system restore will not remove a virus

They'll never get my goodies.

I did a system restore back to August 2nd, and uninstalled a bunch of crap. I'll just see what happens now.

Sounds to me like you have a trojan and/or rootkit problem. Most likely someone is trying to gain admin access to your computer in order to run it as a server/proxy.

Oh, and the fxp community is a bunch of people who share warez and often use hacked computers as unwilling ftp servers.

If I were you I'd get my computer scanned by a good virus scanner, get my firewall up and running, and if it comes down to it you might even have to reformat and hope to god that it's not one of those special trojans that hides in certain system/cache files so that a reformat might not even get to it.

Also, find a good rootkit scanner as well.

Good luck.

That's why the fuckin FBI's after you.

And what kind of blood-covered protection would you suggest?


I got this message on another website:
Looks like the fxp scene hacked you. If you use vnc or something with common exploits thats the culprit! It could be another program that was exploitable...you are better off reformating and router with NAT. A firewall can't stop some common exploits.

I don't use VNC but...what is the fxp scene? I uninstalled everything I installed in the past week, and I'll see how that goes. If not I guess I will be reformatting. Luckily I have all my good stuff on separate hard drives

this works well with girls, too.

Or save yourself time, format reinstall and get some bloody protection

It seems you've become a victim of a virus/trojan or someone is actively trying to gain administrator access which they successfully gained.

- get your security updates
- let your virusscanner run through your entire system
- Enable all the firewalls
- Backup any of your sensitivity information or important documents to a different medium (flash / other computer). Just in case things go haywire you can format your computer.
- Look up more information for net1.exe, it seems it's a windows file but it can also be used for cloaking malware. Check if it's running on your computer by checking the running processes in the task manager and kill it if it's.
- If you see more things go wrong, just unplug it from the internet and look through your system for suspicious files.

This is why you need to install the security updates which are released once a month.

FUCK IT's THE FBI, GET IN THE CAR

I'm really really sorry for self-bumpdoublepost but im desperate

So no ideas as to why random profiles were crated on my computer? There was also a 4th one called "asery"

UPDATE LOOK AT THESE PICTURES LOOK WHAT JUST HAPPENED WHAT THE FUCK IS GOING ON

1. First my internet goes out for a couple of seconds (screen shot from Utorrent...uploading is always continuous as I seed 60+ torrents on Myspleen)



2. Less than a minute later, this motherfucker pops up...lots more text was displayed before the window closed



3. Then I think, this is just like last time. I look at my user profiles and sure enough, there are 4 NEW ONES. (I deleted one before I took the screen...called 'asery').



Then a bubble pops up saying my WINDOWS FIREWALL WAS DISABLED...WTF!?!?!

I checked event viewer and there were 4 events that occured:

1. Service Control Manager: The Windows Firewall/Internet Connection Sharing (ICS) service entered the stopped state.

2. Service Control Manager: The Windows Firewall/Internet Connection Sharing (ICS) service was successfully sent a stop control.

3. Service Control Manager: The Application Layer Gateway Service service entered the stopped state.

4. Windows File Protection: File replacement was attempted on the protected system file c:\windows\system32\net1.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.


SOMEONE HELP!!!

Yup, better enable one of the two or even both. The firewall at your modem/router should always be enabled, it usually doesn't stop you from doing anything if configured correctly.

it was xog--he's "hacking" everything! :fear:

I have symantec corporate edition (legit - provided by my school. virus definitions up to date, and scanned daily). Windows firewall is disabled, and the Motorola wireless modem/router's firewall is disabled. Probably a recipie for trouble but I've never had a problem