sam15
asked on
Laptop_networrk_securiity.
I could not access my yahoo mail account today.
I googled "yahoo email reset" and found a number and called them
When they answered i thought it was a yahoo support center in india.
I allowed them to log into my laptop and he ran "netstat" and "tree" to show me that my laptop and netowrk has been hacked and i need a certified MS technician for $300 to clean it up.
I figured this seems like a scam and later on I found the correct yahoo customer care number.
The problem is I allowed their unknow person to log into my laptop. I do not even recall giving him my ip address so i am not sure how he edid it. I only gave him my email address, so he might have gotten it using my log me in account.
I do not think he installed anything other than the log me in software.
But I want to verify there is nothing installed or spy software or anything else.
I do have norton 360 installed.
Is there a way for them to log back in or can i run norton 360 or any other software to ensure there is no spy software or other malicious things running on the laptop.
I googled "yahoo email reset" and found a number and called them
When they answered i thought it was a yahoo support center in india.
I allowed them to log into my laptop and he ran "netstat" and "tree" to show me that my laptop and netowrk has been hacked and i need a certified MS technician for $300 to clean it up.
I figured this seems like a scam and later on I found the correct yahoo customer care number.
The problem is I allowed their unknow person to log into my laptop. I do not even recall giving him my ip address so i am not sure how he edid it. I only gave him my email address, so he might have gotten it using my log me in account.
I do not think he installed anything other than the log me in software.
But I want to verify there is nothing installed or spy software or anything else.
I do have norton 360 installed.
Is there a way for them to log back in or can i run norton 360 or any other software to ensure there is no spy software or other malicious things running on the laptop.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
here is the file arttached.
hijackthisfile.txt
hijackthisfile.txt
You have a lot of entries showing missing files. Since you have Norton 360, use it to clean up your registry. Then, rerun HijackThis and post the new file.
...RG
...RG
Use HijackThis to remove any traces of lsass.exe
Otherwise I see no real threats
Otherwise I see no real threats
ASKER
I did clean up the registry using norton 360.
also ran hijack this and selected all the lsass.exe entries and then FIX this but it does not seem to delete it. I also see file missing message nexto to each entry.
I am attachine the new file.
file1.txt
also ran hijack this and selected all the lsass.exe entries and then FIX this but it does not seem to delete it. I also see file missing message nexto to each entry.
I am attachine the new file.
file1.txt
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
also look online for firewalls like zonealarm which is 100 times more better than the std windows firewall.
Having a dencent firewall will put you in control of what to allow in and what to allow out so youhave peace of mind in knowing 'your da man'
Having a dencent firewall will put you in control of what to allow in and what to allow out so youhave peace of mind in knowing 'your da man'
Norton 360 has a great firewall with it. It's a good product that is surprisingly efficient. Are you on Version 6? ...RG
ASKER
I did run malaware and it did clean up a few things that norton did not seem to catch or care about. I also attached a new hijack file and it still has references for lsass.exe (file missing).
How does "netstat" verify that no one is connected to my address? I still cant figure out how the otehr guy was able to login to my laptop by giving him my email address. I thought you need at least an ip address for remote log me in. He must have access to my log me in account.
How does "netstat" verify that no one is connected to my address? I still cant figure out how the otehr guy was able to login to my laptop by giving him my email address. I thought you need at least an ip address for remote log me in. He must have access to my log me in account.
ASKER
BTW, norton 360 installed is version 6.3.0.
Commonly, technical support will provide you a link to click and connect to them. That way, you are actually penetrating the firewall from your end. And, the remote IP for the connection is theirs. Is this what was done?
You can run "netstat -b -f" to display detail about all the active connections. Ensuring that it is all valid is up to you. You can provide the list here for our review as well.
...RG
You can run "netstat -b -f" to display detail about all the active connections. Ensuring that it is all valid is up to you. You can provide the list here for our review as well.
...RG
ASKER
Let me know if you see anything unusual. Also would this check if netowrk is hacked or that is more of a bluff by the company.