Jump to content

highjacked?

Guest Rob

By Guest Rob
in Techno Babble

 Share

Recommended Posts

Guest Rob

Guest Rob

Posted
Posted

My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's on a

wireless secured network. She downloads pics from her camera and places them

in the My Pictures folder. Last week she noticed that her pictures and pic

folders were missing and in their place pictures she has no idea where they

came from or who the pics are of. Other folders and files appear intact.

After a complete search, including recycle bin, her pic files and folders

were nowhere to be found.

The firewall is always on, updates are automatic and programs AWG, Adaware

and Spybot are updated regularly, run and no signs of problems.

 

The only thing that may have been unusual was she temporarily switched her

wireless access to an unsecured network (secured one was not working).

 

Any idea what might have happened or how the pics could have been downloaded

without her knowledge?

 

Thanks for feedback.

Rob

  • Replies 6
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Kayman

Guest Kayman

Posted
Posted

On Thu, 22 Jan 2009 05:47:05 GMT, Rob wrote:

<span style="color:blue">

> My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's on a

> wireless secured network. She downloads pics from her camera and places them

> in the My Pictures folder. Last week she noticed that her pictures and pic

> folders were missing and in their place pictures she has no idea where they

> came from or who the pics are of. Other folders and files appear intact.

> After a complete search, including recycle bin, her pic files and folders

> were nowhere to be found.

> The firewall is always on, updates are automatic and programs AWG, Adaware

> and Spybot are updated regularly, run and no signs of problems.

>

> The only thing that may have been unusual was she temporarily switched her

> wireless access to an unsecured network (secured one was not working).

>

> Any idea what might have happened or how the pics could have been downloaded

> without her knowledge?</span>

 

Somebody may have been able to access your daughters computer... The

possibilities are endless...!

 

Go through 'cleaning' these steps:

 

1.Clear the (IE) temporary Internet files and the history cache.

Click 'Start' and then click 'Run'... then type (or copy/paste)

"inetcpl.cpl" (w/out quotation marks) into the box, then click the 'OK'

button.

In Internet Properties panel 'General' tab, under 'Browsing history', click

'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete

all...' button then place a checkmark into the box beside 'Also delete

files and settings stored by add-ons', Click 'Yes' and exit the Internet

Properties panel by clicking the 'OK' button.

 

2.Clean HDD

Delete files using Disk Cleanup (if on Vista)

http://windowshelp.microsoft.com/Windows/e...7139d91033.mspx

 

3.Download/execute:

Malwarebytes© Corporation - Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

--and--

SuperAntispyware - Free

http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

 

4.Download and execute HiJack This! (HJT)

http://www.trendsecure.com/portal/en-US/to...ools/hijackthis

 

Please, do not post HJT logs to this newsgroup.

Fora where you can get expert advice for HiJack This! (HJT) logs.

 

http://www.thespykiller.co.uk/index.php?board=3.0

http://www.spywarewarrior.com/viewforum.php?f=5

http://forums.tomcoyote.org/index.php?showforum=27

http://www.bleepingcomputer.com/forums/forum22.html

http://www.malwarebytes.org/forums/index.php?showforum=7

http://www.5starsupport.com/ipboard/index.php?showforum=18

http://www.theeldergeek.com/forum/index.php?showforum=29

 

NOTE:

Registration is required in any of the above mentioned fora before posting

a HJT log and read the 'stickies' (instructions/guidelines) for the

respective HJT forum.

 

Additional information:

GMER - is an application that detects and removes rootkits.

http://www.gmer.net/index.php

 

For additional assistance in relation GMER scan results consult either

http://antirootkit.com/forums/index.php?si...781ffe4361c3a17

--or--

http://www.thespykiller.co.uk/index.php?board=3.0

 

For Vista the most dependable defenses are:

1. Do not work in elevated level; Day-to-day work should be performed

while the User Account Control (UAC) is enabled.

User Account Control Step-by-Step Guide.

http://technet.microsoft.com/en-us/library/cc709691.aspx

 

Understanding and Configuring User Account Control in Windows Vista.

http://technet.microsoft.com/en-us/library/cc709628.aspx

 

2. Familiarize yourself with "Services Hardening in Windows Vista".

Services Hardening in Windows Vista

http://www.microsoft.com/technet/technetma.../SecurityWatch/

Educational reading:

10 Immutable Laws of Security

http://technet.microsoft.com/en-us/library/cc722487.aspx

 

3. Don't expose services to public networks.

Windows Vista Service Configurations Introduction

http://www.blackviper.com/WinVista/servicecfg.htm

 

4. Keep your operating (OS) system (and all software on it)

updated/patched. (Got SP1 yet?).

Windows update.

http://www.update.microsoft.com/windowsupd...t.aspx?ln=en-us

Secunia Personal Software Inspector

http://secunia.com/software_inspector

https://psi.secunia.com/

--And--

M/S Security Baseline Analyzer 2.0

http://www.microsoft.com/downloads/details...&displaylang=en

can assist also.

 

Why Service Packs are Better Than Patches.

http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true

 

5. Secure (Harden) Internet Explorer.

IE7 safe/secure settings

Internet Explorer7 Desktop Security Guide

http://www.microsoft.com/downloads/details...&displaylang=en

 

Internet Explorer Enhanced Security Configuration changes the browsing

experience

http://support.microsoft.com/default.aspx?...kb;en-us;815141

 

The Internet Explorer 7 Security Status Bar

http://www.microsoft.com/windows/products/...v/security.mspx

 

Extended Validation SSL Certificates

http://www.microsoft.com/windows/products/...ev/default.mspx

 

Note: Tight security settings will break down some websites. You need to

add these websites into the Trusted Zone for smooth access.

 

Add the following URL's to the Trusted sites:

http://update.microsoft.com

http://download.windowsupdate.com

https:// .update.microsoft.com

http:// .update.microsoft.com

http:// .microsoft.com

 

6. Review your installed 3rd party software applications/utilities;

Remove clutter, including 3rd party software personal firewall

application (PFW) - the one which claims:

"It can stop/control malicious outbound traffic".

 

7. Activate the build-in firewall and tack together its advanced

configuration settings.

Tap into the Vista firewall's advanced configuration features

http://articles.techrepublic.com.com/5100-10877-6098592.html

"...once you discover the secret of accessing its advanced configuration

settings via the MMC snap-in, you'll find it to be far more configurable

and functional. At last, Windows comes with a sophisticated personal

firewall that can be used to set up outbound rules as well as inbound, with

the ability to customize rules to fit your precise needs."

--Or--

Configure Vista Firewall to support outbound packet filtering

http://searchwindowssecurity.techtarget.co...1247138,00.html

--Or--

Vista Firewall Control (Free versions available)

http://sphinx-soft.com/Vista/

 

7a.If on high-speed Internet connection use a router.

 

7b.Implement countermeasures against DNSChanger.

http://extremesecurity.blogspot.com/2008/0...t-hijacked.html

 

7c.Just in case, Wired Equivalent Privacy (WEP) has been

superseded by Wi-Fi Protected Access (WPA).

 

8. Utilize one (1) each 'real-time' anti-virus and anti-spy

application.

 

9. Employ vital operating system monitoring utilities/applications.

Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, Wireshark,

Port Reporter etc.

 

10.Routinely practice Safe-Hex.

http://www.claymania.com/safe-hex.html

Hundreds Click on 'Click Here to Get Infected' Ad

http://www.eweek.com/article2/0,1895,2132447,00.asp

 

The least preferred defenses are:

Myriads of popular anti-whatever applications and staying ignorant.

 

Good luck style_emoticons/

Guest oscar

Guest oscar

Posted
Posted

The best internet security is to stay away from unknown websites, especially

those that offer anything free such as wallpaper, song lyrics, music, movies,

greeting cards, calendars- anything free. Also, never open e-mail from

unknown senders.

 

There is some good free software out there, but before going to those

websites check out the legitimacy of the free software at review sites such

as CNET.

 

Also, I've found Trend Micro to be a good protector of Vista OS. Yes, it

costs, but it gets the job done and saves time in the long run and one

purchased license can be used on 3 computers.

 

Cheers...

--

oscar style_emoticons/

 

....Right click is your very good friend...

 

 

"Rob" wrote:

<span style="color:blue">

> My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's on a

> wireless secured network. She downloads pics from her camera and places them

> in the My Pictures folder. Last week she noticed that her pictures and pic

> folders were missing and in their place pictures she has no idea where they

> came from or who the pics are of. Other folders and files appear intact.

> After a complete search, including recycle bin, her pic files and folders

> were nowhere to be found.

> The firewall is always on, updates are automatic and programs AWG, Adaware

> and Spybot are updated regularly, run and no signs of problems.

>

> The only thing that may have been unusual was she temporarily switched her

> wireless access to an unsecured network (secured one was not working).

>

> Any idea what might have happened or how the pics could have been downloaded

> without her knowledge?

>

> Thanks for feedback.

> Rob

>

>

>

> </span>

Guest Rob

Guest Rob

Posted
Posted

I guess I can assume the original pictures are not recoverable. It just

seems next to impossible her laptop was 'invaded'.

 

I'll proceed to do a 'cleaning' and take a serious look at Trend Micro

 

Thanks for suggestions.

 

1 shocked Vista user.....Rob

 

"oscar" <oscar@discussions.microsoft.com> wrote in message

news:5E2C34D3-2548-49CC-9A1D-B1556B6EFEB4@microsoft.com...<span style="color:blue">

> The best internet security is to stay away from unknown websites,

> especially

> those that offer anything free such as wallpaper, song lyrics, music,

> movies,

> greeting cards, calendars- anything free. Also, never open e-mail from

> unknown senders.

>

> There is some good free software out there, but before going to those

> websites check out the legitimacy of the free software at review sites

> such

> as CNET.

>

> Also, I've found Trend Micro to be a good protector of Vista OS. Yes, it

> costs, but it gets the job done and saves time in the long run and one

> purchased license can be used on 3 computers.

>

> Cheers...

> --

> oscar style_emoticons/

>

> ...Right click is your very good friend...

>

>

> "Rob" wrote:

><span style="color:green">

>> My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's on

>> a

>> wireless secured network. She downloads pics from her camera and places

>> them

>> in the My Pictures folder. Last week she noticed that her pictures and

>> pic

>> folders were missing and in their place pictures she has no idea where

>> they

>> came from or who the pics are of. Other folders and files appear intact.

>> After a complete search, including recycle bin, her pic files and folders

>> were nowhere to be found.

>> The firewall is always on, updates are automatic and programs AWG,

>> Adaware

>> and Spybot are updated regularly, run and no signs of problems.

>>

>> The only thing that may have been unusual was she temporarily switched

>> her

>> wireless access to an unsecured network (secured one was not working).

>>

>> Any idea what might have happened or how the pics could have been

>> downloaded

>> without her knowledge?

>>

>> Thanks for feedback.

>> Rob</span></span>

Guest RalfG

Guest RalfG

Posted
Posted

If she trespassed into someone else's network to access the internet as you

suggested, whatever folders she had shared on her computer could have been

accessible to anyone on the other network. Not really any hacking involved

if there was read-write access to the pictures folder.

 

I can think of two slim chances to get the pictures back... A faint hope

would be if the pictures had simply been moved or renamed elsewhere on her

PC.

The second chance would be to try using a file recovery program like PC

Inspector File Recovery, or something similar. If the deleted pictures

haven't been overwritten you may be able to locate and recover them.

Download from http://www.pcinspector.de/download_all.htm?language=2

After installation the program needs to be run as Administrator.

 

 

"Rob" <qwerty2222@email.com> wrote in message

news:ZWyel.7338$Db2.2551@edtnps83...<span style="color:blue">

>I guess I can assume the original pictures are not recoverable. It just

>seems next to impossible her laptop was 'invaded'.

>

> I'll proceed to do a 'cleaning' and take a serious look at Trend Micro

>

> Thanks for suggestions.

>

> 1 shocked Vista user.....Rob

>

> "oscar" <oscar@discussions.microsoft.com> wrote in message

> news:5E2C34D3-2548-49CC-9A1D-B1556B6EFEB4@microsoft.com...<span style="color:green">

>> The best internet security is to stay away from unknown websites,

>> especially

>> those that offer anything free such as wallpaper, song lyrics, music,

>> movies,

>> greeting cards, calendars- anything free. Also, never open e-mail from

>> unknown senders.

>>

>> There is some good free software out there, but before going to those

>> websites check out the legitimacy of the free software at review sites

>> such

>> as CNET.

>>

>> Also, I've found Trend Micro to be a good protector of Vista OS. Yes, it

>> costs, but it gets the job done and saves time in the long run and one

>> purchased license can be used on 3 computers.

>>

>> Cheers...

>> --

>> oscar style_emoticons/

>>

>> ...Right click is your very good friend...

>>

>>

>> "Rob" wrote:

>><span style="color:darkred">

>>> My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's on

>>> a

>>> wireless secured network. She downloads pics from her camera and places

>>> them

>>> in the My Pictures folder. Last week she noticed that her pictures and

>>> pic

>>> folders were missing and in their place pictures she has no idea where

>>> they

>>> came from or who the pics are of. Other folders and files appear intact.

>>> After a complete search, including recycle bin, her pic files and

>>> folders

>>> were nowhere to be found.

>>> The firewall is always on, updates are automatic and programs AWG,

>>> Adaware

>>> and Spybot are updated regularly, run and no signs of problems.

>>>

>>> The only thing that may have been unusual was she temporarily switched

>>> her

>>> wireless access to an unsecured network (secured one was not working).

>>>

>>> Any idea what might have happened or how the pics could have been

>>> downloaded

>>> without her knowledge?

>>>

>>> Thanks for feedback.

>>> Rob</span></span>

>

> </span>

Guest Rob

Guest Rob

Posted
Posted

Well, tried TrendMicro but repeatedly got a runtime error on install. Tried

VirtualLab but it came up empty looking for the photos.

Yes, the folder was set to shared so the access was possible on another's

network.

 

Oh well, maybe can get some of the pics from the old PC. At least there's

partial solution.

 

Thanks for all the advice.

 

Cheers!

"RalfG" <itsnotme@ladeda.deda> wrote in message

news:7196F084-3965-4822-A3BB-5253DF38ABFD@microsoft.com...<span style="color:blue">

> If she trespassed into someone else's network to access the internet as

> you suggested, whatever folders she had shared on her computer could have

> been accessible to anyone on the other network. Not really any hacking

> involved if there was read-write access to the pictures folder.

>

> I can think of two slim chances to get the pictures back... A faint hope

> would be if the pictures had simply been moved or renamed elsewhere on her

> PC.

> The second chance would be to try using a file recovery program like PC

> Inspector File Recovery, or something similar. If the deleted pictures

> haven't been overwritten you may be able to locate and recover them.

> Download from http://www.pcinspector.de/download_all.htm?language=2

> After installation the program needs to be run as Administrator.

>

>

> "Rob" <qwerty2222@email.com> wrote in message

> news:ZWyel.7338$Db2.2551@edtnps83...<span style="color:green">

>>I guess I can assume the original pictures are not recoverable. It just

>>seems next to impossible her laptop was 'invaded'.

>>

>> I'll proceed to do a 'cleaning' and take a serious look at Trend Micro

>>

>> Thanks for suggestions.

>>

>> 1 shocked Vista user.....Rob

>>

>> "oscar" <oscar@discussions.microsoft.com> wrote in message

>> news:5E2C34D3-2548-49CC-9A1D-B1556B6EFEB4@microsoft.com...<span style="color:darkred">

>>> The best internet security is to stay away from unknown websites,

>>> especially

>>> those that offer anything free such as wallpaper, song lyrics, music,

>>> movies,

>>> greeting cards, calendars- anything free. Also, never open e-mail from

>>> unknown senders.

>>>

>>> There is some good free software out there, but before going to those

>>> websites check out the legitimacy of the free software at review sites

>>> such

>>> as CNET.

>>>

>>> Also, I've found Trend Micro to be a good protector of Vista OS. Yes, it

>>> costs, but it gets the job done and saves time in the long run and one

>>> purchased license can be used on 3 computers.

>>>

>>> Cheers...

>>> --

>>> oscar style_emoticons/

>>>

>>> ...Right click is your very good friend...

>>>

>>>

>>> "Rob" wrote:

>>>

>>>> My daughter has a 1 yr old Sony laptop with Vista Home Basic and it's

>>>> on a

>>>> wireless secured network. She downloads pics from her camera and places

>>>> them

>>>> in the My Pictures folder. Last week she noticed that her pictures and

>>>> pic

>>>> folders were missing and in their place pictures she has no idea where

>>>> they

>>>> came from or who the pics are of. Other folders and files appear

>>>> intact.

>>>> After a complete search, including recycle bin, her pic files and

>>>> folders

>>>> were nowhere to be found.

>>>> The firewall is always on, updates are automatic and programs AWG,

>>>> Adaware

>>>> and Spybot are updated regularly, run and no signs of problems.

>>>>

>>>> The only thing that may have been unusual was she temporarily switched

>>>> her

>>>> wireless access to an unsecured network (secured one was not working).

>>>>

>>>> Any idea what might have happened or how the pics could have been

>>>> downloaded

>>>> without her knowledge?

>>>>

>>>> Thanks for feedback.

>>>> Rob</span>

>>

>></span>

> </span>

Guest SuperXero

Guest SuperXero

Posted
Posted

Hi Rob

Since it was my pictures that was affected you can use previous

versions to restore her pictures. Previous versions is a feature that

many are not aware of and is enabled by default. I don't like it

personally but it can be useful.

 

SuperXero

HackingManual.Net

 

 

--

SuperXero

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...