hijacking or i-bot

bambi007

have a little problem with data on my computer.
Somebody is hijacking data right from the hard drive,
not Ip's or msn - data from files under MyDocs or desktop.
im running vista and the security is on - firewall
is automatic.
How do I find the traces and is there a software to
prevent it?Help!!!!!
Thankzzz

HackmanC

That's a feature Windows lacks of by
default, logging times of user logins.

Traces are difficult to find, in case
you have a intruder by some service your
machine is running, and worst if you
have a root kit.

The Firewall of Windows is good but
not enough in difficult cases, you need
a better firewall, like ZoneAlarm.

ZoneAlarm is very good, but you have
to configure it well, or you can make
yourself invisible to the network... 8-)
But you can always uninstall it.

On the worst cases of virus, dialers, etc.,
I already had, ZoneAlarm was the element
that gives me the traces, not the Antivirus.

[red]Good luck![/red]
[blue]Hackman[/blue]

bambi007

thanks hackman - i will look for zoneAlarm,
i like the idea for being invisible to the network...
shall try as well ...if the network cant sense u there
in theory the dude who is hacking cant "grab" ur info -rite?
hey the visibility - does it effect me using the system?
i can still surf and use my online programms, rite? and no one will
know im there - thats sweeeeeeeeeeeeet, whn it works.
thanks bambi


: That's a feature Windows lacks of by
: default, logging times of user logins.
:
: Traces are difficult to find, in case
: you have a intruder by some service your
: machine is running, and worst if you
: have a root kit.
:
: The Firewall of Windows is good but
: not enough in difficult cases, you need
: a better firewall, like ZoneAlarm.
:
: ZoneAlarm is very good, but you have
: to configure it well, or you can make
: yourself invisible to the network... 8-)
: But you can always uninstall it.
:
: On the worst cases of virus, dialers, etc.,
: I already had, ZoneAlarm was the element
: that gives me the traces, not the Antivirus.
:
: [red]Good luck![/red]
: [blue]Hackman[/blue]

HackmanC

I explain what means invisible to the network..

When another PC wants to know if your PC is alive,
it send a message to your PC in what is named a "port",
but ZoneAlarm is capable of block "all" traffic in your
PC, inbound and outbound.

If you block all inbound messages, that is ZoneAlarm
High Security Configuration, your PC don't answer to
anything, (like Windows File/Printing Sharing), even
a very simple test of been alive which is named "ping",
of course you lost some functionalities.

But for me, the most important thing is not there!

One important thing its that ZoneAlarm will log every
connection to the lan, internet or from there.

The most important thing about ZoneAlarm is that it
will "alert" you when "any" application in your PC
will try to connect to other computer on your lan or
in the Internet. And you can "deny" the "inbout" or
"outbound" connection if you want.

In other words... if a virus try to send your info
to the Internet, you will get a message for ZoneAlarm
saying ... "The application gatorsp56svn_v658.exe is
trying to connect to the 68.129.23.78"...

... allow / deny ?

Other case ... "The application Microsoft Office Update is
trying to connect to www.microsoft.com"...

... allow / deny ?

Or when it is a inbound connection it will show a message
something like this ... "The 68.128.32.79 is trying to
connect to port 1433 (MSSQL)" ...

... allow / deny ?

Other case ... "The yourcompany_office01.lan is trying to
connect to port 23 (FTP)" ...

... allow / deny ?

Of course you have to learn the basics of ZoneAlarm
Configuration. If you answer deny, you loose some
connectivity on the "application" or the "port" for
a while, which affect the functionality of some network
applications, like Download Accelerator Plus, or P2P
networks.

[red]Good luck![/red]
[blue]Hackman[/blue]