Break out your tinfoil hat!

I have been labeled unanimously by the online-malware-assistance community as a hopeless lunatic. But please indulge me for just three paragraphs, and then you will know why I am posting in this particular forum. I swear I am not a paranoid schizophrenic, methamphetamine junkie, CTer or troll.

For about a year now, my PC – a (gulp) Dell XPS430 (two words: installment plan) – has been behaving quite strangely. It came installed with Windows Vista, which I promptly torpedoed in favor of Windows 7, which didn’t do me a whole lot better. Now I’m running Ubuntu Linux. I bought a new hard drive on which to install Ubuntu. I’m starting to get the hang of Linux, but I’m not programmer-level computer smart. In fact, I think I might be the new poster child for “knows just enough to get himself in trouble.” At any rate, I know this is not a technical support site so I won’t test your patience with a long list of symptoms and logs and the like.

However, I will share the one detail that has earned me the reputation for being a nutcase: No matter how many times I reformat my disk drive and reinstall the OS from a clean (as in downloaded and burned to disc at my friend’s business, a secure Web-hosting center) the malware-like behavior on my PC persists. Still, immediately the symptoms returned: inexplicable UDP traffic, unknown SuperUsers created, files and folders locked, network settings reconfigured, etc.

So I purchased a new SATA hard drive and installed Ubuntu as described above. It certainly is more stable than either of the two Windows versions I had tried, but many of the problems persist. Also I have noticed several references to BeOS in script files on my PC.

Example:

script_args="“
debugging=0
MOZILLA_BIN=”${progbase}-bin"

if [ “$OSTYPE” = “beos” ]; then
mimeset -F “$MOZILLA_BIN”

Is it possible that some clever hackers have discovered a way to embed a platform-agnostic boot loader somewhere other than on the hard drive? I read about bootman on Wikipedia and thought it might be capable of something like that if used with malicious intent.

I’m happy to field any questions, criticism or cruel sarcasm.

I don’t think any hackers would use parts of the Mozilla makefile code to do anything.

It’s here:
http://mxr.mozilla.org/mozilla-central/source/build/unix/mozilla.in#105

Have you tried disconnecting from any networks during the initial setting up/configuration period.

I highly doubt your linux installation is getting cracked because suitable servers are not installed by default.

What are the names of the strange “super-users” being created in the windows installation?

Depending on how you formatted your harddrive, it’s possible you have a rootkit virus. You can read about them here:

Best thing to do is use a tool that wipes your MBR when it formats a drive, Darik’s Boot and Nuke does the job nicely, you can get a live CD image here:

Also would be good idea to flash your BIOS firmware, you should be able to get the firmware from the motherboard manufacturer website (or if the PC is from an established manufacturer like Dell, HP, etc… then you can get the firmware from their support website).

If you need help identifying your motherboard, there are plenty of tools out there, depending on what OS you’re running. For example, on Windows, could use PC Wizard:

Hope this helps.

Yes, flashing the BIOS would definitely be a good idea. From what I know you can easily do this by removing the battery on the motherboard and then waiting several seconds before reinserting. Everything will go back to default then. (Alternatively there’s a jumper you can remove, but better check on the internet for that) Either way, I do not think youre paranoid - just very attentive and questioning. Thats a good thing! Its always good to ensure that everything thats going on with your computer. If you ask me your problem has to do with the internet connection. Have you been with the same provider the whole time? Static or dynamic IP-address? See if the problems persist when you reinstall and completely unplug from the net. Keep us posted.

you can easily do this by removing the battery on the motherboard

No, that would just (possibly) erase any settings. If the motherboard use flash memory for the settings, it won’t even do that.

“Flashing” the BIOS means to overwrite the motherboard firmware stored on a flash memory. This is practical compared to store the BIOS firmware in ROM, since manufacturers can distribute firmware updates if/when they find a bug.

With regards to your HDD, zero-out the whole thing, don’t just partition it. If this makes no sense to you, I can try to explain, but the only experience that I have with Linux is when I tried to install it, and it just didn’t work.

This is quite obviously a case of the Russians having once again
ha><0red into the HAARP array and with the help of some Reptilians, loaded an infected file onto the server the OP downloaded his warez from. Since they now have his location he will have to construct a faraday cage to use for “SAFE COMPUTING”.
HTH

Don’t discount HAARP just yet. If I am to believe random websites off the Internet, it has been causing terrible earthquakes in Canterbury, where I live.

http://www.google.co.nz/search?hl=en&q=HAARP+canterbury

[quote=Snuhwolf]This is quite obviously a case of the Russians having once again
ha><0red into the HAARP array and with the help of some Reptilians, loaded an infected file onto the server the OP downloaded his warez from. Since they now have his location he will have to construct a faraday cage to use for “SAFE COMPUTING”.
HTH[/quote]

ZOMG! ZOMG! I live quite near the HAARP array, and I have noticed I am growing scales!
Do I need to build a Faraday Cage???