Guest TeeFran Posted August 29, 2008 Posted August 29, 2008 Hello all. A couple months ago I was having problems with Vista and software not operating correctly, so I restored Vista to it’s original factory settings and things have been fine. I re-activated my purchased softwares and what-not. About a month ago though, I logged off and the next day upon hitting the button to turn the PC on it came on like it does when it boots from sleep or hibernate, and my wireless internet account was active. I closed the connection and shut the system down. The day after that I had to re-add my wireless internet connection as I was not listed with the other names in the connection box. Normally my wireless connection is the first one at the top of the connection box. Then a day or so after that my name was at the bottom or further down than it normally is in the connection box and another name/connection was at the top where my name normally is. I immediately added a standard user instead of having just me as the only administrator/authorized user, and I activated parental control for the standard user and gave the standard user only limited access to the PC. For the most part I only get online now with the new standard user, and for the last two weeks or so I have not noticed any anomalies. But today using my normal admin account I downloaded a file online and I attempted to convert it using a software I bought last year to convert files from one format to another and my System ID has been changed (like it was when I restored to factory settings). I had already contacted the company and got a new activation code for my new System ID when I restored a few months back. Now I need to contact the company once again for another activation code for this software to go with another System ID. Questions: 1) Does it sound like my PC was and/or has been hacked? 2) When I was noticing all the strange things before could someone have changed my System ID then and I’m just now noticing it? 3) Could someone still have a window into my System? 4) Is there any other way your System ID can be changed besides restoring to factory settings? 5) I only restored once so how can my System ID be different again without a second restore? 6) Could just adding a new standard user have changed my whole System ID? 7) Or could the software itself or another software be screwing with my PC? And finally; 8) If I have been compromised, how can I make my regular admin account more secure, with or without using UAC (which I don’t like using)? Please help! -- TeeFran Quote
Guest Kayman Posted August 29, 2008 Posted August 29, 2008 On Fri, 29 Aug 2008 01:17:44 -0500, TeeFran wrote: <span style="color:blue"> > Hello all. > A couple months ago I was having problems with Vista and software not > operating correctly, so I restored Vista to it’s original factory > settings and things have been fine. I re-activated my purchased > softwares and what-not. About a month ago though, I logged off and the > next day upon hitting the button to turn the PC on it came on like it > does when it boots from sleep or hibernate, and my wireless internet > account was active. I closed the connection and shut the system down. > The day after that I had to re-add my wireless internet connection as I > was not listed with the other names in the connection box. Normally my > wireless connection is the first one at the top of the connection box. > Then a day or so after that my name was at the bottom or further down > than it normally is in the connection box and another name/connection > was at the top where my name normally is. I immediately added a standard > user instead of having just me as the only administrator/authorized > user, and I activated parental control for the standard user and gave > the standard user only limited access to the PC. For the most part I > only get online now with the new standard user, and for the last two > weeks or so I have not noticed any anomalies. But today using my normal > admin account I downloaded a file online and I attempted to convert it > using a software I bought last year to convert files from one format to > another and my System ID has been changed (like it was when I restored > to factory settings). I had already contacted the company and got a new > activation code for my new System ID when I restored a few months back. > Now I need to contact the company once again for another activation code > for this software to go with another System ID. > Questions: > 1) Does it sound like my PC was and/or has been hacked? > 2) When I was noticing all the strange things before could someone have > changed my System ID then and > I’m just now noticing it? > 3) Could someone still have a window into my System? > 4) Is there any other way your System ID can be changed besides > restoring to factory settings? > 5) I only restored once so how can my System ID be different again > without a second restore? > 6) Could just adding a new standard user have changed my whole System > ID? > 7) Or could the software itself or another software be screwing with my > PC? > And finally; > 8) If I have been compromised, how can I make my regular admin account > more secure, with or without using UAC (which I don’t like using)? > Please help!</span> Help: I Got Hacked. Now What Do I Do? http://technet.microsoft.com/en-au/library/cc512587.aspx Installing and reinstalling Windows. Reinstalling Windows Vista when you want to restore default Windows settings or when you are having trouble with Windows and need to reinstall it by performing a clean installation. https://windowshelp.microsoft.com/Windows/e...0522671033.mspx How To Perform a Repair Installation For Vista. http://www.vistax64.com/tutorials/88236-re...tall-vista.html For Vista the most dependable defenses are: 1. Do not work in elevated level; Day-to-day work should be performed while the User Account Control (UAC) is enabled. User Account Control Step-by-Step Guide. http://technet.microsoft.com/en-us/library/cc709691.aspx Understanding and Configuring User Account Control in Windows Vista. http://technet.microsoft.com/en-us/library/cc709628.aspx 2. Familiarize yourself with "Services Hardening in Windows Vista". Services Hardening in Windows Vista http://www.microsoft.com/technet/technetma.../SecurityWatch/ Educational reading: 10 Immutable Laws of Security http://technet.microsoft.com/en-us/library/cc722487.aspx 3. Don't expose services to public networks. Windows Vista Service Configurations Introduction http://www.blackviper.com/WinVista/servicecfg.htm 4. Keep your operating (OS) system (and all software on it) updated/patched. (Got SP1 yet?). Why Service Packs are Better Than Patches. http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true 5. Reconsider the usage of IE. Utilizing another browser application can add to the overall security of the OS. Alternative Browsers: Opera™ http://www.opera.com/download/ Firefox™ http://www.mozilla.com/en-US/ The SeaMonkey® Suite (Internet Browser) http://www.seamonkey-project.org/ --or-- 5a.Secure (Harden) Internet Explorer. IE7 safe/secure settings Internet Explorer7 Desktop Security Guide http://www.microsoft.com/downloads/details...&displaylang=en Internet Explorer Enhanced Security Configuration changes the browsing experience http://support.microsoft.com/default.aspx?...kb;en-us;815141 The Internet Explorer 7 Security Status Bar http://www.microsoft.com/windows/products/...v/security.mspx Extended Validation SSL Certificates http://www.microsoft.com/windows/products/...ev/default.mspx Note: Tight security settings will break down some websites. You need to add these websites into the Trusted Zone for smooth access. You could consider disabling all Security Settings in IE and use IE only for the 'Patch Tuesday' updates; To do so you must add the following URL's to the Trusted sites: http://update.microsoft.com http://download.windowsupdate.com https:// .update.microsoft.com http:// .update.microsoft.com http:// .microsoft.com 6. Review your installed 3rd party software applications/utilities; Remove clutter, including 3rd party software personal firewall application (PFW) - the one which claims: "It can stop/control malicious outbound traffic". Remove clutter, dispose of all your 'Anti-Whatever' applications. Keep your pc lean, install only applications you are really need - try to be a 'minimalist'. Belarc Advisor can assist http://www.belarc.com/free_download.html --As can-- Revo Uninstaller http://www.revouninstaller.com/ 7. Activate the build-in firewall and tack together its advanced configuration settings. Tap into the Vista firewall's advanced configuration features http://articles.techrepublic.com.com/5100-10877-6098592.html --Or-- Configure Vista Firewall to support outbound packet filtering http://searchwindowssecurity.techtarget.co...1247138,00.html --Or-- Vista Firewall Control (Free versions available) http://sphinx-soft.com/Vista/ Managing the Windows Vista Firewall http://technet.microsoft.com/en-us/magazine/cc510323.aspx 7a.If on high-speed Internet connection use a router. Implement countermeasures against DNSChanger. http://extremesecurity.blogspot.com/2008/0...t-hijacked.html And (just in case) Wired Equivalent Privacy (WEP) has been superseded by Wi-Fi Protected Access (WPA). 8. Utilize one (1) each 'real-time' anti-virus and anti-spy application. Avira AntiVir® Personal - FREE Antivirus http://www.free-av.com/ (The free version won't scan your emails.) Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail http://thundercloud.net/infoave/tutorials/...nning/index.htm Ensure your e-mail program is configured to display e-mail messages in 'Plain Text' only. You may wish to consider removing the 'AntiVir Nagscreen' http://www.elitekiller.com/files/disable_antivir_nag.htm Windows Defender - (build-in in Vista) 9. Employ vital operating system monitoring utilities/applications. Process Explorer, AutoRuns, TCPView etc. 10. Routinely practice Safe-Hex. http://www.claymania.com/safe-hex.html Also, ensure you back-up regularly; Develop a Contingency Plan; Be prepared! Consider "What if..." Good luck style_emoticons/ Quote
Guest TeeFran Posted August 30, 2008 Posted August 30, 2008 I knew it! I Knew it! Every since I've been a member of this forum, it's never taken anyone this long to post back to me, or either this post is in the wrong place.... or I"m screwd maaaaaan!!!!! OH my GOD!!! OH my GOD!!! OH my GOD!!! :sick: -- TeeFran Quote
Guest Paul Montgomery Posted August 30, 2008 Posted August 30, 2008 On Sat, 30 Aug 2008 09:30:53 -0500, TeeFran <guest@unknown-email.com> wrote: <span style="color:blue"> > >I knew it! I Knew it! > >Every since I've been a member of this forum, it's never taken anyone >this long to post back to me, or either this post is in the wrong >place.... > >or > >I"m screwd maaaaaan!!!!! > > >OH my GOD!!! >OH my GOD!!! >OH my GOD!!! >:sick:</span> You're a raving, moronic child. Did you look at anything in the reply from "kayman"? Quote
Guest TeeFran Posted August 30, 2008 Posted August 30, 2008 OK I've been doing some searching on the web and came across some websites and other tech support sites and at Microsofts site my post from here has been forwarded to them so much thanks to whoever did that. Some guy named Kayman posted some articles over there that I'm currently reading and printing out, and I'll go from there. Anyway, thanks. (BTW, if these posts ARE in the wrong place on the forum, maybe one of the moderators can delete them or move them). -- TeeFran Quote
Guest Paul Montgomery Posted August 30, 2008 Posted August 30, 2008 On Sat, 30 Aug 2008 12:16:17 -0500, TeeFran <guest@unknown-email.com> wrote: <span style="color:blue"> > >OK I've been doing some searching on the web and came across some >websites and other tech support sites and at Microsofts site my post >from here has been forwarded to them so much thanks to whoever did that.</span> The forum software you are on did that. All the posts from "guests" come from the Microsoft site, not from the forum users. <span style="color:blue"> >Some guy named Kayman posted some articles over there that I'm >currently reading and printing out, and I'll go from there.</span> Shows one of the big problems with your forum: it SHOULD have that post, but it doesn't. Stick with the groups here if you MUST use a web-interface: http://www.microsoft.com/communities/newsgroups/en-us/ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.