Have I Been Hacked?

Discussion in 'Windows Vista Security' started by TeeFran, Aug 29, 2008.

  1. TeeFran

    TeeFran Guest

    Hello all.
    A couple months ago I was having problems with Vista and software no
    operating correctly, so I restored Vista to it’s original factor
    settings and things have been fine. I re-activated my purchase
    softwares and what-not. About a month ago though, I logged off and th
    next day upon hitting the button to turn the PC on it came on like i
    does when it boots from sleep or hibernate, and my wireless interne
    account was active. I closed the connection and shut the system down
    The day after that I had to re-add my wireless internet connection as
    was not listed with the other names in the connection box. Normally m
    wireless connection is the first one at the top of the connection box
    Then a day or so after that my name was at the bottom or further dow
    than it normally is in the connection box and another name/connectio
    was at the top where my name normally is. I immediately added a standar
    user instead of having just me as the only administrator/authorize
    user, and I activated parental control for the standard user and gav
    the standard user only limited access to the PC. For the most part
    only get online now with the new standard user, and for the last tw
    weeks or so I have not noticed any anomalies. But today using my norma
    admin account I downloaded a file online and I attempted to convert i
    using a software I bought last year to convert files from one format t
    another and my System ID has been changed (like it was when I restore
    to factory settings). I had already contacted the company and got a ne
    activation code for my new System ID when I restored a few months back
    Now I need to contact the company once again for another activation cod
    for this software to go with another System ID.

    Questions
    1) Does it sound like my PC was and/or has been hacked?
    2) When I was noticing all the strange things before could someone hav
    changed my System ID then an
    I’m just now noticing it
    3) Could someone still have a window into my System?
    4) Is there any other way your System ID can be changed beside
    restoring to factory settings?
    5) I only restored once so how can my System ID be different agai
    without a second restore?
    6) Could just adding a new standard user have changed my whole Syste
    ID?
    7) Or could the software itself or another software be screwing with m
    PC

    And finally
    8) If I have been compromised, how can I make my regular admin accoun
    more secure, with or without using UAC (which I don’t like using)

    Please help
    :confused
     
    TeeFran, Aug 29, 2008
    #1
    1. Advertisements

  2. TeeFran

    Kayman Guest

    Help: I Got Hacked. Now What Do I Do?
    http://technet.microsoft.com/en-au/library/cc512587.aspx

    Installing and reinstalling Windows.
    Reinstalling Windows Vista when you want to restore default Windows
    settings or when you are having trouble with Windows and need to reinstall
    it by performing a clean installation.
    https://windowshelp.microsoft.com/Windows/en-US/Help/e77344fa-e978-464c-953e-eba44f0522671033.mspx

    How To Perform a Repair Installation For Vista.
    http://www.vistax64.com/tutorials/88236-repair-install-vista.html

    For Vista the most dependable defenses are:
    1. Do not work in elevated level; Day-to-day work should be performed
    while the User Account Control (UAC) is enabled.
    User Account Control Step-by-Step Guide.
    http://technet.microsoft.com/en-us/library/cc709691.aspx
    Understanding and Configuring User Account Control in Windows Vista.
    http://technet.microsoft.com/en-us/library/cc709628.aspx

    2. Familiarize yourself with "Services Hardening in Windows Vista".
    Services Hardening in Windows Vista
    http://www.microsoft.com/technet/technetmag/issues/2007/01/SecurityWatch/
    Educational reading:
    10 Immutable Laws of Security
    http://technet.microsoft.com/en-us/library/cc722487.aspx

    3. Don't expose services to public networks.
    Windows Vista Service Configurations Introduction
    http://www.blackviper.com/WinVista/servicecfg.htm

    4. Keep your operating (OS) system (and all software on it)
    updated/patched. (Got SP1 yet?).
    Why Service Packs are Better Than Patches.
    http://www.microsoft.com/technet/archive/community/columns/security/essays/srvpatch.mspx?mfr=true

    5. Reconsider the usage of IE.
    Utilizing another browser application can add to the overall security of
    the OS.
    Alternative Browsers:
    Operaâ„¢
    http://www.opera.com/download/
    Firefoxâ„¢
    http://www.mozilla.com/en-US/
    The SeaMonkey® Suite (Internet Browser)
    http://www.seamonkey-project.org/
    --or--
    5a.Secure (Harden) Internet Explorer.
    IE7 safe/secure settings
    Internet Explorer7 Desktop Security Guide
    http://www.microsoft.com/downloads/...DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en
    Internet Explorer Enhanced Security Configuration changes the browsing
    experience
    http://support.microsoft.com/default.aspx?scid=kb;en-us;815141
    The Internet Explorer 7 Security Status Bar
    http://www.microsoft.com/windows/products/winfamily/ie/ev/security.mspx
    Extended Validation SSL Certificates
    http://www.microsoft.com/windows/products/winfamily/ie/ev/default.mspx
    Note: Tight security settings will break down some websites. You need to
    add these websites into the Trusted Zone for smooth access.
    You could consider disabling all Security Settings in IE and use IE only
    for the 'Patch Tuesday' updates; To do so you must add the following URL's
    to the Trusted sites:
    http://update.microsoft.com
    http://download.windowsupdate.com
    https://*.update.microsoft.com
    http://*.update.microsoft.com
    http://*.microsoft.com

    6. Review your installed 3rd party software applications/utilities;
    Remove clutter, *including* 3rd party software personal firewall
    application (PFW) - the one which claims:
    "It can stop/control malicious outbound traffic".
    Remove clutter, dispose of all your 'Anti-Whatever' applications. Keep your
    pc lean, install only applications you are really need - try to be a
    'minimalist'.
    Belarc Advisor can assist
    http://www.belarc.com/free_download.html
    --As can--
    Revo Uninstaller
    http://www.revouninstaller.com/

    7. Activate the build-in firewall and tack together its advanced
    configuration settings.
    Tap into the Vista firewall's advanced configuration features
    http://articles.techrepublic.com.com/5100-10877-6098592.html
    --Or--
    Configure Vista Firewall to support outbound packet filtering
    http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1247138,00.html
    --Or--
    Vista Firewall Control (Free versions available)
    http://sphinx-soft.com/Vista/
    Managing the Windows Vista Firewall
    http://technet.microsoft.com/en-us/magazine/cc510323.aspx

    7a.If on high-speed Internet connection use a router.
    Implement countermeasures against DNSChanger.
    http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html

    And (just in case) Wired Equivalent Privacy (WEP) has been
    superseded by Wi-Fi Protected Access (WPA).

    8. Utilize one (1) each 'real-time' anti-virus and anti-spy
    application.
    Avira AntiVir® Personal - FREE Antivirus
    http://www.free-av.com/
    (The free version won't scan your emails.)
    Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
    http://thundercloud.net/infoave/tutorials/email-scanning/index.htm
    Ensure your e-mail program is configured to display e-mail messages in
    'Plain Text' only.
    You may wish to consider removing the 'AntiVir Nagscreen'
    http://www.elitekiller.com/files/disable_antivir_nag.htm

    Windows Defender - (build-in in Vista)

    9. Employ vital operating system monitoring utilities/applications.
    Process Explorer, AutoRuns, TCPView etc.

    10. Routinely practice Safe-Hex.
    http://www.claymania.com/safe-hex.html

    Also, ensure you back-up regularly; Develop a Contingency Plan; Be
    prepared! Consider "What if..."

    Good luck :)
     
    Kayman, Aug 29, 2008
    #2
    1. Advertisements

  3. TeeFran

    TeeFran Guest

    I knew it! I Knew it

    Every since I've been a member of this forum, it's never taken anyon
    this long to post back to me, or either this post is in the wron
    place...

    or

    I"m screwd maaaaaan!!!!

    OH my GOD!!
    OH my GOD!!
    OH my GOD!!
    :sick
     
    TeeFran, Aug 30, 2008
    #3
  4. You're a raving, moronic child.

    Did you look at anything in the reply from "kayman"?
     
    Paul Montgomery, Aug 30, 2008
    #4
  5. TeeFran

    TeeFran Guest

    OK I've been doing some searching on the web and came across som
    websites and other tech support sites and at Microsofts site my pos
    from here has been forwarded to them so much thanks to whoever did that

    Some guy named Kayman posted some articles over there that I'
    currently reading and printing out, and I'll go from there

    Anyway, thanks

    (BTW, if these posts ARE in the wrong place on the forum, maybe one o
    the moderators can delete them or move them)
     
    TeeFran, Aug 30, 2008
    #5
  6. The forum software you are on did that. All the posts from "guests"
    come from the Microsoft site, not from the forum users.
    Shows one of the big problems with your forum: it SHOULD have that
    post, but it doesn't.

    Stick with the groups here if you MUST use a web-interface:

    http://www.microsoft.com/communities/newsgroups/en-us/
     
    Paul Montgomery, Aug 30, 2008
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.