Factory reset
Hello so yesterday I installed malware on my pc I think it’s a rat or any other malware idk but then I factory resetted my pc with cloud download and remove everything and clean data option can it come back and reinfect the system or Is it very rare from what I heard ?
103 Replies
id probably reinstall windows and make a new onedrive incase you use it. but as far as i know you should be good
So it’s rare that the malware comes back with my reset right ?
it only happens if it exists outside your computer
or somehow it affects your hardware, which it hasn't since this malware is nowhere close to that level
Idk cause I heard people saying I made a bootkit and it’s fine but I don’t know I’m worried that he came back but I’m probably fine right ?
Cause bootkits are very rare?
what do you mean you "made" a boot kit??
either way just reinstall windows and see if it comes back
if it does come back then you probably just have to either reflash or replace your motherboard
No I heard people saying they make a bootkit and I’m scared or worried cause there are people that say it’s very hard and rare and there are people that say it’s easy and I don’t know who to trust
How do I know ?
I know but because there are people saying that it’s easy to make and there are people saying it’s very rare and hard and ChatGPT says it’s rare and hard
It’s been 17 days so far and nothing has happened but I just wanna know is it rare to come back after a reset so I can clear my mind ?
Why is it rare to happen though when it’s easy to make
If I pissed if someone in discord and installed malware from him you think he would do that or rare ?
If he has my computer he can infect other ?
Is it hard to spread on my network or it needs a professional hacker or something like that
But how would he infect the network
Alr
But if I’m on gpt not mbr is it still easy to make or rare
No I mean guid partition table
It’s been 17 days and nothing happened
Have you ever seen somebody factory reset the same of mine and get infected again or no?
I’m sorry for asking too much
I’m just worried
If I did boot time scan in avast would it go away
I did before but I will try to do it again okay
Ok thank you so much for the support
And goodbye
okokokokol
let me start with this
how do you know your computer has already been compromised?
I installed malware before the factory reset and then factory resetted
how do you know you installed it
if it didnt pop up with random images, starting deleting (or encrypting) random files, or you dont see it anywhere interacting with your network, chances are you probably dont have it
in fact have you even ran it or even seen symptoms of it
Use tron
And also whether or not malware can come back depends on its persistence level
Not really a level but persistence is how much of a hold can the RAT have over your machine 😭
no it doesn't it depends on whether you've pissed off the KGB or the CIA recently
because those are really the only entities that have access to those kinds of persistence
LMAO
Yeah unfortunately you’re right lmfao
But don’t APT groups also have access to this level of persistence?
Like really really powerful APT groups
usually no, but when they do they're usually an arm of the NSA or the Chinese People's Army
or something like that
“The dark army”
Wait so you’re telling me that a really strong level of persistence can’t be achieved cause they are being locked away behind closed doors?
@guninvalid over coax alliance
But it’s pretty rare to happen to me right ?
And can someone access my device with my ip address ?
it's not rare, it's basically impossible, and not possible for you
i think you're only scared about this because you haven't had a virus yet
look, reinstall windows and get back to us
you have to make mistakes sometimes so you can learn from them, and failing to remove a virus is one of those mistakes you have to learn from
no, not unless they are on your network
and if they are on your network, ask the police to escort them out of your house
how do you know you installed malware? and what does the malware do?
oh okay
no theyre not on my network so they cant?
i installed a program from the guy i pissed off and runned it and got worried and factory resetted but from what you told me no way hes back thank you so much
for future reference that's something that you can catch with windows defender
but since you've already borked your system so much you really should just reinstall
no this was before the reinstall
i reinstalled now
but he cant access my device with my ip right theyre not on my network
yea then you should be fine
if you have evidence that you still have the virus somehow, you either need to talk to talk to a repair technician or call your ISP
what does the isp have to do with this?
because that's the other way that persistence could be established, if they have a foothold in your network somehow
so you would talk to your ISP about that
but the malware couldnt persist my factory reset its impossible right?
no
i dont think so my router firmware is on the latest firmware
if it did then you have much bigger problems to worry about
then you should be fine
its d-link
yeah im not that high of a target
i say "should" because idkabout your entire network and your entire house but there's really no reason you wouldn't be fine
yeah but its hard to compromise the network right when its updated and you need to find an exploit
pretty much
but even with my ip address he cant enter my device right ?
it's possible to attack the other devices on your network but that would assume those devices are even vulnerable to begin with
and that would have to mean your router is vulnerable in even allowing that attack to happen
but its rare to happen
right ?
which if you haven't done any real configuration except keeping your router firmware up to date, then that attack vector isn't possible without a vulnerability
no, your PUBLIC ip address is the IP address of your router
so if he tried to attack your PUBLIC ip address he would be attacking your router
and if your router is up to date it's unbelievably resilient against those attacks
your PRIVATE ip address can only be attacked if he's inside your home network, at which point you call the police and ask them to escort him out your front door
yeah ofcourse maybe i will punch him in the face lol🤣
no way hes on my home
well i can't recommend you do that BUT
thanks for the support
you really made me calm thank you
cause i was confused there was many people saying "yeah ive made a bootkit and its easy and it can come back" and some say not but i trust you and thank you for the support
yea bootkits can be removed by a reinstall
with my reinstall ?
yea
yeah but if its in the efi these ones yeah but the firmware and hardware ones no but these are extremely rare
no, a windows reinstall will also replace your efi
windows handles your efi
yeah yeah
i meant that if its in the efi it will be removed
yea
but the hardware and firmware are so rare so im fine
i think what the guy said i heard from making a bootkit he probably made a efi bootkit maximum i think so yeah
yea that's all bro could've really done
lol
but can he know my exact location if he had malware in my pc im just saying idc if he has my location
location services is off in windows
he might be able to get your public IP address or even private IP address
that might give him maybe your home address, but nothing more
i can't tell you more without knowing the IP address he gave you so don't tell me
but you can try going to
https://whatismyip.com and seeing what it tells youyeah no no im fine
yeah it doesnt say my home address neither the city lol
bless your fucking heart goddamn
but im saying if he like had a rat on my pc or any other malware can he know my exact location cause i heard there is a option in rats idk
but idc right now cause i know im fine thank you so much
I have a question sorry for interrupting if I had port forwarding on and there was a port opened but I don’t think the ip address of my device was there I mean the private ip and the ports were 9600 and 3074 I think so cause I deleted them but can’t remember but these ports are opened to the router downstairs and I don’t connect to that router the router I connect too the d-link one in my room but when I disconnect the router downstairs the d-link disconnects but when I disconnect the d-link the downstairs one doesn’t but the ports are opened on the one downstairs and I don’t connect to that one so I’m I fine ?
sorry for writing too much
Oh I just found out the internal ip address of the port forwarding rule is not my device ip so I’m fine
and my upnp is enabled too
@pls hire me
um it is easier on your architecture if you only have 1 router but if you have 2 that's also fine
but yea you should definitely change your router password and probably factory reset it just to be safe
also disconnect it from the internet, like immediately
yeah its opened on the second router which i dont connect too
and i just found out the external ip address of the port forward rule is not on my device private ip
so im fine
but the thing im worrying about is the upnp feature
is it a risk ? @pls hire me
gurlllllll go hug your mom
or your dad
like now
you need hugs
many
wtf why ?
lol
i can tell you're very panicked and you need to just not think about this and take care of yourself for like 5 minutes
yeah i know idc but im just asking for just piece of mind
cause chatgpt said upnp is a bit risky feature
is it?
so ?
@pls hire me
is this dude still having issues
or did he install tron?
Im just gonna factory reset again and contact my isp to change my ip address and just have piece of mind and don’t remember this thing
You dont have malware
I know I’m just worrying from the ip address but ima just factory reset and change my ip for piece of mind
just unplug your router bro💀
It doesn’t work
what doesn't work?
When I unplug my router
But ima call my isp it’s fine
But after doing all that no way he’s back right ?
Indeed
dude
What ?
So he’s not ?
gurl go eat a sammich
you need it
or ice cream
ice cream solves everything
i should get an ice cream...
or.. an ice cream sandwich.
👀
bet
lol
This also happened to me
Except what I did was i accidentally installed a Sketchy minecraft mod
Ice cream sandwich count?
No
I accidently clicked download
Gotta test in a vm first :party_moogle:
And the next day I was noticing rlly wird stuff
I didn't mean to click download
really ?
lol
Kinda
Except i accidentally clicked download on a shady minecraft mod
oh
Then I think I got rattted
yeah i just factory resetted and its gone
Same
yeah same
but im worrying about my ip
but everybody told me that i cant be accessed with it so im probably fine
For me it was not that bad
its a guy i pissed off lol
And i knew i was ratted when i tried to open my task manager to check then it restarted my pc
mine was bad he was gonna come to my house he said but i just can call the police and its fine
oh
Btw after u factory reset i recommend to use bitdefender and run a full scan
Just use the free one
Just for peace of mind
@M7md
i will yeah
Even tho it's almost impossible it slipped through the factory reset
but the guys here told me after the factory reset he cant come back so im okay but i will do yeah thanks for the advice
Even if it was a rootkit
Np
yeah it needs to be in the firmware and these ones are very rare
even if its a efi bootkit it cant be removed
but what type of factory reset you did ?
Local
i did a cloud
idk whats the difference but i think the cloud is safer
Is it to save ur data?
wdym ?
Yk what cloud storage is right?
no i mean cloud download
in the factory reset
O ok
i feel like when im getting hacked im learning more idk
cause in the future like for college im gonna study cybersecurity
define what a rat is
Remote access trojan
@w3333333t.io