[gillecriosd]

Hello,

Sorry if this isn't the right place to post this.

Background: A friend of mine was/is being stalked on the web. After receiving a spoofed message from him in my old email account requesting her email address, I sent him a message in legalese asking him to cease his activities. I then began receiving messages from him at my MySpace acount. Apparently he was able to hack my old, subsequently deleted, email acount as I found out after he deleted his messages and get my information.

After I received the MySpace messages I signed up for profilesnitch to try and find out where they were coming from. However, two of the messages returned my IP address. The others varied and I assumed he was using a proxy. He then deleted those accounts and began new ones effectively erasing his messages again. MySpace informed me that they do not keep deleted messages.

I then got worried. This guy has apparently continued to stalk my, now, former friend. (He interfered in our relationship and now we do not talk because of this!) He has also begun harassing another of her friends, according to him, and has again tried to make it look like I am to blame. I do not know what has been sent in my name if anything.

I have made multiple reports to the police, but there has been no action.

I then tried checking my home computer for malware, etc. and found quite a few, although I do not know exactly what they were as I "fixed" them without thinking. I then found out the firewalls were not on. When I turned them back on I began receiving reports of "attempted attack" on the computer labeled "high risk."

My questions are:

1. How did he send me MySpace messages with my IP?
2. If he's using a high-end anonymizer, how can he be tracked?
3. If he used a Trojan or some other program, how do I locate it and trace it?
4. If one of the problems I "fixed" was a trojan, is there anyway to recover it and trace the sender? Like an imbecile, I also started using an internet tracks eraser and a shredder to keep my info offline.
5. This guy claims to be in IT and claims he can manipulate IP addresses. What else can he do?
6. If this guy has actually done what he's said, am I pretty much screwed? (I realize that's probably a legal question.)

Thanks for whatever help you can provide.

[Byteman]

Hi,

I'm not going to try to answer all your issues and questions at first-

I would say your easiest thing to try, to make sure no one is able to access anything on your computer if that is what is going on, would be to:

1. If you use a high speed, or broadband Internet connection like cable, or DSL, and you cannot change ISP's, get a router if you do not have one! A router most often acts as a hardware firewall, protecting your IP address a good deal and effectively hiding your computer online. They are not expensive, but you would need to consider whether you use any computers like notebooks, that connect with a wireless device, to the Internet....there are plain wired-only routers and there are wireless_plus_wired routers....just a small increase in cost, the most I've paid for one is $40.

Instead of the cable or DSL broadband modem connecting to your pc, you connect it to the router and then on to each computer wirelessly or by network cable, whichever type you have.

The router is easy to set up and will come with a guide or have one online for you to follow.

Then, you can continue to do any "research" if you wish, to try and find things out...though, it is not an easy task in some cases to get legal proof of a hacking attempt.

There may also be malware that is not "found" by even the most respected antispyware programs, but we could help you look for any of the nasty keyloggers, rootkits, etc that are very prevalent these days- first though, I would strongly suggest getting a router if you do not have one.

What do you think about that?

[gillecriosd]

We had a router but had to get rid of it because it kept resetting and we were not able to use the web. If I can get another router that won't do that I will as soon as I have the money. It won't interfere with the ISP will it? I'm not overly computer savvy. Is there an online routing source?

So how do I check for trojans, etc.?

[lunarlander]

Please see the sticky in this forum "Security Help Tools". There are several online scanners that you can use.

[Byteman]

Hi,

We can use some of the free available tools to check for malware, but you also are welcome to scan at online scan sites...

Here are some tools you can download then use - just make sure you print out this material to have as a guide- it is important to run the tools just as the steps for each say.

First, we need to have you do this:

Let's have you post a log from Hijackthis and maybe we can spot anything out of place:
go to Click here to download HJTsetup.exe

• Click "Download the Hijackthis Installer" link in blue.
• Save HJTsetup.exe to your desktop.
• Double click on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a log file button. It will scan and then save the log and then the log will open in Notepad.
• Don't use the Analyse This button, its findings are dangerous if misinterpreted
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

_ _ _
Please also do this:

• Open Hijack This and click on the "Open the Misc Tools section" button.
• Click on the "Open Uninstall Manager" button.
• Click the "Save List" button. After you click the "Save List" button, you will be asked where to save the file. Pick a place to save it then the list should open in notepad.
• Copy and paste that list here in your reply

_ - _____ _ _ _ _ _

Next;

Housecall online scan:
http://www.trendsecure.com/portal/en...security_tools

Be sure to set the option to scan "Entire Computer"- (all hard disks).

Also, be sure to save the Report, there are directions when your scan finishes, to save the log so you can post it here.

Or, use this scanner:

Kaspersky online full scan

• Please go HERE and click Free Online Scanner
• Read and Accept the Agreement
• You will be promted to install an ActiveX component from Kaspersky, Click Yes.
• If you see a Windows dialog asking if you want to install this software, click the Install button.
• The program will launch and then begin downloading the latest definition files,
• When the "Update progress" line changes to "Ready" and the "NEXT ->" button becomes available, please click on it.
• Click on the Scan Settings button, and in the next window select the Extended database, and click Ok.
• Under "Please select a target to scan:", click My Computer to start the scan.
• When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop, close the Kaspersky On-line Scanner window.
• Copy and Paste the contents of the on line scanner results into a Reply here in your thread, along with a new HJT log and log from any other scans you run.