com/us/consumers/SURFboard-eXtreme-SB6121-DOCSIS-3.0-Cable-Modem/SURFboard%20eXtreme%20SB6121%20DOCSIS%203.0%20Cable%20Modem,en_US,pd.html

 

 

http://www.motorola.com/Video-Solutions/XP-EN/Products-and-Services/Voice-and-Data-Consumer-Premise-Equipment/DOCSIS-Modems-Gateways-and-eMTAs/Cable-Modems/ci.SURFboard_SB6121_XP-EN.resources

 

It appears your ISP is COX cable services. Does that sound about right?

 

Hang in there please, allow me time to research things here.

 

Bruce.


Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#14 tryingmybest

tryingmybest
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 30 May 2013 - 01:15 AM

Yep, Cox is my ISP. As far as time, take as long as you need:-). I'm very thankful that you're helping me with this!

#15 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:02:14 PM

Posted 30 May 2013 - 01:58 PM

This I have so far made clear to myself. Your cable modem does not have any wireless capabilities. Therefore there is no way a person can have access your network without a possible backdoor Trojan being installed on your computer system. 

 

You have formatted your hard drive several times and have re-installed your operating system since. Usually if a Trojan is accidentally installed on a computer system, a deep format usually removes all traces of the Trojan. 

 

There are boot sector Trojans, however, those boot sector Trojans are wiped during the disk format procedure.

 

If you feel for any reason, that a Trojan is hiding on a portion of your hard drive, you can destroy any possible remnants of such by using a DOS boot disk that allows you to boot up your computer independent of your hard drive. While using a DOS boot disc, you can delete the disc partitions. I would delete all partitions including any system reserved ones. 

 

When all the partitions have been deleted, your hard drive is back to factory default status. Installing a bootable operating system such as Windows 2000, Windows XP, Windows Vista, Windows 7 or Windows 8, automatically formats the disk, adds the boot sector information, which includes the files and directory locations that are located across the disc platters. 

 

A boot sector Virus or Trojan infection is usually wiped clean during this process. Now, there are rare instances where a Virus contains firmware. Firmware is code that can be flashed into a programmable chip. In fact, all computer hardware works via firmware. There are viruses that can be installed that flash a hardware's firmware related sector of the chip. This often happens when people try to install drivers for their hardware that came from a website that hosts P2P file sharing.

 

The problem with older hardware, is that current drivers for such, are no longer available or the company went out of business and customer support is no longer available. People result to using search engines--such as Google or Bing--to locate what seems to be newer drivers that support todays operating systems. Often than not, those people download drivers from CNET or Peer-to-peer also known as P2P file hosting sites. You have no clue if the drivers are legit ones written by your hardware vendor's code writers. Those drivers are in all likelihood, written by some script kiddie, who took the original code and renamed it with a higher version number and added some bad code that installs a backdoor Trojan or flashes your hardware's firmware.

 

Tryingmybest, I hope I did not go to crazy here with my analysis and explanation of how things work. I have spent 35 years in the electronics repair field and I am currently attending college for a computer science degree to learn how to write code to produce software programs for computer usage. I spend many hours and have spent many years learning--what I can tech someone else in less then an hour.

 

Bruce.


Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users