Being taken over

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire
Following my phone and laptop being taken over by AN Other a couple of years ago, despite security precautions since then, I began to feel that my laptop was again at times being interfered with, especially when using my Facebook account. I would type something and then look at the screen and it was all mixed up spaces where there should not be and no spaces where there should. so I decided to take a look at my local DNS file. To be honest it did not make any sense to me at all, as my version of Win10 is the basic version however the very first entry on the file was:-

Windows IP Configuration

vortex-sandbox.data.microsoft.com
----------------------------------------
No records of type AAAA


vortex-sandbox.data.microsoft.com
----------------------------------------
Record Name . . . . . : vortex-sandbox.data.microsoft.com
Record Type . . . . . : 1
Time To Live . . . . : 90399
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


watson.ppe.telemetry.microsoft.com
----------------------------------------
No records of type AAAA


watson.ppe.telemetry.microsoft.com
----------------------------------------
Record Name . . . . . : watson.ppe.telemetry.microsoft.com
Record Type . . . . . : 1
Time To Live . . . . : 90399
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


vortex.data.microsoft.com
----------------------------------------
No records of type AAAA

No records for type AAAA simply means IPV6 is disabled as I have found that to be a source of infiltration previously although it seems impossible to block IPV6 on my Android phone. I was not however aware I was using a sandbox

Looking on the internet I found a few sites that advised me of how to flush the DNS on Win10. This being one of the many. It is a practice I used to do on WinXP win2K and Vista previously but for some reason I stopped the practice. I looked into what the downside would be to doing this procedure on Win10, which was mainly just slow connections to website I frequently use as the local record needs to rebuild. So I decided to flush the cache and immediately upon rebooting, my Facebook landing page changed to a modern clean looking one as below.
The laptop seems to be behaving itself now and my typing, as in this post for example had only two typos as opposed to the dozen per line I was experiencing previously.

Whilst I am not prepared to debate the Win/Linux issue having used both for many years, or the efficacy of using FB, we have done them both to death previously, I was wondering if anyone else was prepared to admit they had ever had similar issues.
 

Attachments

  • fbn.PNG
    fbn.PNG
    46.7 KB · Views: 31

Lazarus

Retired Moderator
Joined
May 29, 2009
Messages
27,078
Reaction score
8,664
Points
113
My Satellite Setup
80cm Motorised.
Several small Dishes.
Much else.
My Location
North York Moors
No, no similar issues - regardless of OS.
 

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Joined
Jan 1, 2000
Messages
35,533
Reaction score
8,554
Points
113
Age
59
Website
www.sat-elite.uk
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK
Whilst I dont have any social media accounts, with the old laptop and office computer running XP, I used to have the AdAware anti spyware programme installed and would run it once every fortnight or so.

Unlike all other programmes this would find and report items that nothing else could discover and then give me full control on the removal or quarantining. It was a real shame when the support finished, though even up to about three years ago it was still worth running on clients machine that had strange issues the built in rubbish couldn't clear (Symantec/McCafee).


The latest offering 'WebCompanion' which is offered as bundleware with a host of other freebies is definitely worth avoiding.
 

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire
Having just done some other checks it seems I may have some sort of apple redirect virus on board
whatsmyip.PNG

Anyone have any knowledge of this apple webkit???
 

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Joined
Jan 1, 2000
Messages
35,533
Reaction score
8,554
Points
113
Age
59
Website
www.sat-elite.uk
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK

I heard somewhere that Safari (Apple) is a webkit design, if that makes sense
 

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire

I heard somewhere that Safari (Apple) is a webkit design, if that makes sense
Hardly as I have nothing "Apple" on my phone not even iTunes, but further deep reading reveals that Chrome uses the Apple webkit as standard, who could have known?
 

hexah

Specialist Contributor
Joined
Oct 7, 2009
Messages
2,838
Reaction score
680
Points
113
Age
17
My Satellite Setup
motorized Gibertini 85cm, fixed dishes from 1m to 64cm, generic FTA HD RX, TBS DVB-S2 PC card, a pile of bits and pieces
My Location
Hadrians Wall
Windows 10 is MaaOS (malware as an operating system). :(

I suggest backing up all data to other disks. Then when a new Windowoze 10 version is released wait a month then download the ISO, delet the existing install, do a new install on the now 'empty' disc. Do this every time a new windowoze 10 version is released, a clean install instead of an update. It is easier to use GNU Loonix which is more secure by design and keeps data on a different partiton by default but there is a learning curve.

If you use a lot of e-mail -{pay attention all sole traders and small businesses}- have a seperate computer only used for emails. If you print emails use an ethernet connected lazer printer connected direct to the computer not the router (i.e. network seperation) and never use it with any other computer. You can use an old piece of crap, an old laptop, a pi, NUC, or make something with an intel SoC or AMD Athlon. Power and nice UI doesn't matter with emails. Don't forget to turn off images in emails.
 

hexah

Specialist Contributor
Joined
Oct 7, 2009
Messages
2,838
Reaction score
680
Points
113
Age
17
My Satellite Setup
motorized Gibertini 85cm, fixed dishes from 1m to 64cm, generic FTA HD RX, TBS DVB-S2 PC card, a pile of bits and pieces
My Location
Hadrians Wall
Also, always disconnect your computer from the internet before installing Windowose 10 or it will download all sorts of garbage and molest your new install.
 

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire
Am still very suspicious that I am being monitored or intercepted, I now use a firewall and a VPN and of course an AV. My ISP will not let me log into my on-line mail whilst using a VPN (they claim it is an issue with the VPN software), so when I switched my VPN back on yesterday before visiting Facebook, I was presented with this login page. Comments?

as1.PNG
 

Terryl

Specialist Contributor
Joined
Apr 14, 2011
Messages
3,246
Reaction score
1,932
Points
113
Age
82
My Satellite Setup
OpenBox X5 on a 1 meter motorized dish.
And now a 10 foot "C" band dish.

Custom built PC
My Location
Deep in the Boonies in the central Sierra Nevada mountains of California.
You may have a browser hijack going on, the only way I know of to remove it is to completely remove the browser, then do a registry clean, and remove all cookies, settings and other stuff for that browser, on some browers it will save your settings and bookmarks,(like firefox.old) unfortunately you will have to dump these also, you could save your bookmarks to a CSV file and look through it, then dump anything that looks suspicious.

I use CCleaner for this task, then do a spyware sweep, malware sweep and an AV sweep, then re-install a fresh download of the browser.

Here is some info on this.

 

jeallen01

Specialist Contributor
Joined
Oct 12, 2003
Messages
6,674
Reaction score
2,630
Points
113
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Also, always disconnect your computer from the internet before installing Windowose 10 or it will download all sorts of garbage and molest your new install.
Install something like IObit "Uninstaller" (the Free version - keeps nagging you to pay for the "Pro" upgrade but that's not necessary!) , and then check after each Windows update and delete any newly installed crap - in my experience over a year or so, once you have deleted a particular crappy App (like all the XBox stuff!) then it's unlikely to reappear again :)
 
Last edited:

william-1

Super Moderator
Staff member
Joined
Jul 2, 2005
Messages
12,180
Reaction score
12,266
Points
113
Location
Epping Forest
My Satellite Setup
OP Gibertini 100 XP+ Inverto Black Ultra Lnb
Superior Dark Motor (160° max)
(50 east to 45 west)
Octagon SX88+Optima (A/B switch) Edision primo IP S2

Raven 88cm Mesh Dish + IBU Twin output
Stab100 H to H (120° max)
(53 east to 45 west)
Octagon SX88+ Ultra HD (A/B switch) Golden Interstar Alpha_X
My Location
Epping Forest Essex
I have uninstalled CCleaner as these tasks can be carried out using the current PC tools >>> Disk Clean up --- Tools >> Optimize & defragment drive,
This is also more user-friendly to your PC registry.
 

jeallen01

Specialist Contributor
Joined
Oct 12, 2003
Messages
6,674
Reaction score
2,630
Points
113
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
I have uninstalled CCleaner as these tasks can be carried out using the current PC tools >>> Disk Clean up --- Tools >> Optimize & defragment drive,
This is also more user-friendly to your PC registry.
Maybe so, but "Uninstaller" is a lot simpler/quicker to use, and you can positively select what you do/don't want to uninstall - and why is your approach (which I don't doubt does work) "more user-friendly to your PC Registry"?
BTW: I uninstalled CCleaner a LONG time ago after it was found to be installing malware:-doh
 

william-1

Super Moderator
Staff member
Joined
Jul 2, 2005
Messages
12,180
Reaction score
12,266
Points
113
Location
Epping Forest
My Satellite Setup
OP Gibertini 100 XP+ Inverto Black Ultra Lnb
Superior Dark Motor (160° max)
(50 east to 45 west)
Octagon SX88+Optima (A/B switch) Edision primo IP S2

Raven 88cm Mesh Dish + IBU Twin output
Stab100 H to H (120° max)
(53 east to 45 west)
Octagon SX88+ Ultra HD (A/B switch) Golden Interstar Alpha_X
My Location
Epping Forest Essex
Maybe so, but "Uninstaller" is a lot simpler/quicker to use, and you can positively select what you do/don't want to uninstall - and why is your approach (which I don't doubt does work) "more user-friendly to your PC Registry"?
BTW: I uninstalled CCleaner a LONG time ago after it was found to be installing malware:-doh

I had iorbit uninstaller for a long while worked just fine so have gone back to it. :)
 

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire
You may have a browser hijack going on, the only way I know of to remove it is to completely remove the browser, then do a registry clean, and remove all cookies, settings and other stuff for that browser, on some browers it will save your settings and bookmarks,(like firefox.old) unfortunately you will have to dump these also, you could save your bookmarks to a CSV file and look through it, then dump anything that looks suspicious.

I use CCleaner for this task, then do a spyware sweep, malware sweep and an AV sweep, then re-install a fresh download of the browser.

Here is some info on this.

Thanks for the replies, but nah I have already done all that three times now this year, I can assure you I am pretty clued up on such basic stuff, I use paid versions of, Ashampoo optimizer, Malwarebytes, Malwarebytes Privacy (VPN) I supplement with a CCleaner free version sweep up at the end, it is wierd though
 

2cvbloke

Regular Member
Joined
Jan 5, 2006
Messages
9,768
Reaction score
1,808
Points
113
Age
38
My Satellite Setup
No satellite stuff for the moment (aside from a 43cm minidish that was on the house already), Samsung SyncMaster T27B550 Smart TV & Monitor, and a few computers...
My Location
Near Pontop Pike, Co. Durham
If it's something that doesn't want to be removed, then backup your data and nuke & pave, can't beat a good format & reinstall for a fresh start free from malware... ^_^
 

Lazarus

Retired Moderator
Joined
May 29, 2009
Messages
27,078
Reaction score
8,664
Points
113
My Satellite Setup
80cm Motorised.
Several small Dishes.
Much else.
My Location
North York Moors
If it's something that doesn't want to be removed, then backup your data and nuke & pave, can't beat a good format & reinstall for a fresh start free from malware... ^_^

Quite. Certainly for vulnerable OS like Windows, reinstalling at least annually is a sensible approach.
 

Topper

Amo Amas Amant Admin
Staff member
Joined
Nov 18, 2004
Messages
23,991
Reaction score
4,014
Points
113
Age
69
My Satellite Setup
Has gone to a good home elsewhere
My Location
Blackburn, Lancashire
Quite. Certainly for vulnerable OS like Windows, reinstalling at least annually is a sensible approach.
Well it is almost every month that MS attempt to trash the laptop with their monthly DMHTG updates that either lose some or all of your files or lose your profile and create a temporary one, resulting in your files not being available on the temp profile. For that reaon a full backup id done every month but in this case it was a complete one off when that screen appeared and has not happened since, I do not believe there is anything approaching a hijack taking place, remote monitoring perhaps despite all options being revoked.
 

2cvbloke

Regular Member
Joined
Jan 5, 2006
Messages
9,768
Reaction score
1,808
Points
113
Age
38
My Satellite Setup
No satellite stuff for the moment (aside from a 43cm minidish that was on the house already), Samsung SyncMaster T27B550 Smart TV & Monitor, and a few computers...
My Location
Near Pontop Pike, Co. Durham
Makes me glad I never succumbed to the "free upgrade" to windows 10, makes 7 seem perfectly safe and reliable, cos, well, it has been... :lol:
 

Lazarus

Retired Moderator
Joined
May 29, 2009
Messages
27,078
Reaction score
8,664
Points
113
My Satellite Setup
80cm Motorised.
Several small Dishes.
Much else.
My Location
North York Moors
Makes me glad I never succumbed to the "free upgrade" to windows 10, makes 7 seem perfectly safe and reliable, cos, well, it has been... :lol:


Oddly, I got on well with Win 10 until an "upgrade" that left my Linx 1010 suffering random screenfreeze several times day ...... once I'd exhausted Google and my patience, I replaced it with Fedora. Absolutely brilliant.
 
Top