Format C: then re-installing everything

[Klonk]

I am thinking of formatting my HD, maybe make a separate partition for daoc or games, then installing drivers, divx, direct x and daoc. I have a Abit mb and radeon 9800xt card. I have heard that it could be smart to install stuff in a certain order, can anyone give some advice on this? I.e. first win xp, then direct x, then graphic drivers, then divx, then daoc, or?

Thx for any input.

 

[Chronictank]

1) Download Service Pack 2 and put it on a cd
2) Download relevant drivers for your modem and put it on a cd
3) Pull network/modem cable out
4) Make sure network/modem cable is out
5) Check network/modem cable is out
6) Install Win XP
7) Install Service Pack 2
8) Install youre virus-guard and firewall
9) Install your drivers and such
10) Put back the network/modem cable
11) Update Virus Definitions and Run Windows update
Rest it up to u
Never connect to the internet with a unpatched machine, you WILL get a virus.

 

[Jaapi]

Never connect to the internet with a unpatched machine, you WILL get a virus.

Which is the same as saying "Never go outside without an umbrella, it WILL rain". Just bollocks.

 

[IainC]

Which is the same as saying "Never go outside without an umbrella, it WILL rain". Just bollocks.

No it's actually completely true. There are enough unpatched machines connected to the web with msblast on them that any machine that isn't running the security fix or a decent firewall will get infected in seconds.
I recently reinstalled my xp machine and forgot to set up the firewall before connecting to Windows Update. I got the MSblast virus before the 'scan for updates' page had loaded.

 

[Khale]

I would suggest to install graphic and sound drivers before the latest directx and dunno which mobo + cpu you got so depending on what you need (P4 needs a cpu driver and if you got an athlon you probably got that VIA 4in1 driver). After that it doesn't matter much. Usually takes some time to download all the window fixes and updates.

 

[sibanac]

Which is the same as saying "Never go outside without an umbrella, it WILL rain". Just bollocks.

well latest figures show that the average time it takes for an unpatched windows machine to get infected is 25 mins on the internet.

Chronictank you forgot step 12) install firefox

 

[old.Whoodoo]

Which is the same as saying "Never go outside without an umbrella, it WILL rain". Just bollocks.

Oh what a helpful person you are, pillock.

Its better to be safe than sorry, with the latest vaunerablity announcement from Microshat, theres gonna be more DoS and virus attacks that ever. Only a n00b would say anti-v and firewalls are a waste of time. Its unlikely you will get a virus, but whats the point in taking the chance fs.

Windows will naturally ask you for your drivers when its finished installing, best thing is to install the drivers from the original disks, let it all finish messing about then install windows SP2 (from microshat or a number of torrent sites), then either use the MS firewall in SP2 or a third party one (Zone Alarm for example), then anti-v, then update your drivers from the manufacturer sites and the windows update too.

SP2 has Direct-X 9.02 anyway, or the windows update will do that, then DAoC.

Partitioning an HD does little except helps file management, and can reduce the page file size which isnt good for gaming.

Then as someone else said, try a different browser like Mozilla Firefox and email client like Eudora or Thunderbird (Mozilla again).

 

[DavidH]

No it's actually completely true. There are enough unpatched machines connected to the web with msblast on them that any machine that isn't running the security fix or a decent firewall will get infected in seconds.
I recently reinstalled my xp machine and forgot to set up the firewall before connecting to Windows Update. I got the MSblast virus before the 'scan for updates' page had loaded.

You dont just get MSBlast(Or any virus for that matter) "just like that". You probably formatted just one of your harddrives, and after reinstalling windows, you opened a file on another hardrives, which contained a virus. In some cases, installing old drivers you have stored away for later use.

 

[Yeke]

You dont just get MSBlast(Or any virus for that matter) "just like that". You probably formatted just one of your harddrives, and after reinstalling windows, you opened a file on another hardrives, which contained a virus. In some cases, installing old drivers you have stored away for later use.

Fact is you can and will get virus's "just like that" even with a brand new hardrive on a windows operating system if it's not got the latest updates and some form of virus protection/firewall.

Have been infected with various crap within minutes of attempting to update windows before I got wise, sorry but thinking you have to open files or run executable files to get infected is just bollox

 

[punchy]

You dont just get MSBlast(Or any virus for that matter) "just like that". You probably formatted just one of your harddrives, and after reinstalling windows, you opened a file on another hardrives, which contained a virus. In some cases, installing old drivers you have stored away for later use.

Wrong. There are well known vulnerabilities in microsoft's RPC (remote procedure call) implementation. DCOM (distributed component object model) depends on RPC, you can think of DCOM as a wrapper which standardises communications between objects on remote systems. (Like COM standardises communication between objects inside a system, some of you VB/VBS people might recognise the word "FileSystemObject")

Check out that name! REMOTE. PROCEDURE. CALL. Messages are hitting your RPC service (c.f. your service control manager!) from remote systems, and your PC is being told to do stuff. Neat! Except... what if someone sent malicious messages? Surely that couldn't happen? The internet is populated entirely with carebears and kindly policemen isn't it? Isn't it...?

http://www.cert.org/advisories/CA-2003-16.html

I seriously recommend doing at least a minimal amount of research before asserting your internet security expertise.

 

[Darzil]

Aye, I've had a similar experience to Requiel.

Reinstalled PC, stuck on Win XP, stuck on Anti-Virus, stuck on Firewall. Then connected to Windows Update site. The SP1 (then) instructions said to remove your anti-virus before downloading. I did, and was MSBlast infected before the download completed.

Reinstalled PC (down to fdisk c: /mbr level this time, thinking perhaps it was on my hard drive boot record, which I've seen before), stuck on Win XP, stuck on Anti-Virus, stuck on Firewall. Then connected to Windows Update site. The SP1 (then) instructions said to remove your anti-virus before downloading. I did, and was infected again before the download completed.

Third time I didn't stop the anti-virus until the SP1 was downloaded and starting to install, and then only after removing the network cable. No problems since.

Darzil

 

[enigma]

Really depends on the ISP I think.. If you connect to the net via a lan or network of some sorts that has infected users, you'll get infected like that instantly.

I've run no AV or FW for about 6 months and recently installed it to check(and I wanted to have it installed to be as sure as I can that I didn't get any of that shit) , and I had no viruses or trojans at all. No browser hijacks, no strangely behaving browsers at all and no slowdowns. And I've been surfing, gaming, used irc like a normal person through that time.

I doubt it's down to luck, but I'm sure it's down to how you act when you're pushing those buttons. It's a BCAKP*

I recommend using AV and FW though.


(*Between Chair and Keyboard "Problem")

 

[judas]

you can order a free ex of w2k or XP service pack from microsoft.com
after you done,
XP install
Service Pack2
then defrag the drive as the install and update moves files all over your dive.
after that install a virus proggie if u got one
and then gfx drivers/directx
first time u run daoc after all patching and stuff do a full check of the daoc files(by pressing the Box in the "enter cd key window". made my daoc run faster and stoped crashing at some places in Toa that had been there even after i did 2 full reinstalls of my complete system..

as for ms.blast Keep out of internet unpatched ;>

 

[Kalid]

Another useless reply in the don't connect to internet unpatched, unsecured etc

You will not get virus by just connect to internet unless you download/get a file and the file is executed. However there's a large risk you get attacked by WORMS.



Anyway my advice is to install directx latest or at least reinstall it when you're done with all other stuff.

 

[Darzil]

MS Blast is a worm, trojan, or whatever, not a virus in the strictest sense. That semanitics, really, it's a virus in the average person's eyes.

Darzil

 

[Nichii]

Uhm...

See, i've been playing since Beta, with some irl friend's etc sometime's and we always Format'd our HD's at lan party's and such simply to make DAoC run perfectly, and we discovered this.

1) format HD
2) Re-install Win-XP (and any update's on gfx card's, any direct-X and whatever u need of virus program's and shit)
3) it's acsually important that u instal "ALL 3 GAME'S!"
4) Witch mean's u install original DAoC, Si, and then ToA.
-Simply to make it run better.... My DAoC run's perfect nowaday's..

Now i just need to fix my [Internet Connection]

 

[Klonk]

Ok, thx all

 

[judas]

installing all 3 dont do shit tho and toa got the best support on XP (cpu usage etc..)

oh and about ms.blast not being a virus is crap even tho its allso a worm it has the ability to self replicate wich makes it a virus more or less.

 

[punchy]

You will not get virus by just connect to internet unless you download/get a file and the file is executed. However there's a large risk you get attacked by WORMS.

Total nonsense. There are network enabled and therefore vulnerable services running on windows "out of the box". They are listening, that is receptive to connections from remote systems. That is a route of intrusion into your system across a network.

In fact most operating systems (I think I'm right in stating that RPC technology was first developed by Sun Microsystems (SunOS/Solaris) I have coding/sys admin experience with, have some implementation of remote procedure calls, sometimes building other services on top of it (as with Windows and DCOM). I refer you to my earlier post regarding the CERT advisory with respect to the well known RPC vulnerability in Win2k/XP. I take it you have heard of CERT? Being an expert on network security and all?

"download/get a file" - please stop smoking crack. SQL slammer simply sent carefully crafted IP packets to the listening SQL service (again, this mind blowing concept of data flowing across networks...) on vulnerable installations of MS SQL Server. The symptoms were a server that suddenly flooded your network looking for more SQL servers to infect. At no point was a file involved (in fact the cure was isolation and patching, the virus did not survive a reboot). One of the most ingenious viruses I ever had the chance to view the source code for used the client-side scripting capabilities of HTML enabled email clients (outlook for example) to propagate itself. You never even had to open a file, in fact you never even needed to open the message, you just needed outlook to render it using the html rendering engine of IE (e.g. in a preview window) and you were infected. Look up kak-worm sometime, its pretty famous.

You are doing no favours by spreading misinformation. There is a large risk that you have been eating worms.

 

[Kalid]

Total nonsense. There are network enabled and therefore vulnerable services running on windows "out of the box". They are listening, that is receptive to connections from remote systems. That is a route of intrusion into your system across a network.

In fact most operating systems (I think I'm right in stating that RPC technology was first developed by Sun Microsystems (SunOS/Solaris) I have coding/sys admin experience with, have some implementation of remote procedure calls, sometimes building other services on top of it (as with Windows and DCOM). I refer you to my earlier post regarding the CERT advisory with respect to the well known RPC vulnerability in Win2k/XP. I take it you have heard of CERT? Being an expert on network security and all?

"download/get a file" - please stop smoking crack. SQL slammer simply sent carefully crafted IP packets to the listening SQL service (again, this mind blowing concept of data flowing across networks...) on vulnerable installations of MS SQL Server. The symptoms were a server that suddenly flooded your network looking for more SQL servers to infect. At no point was a file involved (in fact the cure was isolation and patching, the virus did not survive a reboot). One of the most ingenious viruses I ever had the chance to view the source code for used the client-side scripting capabilities of HTML enabled email clients (outlook for example) to propagate itself. You never even had to open a file, in fact you never even needed to open the message, you just needed outlook to render it using the html rendering engine of IE (e.g. in a preview window) and you were infected. Look up kak-worm sometime, its pretty famous.

You are doing no favours by spreading misinformation. There is a large risk that you have been eating worms.

Who is on crack? Slammer is a WORM, according to your own refered site, CERT. Learn the difference between virus and worms please, same as most people having toubles understanding the difference between hackers and crackers etc.

 

[Ctuchik]

You dont just get MSBlast(Or any virus for that matter) "just like that". You probably formatted just one of your harddrives, and after reinstalling windows, you opened a file on another hardrives, which contained a virus. In some cases, installing old drivers you have stored away for later use.

right. so me getting blaster on a totally new PC without acually downloading ANYTHING is just my imagination?

all i did was setting up my internet account.

 

[sibanac]

Who is on crack? Slammer is a WORM, according to your own refered site, CERT. Learn the difference between virus and worms please, same as most people having toubles understanding the difference between hackers and crackers etc.

you can trow all the semantics around you want the fact still remains that if you connect an unpatched un firewalled XP machine to the net, you will get nasty stuff on it before you can say thermo-hydrodynamics.

 

[Kalid]

you can trow all the semantics around you want the fact still remains that if you connect an unpatched un firewalled XP machine to the net, you will get nasty stuff on it before you can say thermo-hydrodynamics.

It's not 100% that you will get it, but there's always a risk. Btw you must say thermo-hydrodynamics very slow since you stated it took 25 min (in average, according to statistics) till you got infected

 

[punchy]

You will not get virus by just connect to internet unless you download/get a file and the file is executed. However there's a large risk you get attacked by WORMS.

It's not 100% that you will get it, but there's always a risk. Btw you must say thermo-hydrodynamics very slow since you stated it took 25 min (in average, according to statistics) till you got infected

One is a metamerically segmented annelid, the other is a self replicating strand of RNA surrounded by a protein coating.

Your PC is safe, please connect to the internet immediately.

 

[Nyssa]

Why not agree to disagree. Fact is there is a risk you will get infected. Fact is this risk is not 100%.

Testwise, I have put a pc which I did not care about all naked and connected to the public network and guess what. One year, no worms, no viruses, no trojans, nutting... I actually thought that was so boring

But anyone knows you can't take that chance with a pc that contains data, so just install it before you connect it to be 100% sure.

 

[Chronictank]

i tested this myself on a uni network
(LAN is slightly diff from net true)
XP installed: 14:52
Machine infected: 15:04 with a backdoor

This is where you people who think you are safe should be paying attention:
Norton Anti-Virus 2003: No viruses found
F-Secure Anti-Virus 5.52 build 9501: No viruses found
Mcafee 8: No viruses found
I only noticed it because i didnt recognise the process, upon scanning the file:

Scan results
~ File: videosd32.exe
~ Date: 09/03/2004 15:04:43
- ----
BitDefender     7.0/20040903    found nothing
ClamWin devel-20040822/20040903 found nothing
Kaspersky       4.0.2.24/20040903       found [Backdoor.Win32.Wootbot.a]
McAfee  4389/20040901   found nothing
NOD32v2 1.859/20040903  found nothing
Norman  5.70.10/20040903        found nothing
Panda   7.02.00/20040903        found nothing
Sybari  7.5.1314/20040903       found [Backdoor.Win32.Wootbot.a]
Symantec        8.0/20040902    found nothing
TrendMicro      7.000/20040901  found nothing


File Version :          
File Description :      C:\WINNT\system32\videosd32.exe
File Path :             C:\WINNT\system32\videosd32.exe
Process ID :            0x3C0 (Heximal) 960 (Decimal)


Connection origin :     local initiated
Protocol :              TCP
Local Address :         172.16.248.128
Local Port :            1037
Remote Name :           whoredfb.hom.parited.net
Remote Address :        216.205.68.50
Remote Port :           54123


Ethernet packet details:
Ethernet II (Packet Length: 76)
        Destination:    00-50-56-f3-14-72
        Source:         00-0c-29-95-4d-15
Type: IP (0x0800)
Internet Protocol
        Version: 4
        Header Length: 20 bytes
        Flags:
                .1.. = Don't fragment: Set
                ..0. = More fragments: Not set
        Fragment offset:0
        Time to live: 128
        Protocol: 0x6 (TCP - Transmission Control Protocol)
        Header checksum: 0x9635 (Correct)
        Source: 172.16.248.128
        Destination: 216.205.68.50
Transmission Control Protocol (TCP)
        Source port: 1037
        Destination port: 54123
        Sequence number: 3667227182
        Acknowledgment number: 0
        Header length: 28
        Flags:
                0... .... = Congestion Window Reduce (CWR): Not set
                .0.. .... = ECN-Echo: Not set
                ..0. .... = Urgent: Not set
                ...0 .... = Acknowledgment: Not set
                .... 0... = Push: Not set
                .... .0.. = Reset: Not set
                .... ..1. = Syn: Set
                .... ...0 = Fin: Not set
        Checksum: 0x515d (Correct)
        Data (0 Bytes)


Binary dump of the packet:
0000:  00 50 56 F3 14 72 00 0C : 29 95 4D 15 08 00 45 00 | .PV..r..).M...E.
0010:  00 30 03 A1 40 00 80 06 : 35 96 AC 10 F8 80 D8 CD | .0..@...5.......
0020:  44 32 04 0D D3 6B DA 95 : 72 2E 00 00 00 00 70 02 | D2...k..r.....p.
0030:  40 00 5D 51 00 00 02 04 : 05 B4 01 01 04 02 4C 45 | @.]Q..........LE
0040:  4A 43 41 43 41 43 41 43 : 41 43 41 43             | JCACACACACAC



Process: videosd32.exe Pid: 960


Type    Name
Desktop \Default
Directory       \KnownDlls
Directory       \Windows
Directory       \BaseNamedObjects
Event   \BaseNamedObjects\userenv:  User Profile setup event
File    \Device\NamedPipe\net\NtControlPipe14
File    \Device\NamedPipe\svcctl
File    \Device\NamedPipe\svcctl
File    \Device\Afd\Endpoint
File    \Device\Afd\Endpoint
File    \Device\Tcp
File    \Device\Tcp
File    C:\WINNT\system32
File    \Device\Tcp
File    \Device\KsecDD
File    \Device\Tcp
File    \Device\Tcp
File    \Device\Ip
File    \Device\Ip
File    \Device\Ip
Key     HKLM\SOFTWARE\MICROSOFT\Tracing\RASADHLP
Key     HKLM
Key     HKU\.DEFAULT
Key     HKLM\SOFTWARE\MICROSOFT\Tracing\RASAPI32
Key     HKLM\SYSTEM\ControlSet001\Services\Tcpip\Linkage
Key     HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters
Key     HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces
Key     HKLM\SYSTEM\ControlSet001\Services\NetBT\Parameters
Key     HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\HwOrder
Key     HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9
Key
HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5
Mutant  \BaseNamedObjects\RasPbFile
Thread  videosd32.exe(960): 1116
Thread  videosd32.exe(960): 1116
Thread  videosd32.exe(960): 588
Thread  videosd32.exe(960): 996
Thread  videosd32.exe(960): 1260
Thread  videosd32.exe(960): 996
Thread  videosd32.exe(960): 1260
Thread  videosd32.exe(960): 996
Thread  videosd32.exe(960): 588
WindowStation   \Windows\WindowStations\Service-0x0-3e7$
WindowStation   \Windows\WindowStations\Service-0x0-3e7$

teling people "dont worry you wont be infected" is about the stupidest advice you could give and i dont see by what grounds you are defending it.
The majority of network traffic comes from machines used by idiots folowing your theory that "I am special nothing will happen" because they have been infected by a virus/worm

 

[punchy]

i tested this myself on a uni network
(LAN is slightly diff from net true)
XP installed: 14:52
Machine infected: 15:04 with a backdoor

This is where you people who think you are safe should be paying attention:

...

teling people "dont worry you wont be infected" is about the stupidest advice you could give and i dont see by what grounds you are defending it.
The majority of network traffic comes from machines used by idiots folowing your theory that "I am special nothing will happen" because they have been infected by a virus/worm

What he said tbh.

/em gives Chronictank a cookie ^^