Re: Problems with an Outside Threat who is accessing my computer Illeg

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/13/05


Date: Sat, 12 Feb 2005 20:34:02 -0600

You are going to have to a fresh install of your operating system to a
freshly formatted hard drive. Before you do this you will want to back up
any important data to a cdrom or such. That data will have to be scanned for
malware with a program that is current with virus definitions before you
restore it to your newly installed operating system. If you are unsure of
how to do all this take your computer to someone who does or the problems
may persist.

Steps have to be taken to prevent attacks or they will happen again. You
don't mention your operating system but I will assume it is XP Home since
the computer is fairly new.

If you are using a cable/dsl modem then be sure to use a NAT router firewall
device as your first line of defense. They can be purchased for as little as
$19 after rebates from the likes of Linksys, Netgear, or D-Link at Best Buy
or Amazon.com. Make sure that it can not be configured remotely and change
the default password for configuration - this is a must. Here are some more
must do's.

-- If using XP be sure to install Service Pack 2 and do not lower your
Internet Explorer security settings from default. Occasionally check the
settings for Internet Web Content Zone and make sure it is set to default.
You can do that via Internet Explorer/tools/internet options/security. Also
check privacy to make sure it is never lower than medium.

-- Be very careful in what you say yes to when you are browsing the
internet. Unless you are absolutely sure of what you are doing close the
dialog box by selecting the X in the upper right hand corner of the pop up
dialog box without selecting yes or no.

-- Always use hard to guess passwords and do not give them out to another
user ever. If you write them down, store them in a safe place. Change all
passwords
 that you are currently using.

-- Be extremely careful in using your passwords on another computer that you
do not have control of to for instance access you email account, online
banking, etc. As someone could capture your passwords that way. If at all
possible don't do it.

-- Always logoff of or lock your computer when you are not using it and
other people can physically access it. Create a regular user account that is
not in the local administrators group and use that account for normal
computer use and also create one for other users that you may allow access
to your computer.

-- Never, ever go to a website from a link in an email and enter any
passwords or confidential info as almost for sure these are bogus websites
trying to steal your information. Often such websites will look exactly like
the real thing.

-- Never let the operating system, Internet Explorer, a website, or any
application save your passwords for easier access at a later time. Never use
your computer logon password for anything else - just use it to logon to
the computer.

-- Keep your computer current with critical updates at Windows Updates. This
can be done automatically as explained in the first link below.

-- Test your firewall configuration occasionally at a self scan site such as
http://scan.sygatetech.com/ .

-- Use a quality antivirus scanning program that is kept up to date with
virus definitions, preferably automatically, and have it configured to scan
ALL emails no matter who they come from and all downloads, and also
configure it to "monitor" your computer all the time. Norton antivirus for
instance can do this. Email attachments are the number once source of
malware attacks often appearing to come from trusted sources.

-- Never download software from file sharing sources such as kazza and never
install software on your computer that someone gives to you. There are many
places to download software from such as Cnet. Don't accept files over
internet chat programs. People you may trust may not realize the software or
files they give you are malware infected.

-- Always scan for malware immediately anytime you suspect something is
wrong or that you think you allowed malware to be installed. See the last
two links below for a free stand alone package from Trend Micro called
Sysclean that can also be used and does not have to be installed. Just
download Sysclean and the pattern file to a common folder to run from. The
pattern file will need to be unzipped.

-- If you are using wireless networking, someone could be accessing your
computer or network through the wireless access point and bypass your
firewall if your wireless network is not secured using WEP or WPA
encryption/authentication. WEP is not very secure and the WEP keys need to
be changed periodically.

-- Keep in mind that anyone who has access to your computer can compromise
it and do things like install keyboard loggers, backdoor programs, and
possibly extract passwords on it. Depending on your situation this may or
may not be a problem. I hope some of this helps. The links below also may
help. --- Steve

http://www.microsoft.com/athome/security/protect/default.mspx -- Protect
your PC from Microsoft.
http://mvps.org/winhelp2002/unwanted.htm -- tips on securing Internet
Explorer and how to check for parasites.
http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp

"Sidney" <Sidney@discussions.microsoft.com> wrote in message
news:9490515A-DC16-4163-B101-3B183F31ED79@microsoft.com...
> Hello,
> I am having very serious problem with an outside threat who is accessing
> my
> computer system Illegally, by accessing my DISABLED user's accounts and
> DISABLING my mcafee personal firewall plus to gain Illegal access to this
> computer and who is keylogging my passwords, removing, modifying,
> recreating
> the programs on this dell computer system, stopping scheduled scans from
> running and who is also compromsing my emails accounts, deleting emails
> from
> tech support agents who are sending troubleshooting steps to remove this
> outside threat from my computer system.
>
> The hard drive will be replaced on this dell computer system 3 times and I
> have only had this computer for less than one year and I performed system
> restores, reinstalling the windows operating system, system configs and
> various other troubleshooting steps and still I Cannot remove this outside
> threat from this dell computer system.
>
> Do you have any suggestions, on how to remove this outside threat, from
> this
> dell computer system?
>
> Thank You,
> Anita



Relevant Pages

  • Re: Automatic System Shutdown after installing XP
    ... > every time I get on the internet, if I am on for more ... to the Internet without first applying operating system patches for ... From a different, clean machine download Stinger ... reinstall your av or install a new, ...
    (microsoft.public.security.virus)
  • Re: need help with custom-built pc
    ... Are you positive that during the installation of Windows ... > passwords, I never set up any of my systems with any kind of password. ... >> you can connect to the internet. ... Did you install SP-2? ...
    (microsoft.public.windowsxp.hardware)
  • Re: Identity Theft
    ... to see what your new passwords are. ... I would also install a host firewall such as the free for personal use ... access the internet and alert you when unauthorized programs are. ... > PayPal Accounts and Illegally access my other accounts on the Internet. ...
    (microsoft.public.security)
  • Re: need help with custom-built pc
    ... Are you positive that during the installation of Windows you ... Passwords and User Accounts tend ... > you can connect to the internet. ... Did you install SP-2? ...
    (microsoft.public.windowsxp.hardware)
  • Re: NAV Pro 2003 Install Question
    ... How are you accessing the Internet? ... > I am attempting to install Nortin AntiVirus Professional ... > 2003 to an XP Operating System. ... Please establish a connection to the Internet ...
    (microsoft.public.windowsxp.security_admin)