Just a warning Debs had her computer Hi-Jacked Sunday night/early hours. It doesn't look like they did nowt serious just looked at mail and some forum stuff anything to do with payment looks untouched but we will be getting statments.
It was probably just kids but I just wanted to post a reminder to keep you AV software and windows up to date and also make sure you are running a firewall and checking for spyware.
for someone to have access in this way, i'm afraid one of you in the house will have needed to 'give' them access. This is either by opening a file or running an executabble that is then TSR (Terminate and stay resident).
There are lots of websites with information on this. Cult of the dead cow, Back Orifice etc etc....
Basically when you click it runs up an app which then gives the hacker an IP addy and can then access your sessions... Although it's not a 'live' envronment so they can't see what you can see, just have access to files/folders etc...
I do this for a living reading up it sounded like a subseven. Debs has two kids and there are always being sent stuff so It's not suprising this has happen. It could have been going on for ages but somone got careless and thats when we noticed. Im building her a new machine and turning her one into a Linux firewall/fileserver so we can secure all important stuff.
I'm kinda curious in case this kind of thing happens to me/anyone....how could you tell someone had accessed the pc? Do you have some other software running and were alerted to the fact?
I have avg running and a router that has a hardware firewall but I still wonder about security at times.
We noticed when some files from her phone were moved Phone is linked to computer by bluetooth, also some of her email were shown as read when she had not read them. As long as you are carefull and dont open files that you don't know what they are you should be ok.
As I said I'm building a new ahine for her but have told Debs and the kids not to leave it on when they are not using it untill I get up there and sort it out.
I will check this reg key as it looks like most backdoor app start from here. But I will keep you all posted over the weekend.