This is to everybody. The people on this site have helped me, and now I want to help them, as well as others who come to this site. It's a warning of how to start thwarting the hacker who hacked me. I am spreading this message around, and so should you. Here it is; Any reader here who wants to examine the files I've saved should do so through the moderator of this thread, who can forward your request to my email address that they have for me..
I'm an American retired in Mexico. I am submitting information that I feel sure will help people who are being hacked.
I am not seeking advice here. I am offering information that YOU might be able to use to help nail a hacker.
There is an infection in my PC, that notes my activies online and sends out the information to the hacker. I can only identify a part of that hack, but it is significant, and many people may not realize they've been hacked, as I could, because I use no mobile devices.
I am spreading this information, which I don't think many people can find, because almost everyone uses mobile devices. I will submit the entries I've cut and saved to another folder, to anyone I write to who wants to study them. Those "Destinations" ought to be very interesting. If you want copies of the entries, use the email address I gave above.
I'm using W7, but other OSs probably have similar things. In the C:/Usesrs/Owner/AppData/Roaming/Microsoft/Windows/Recent folder. in it, there are two folders, "AutomatiacDestinations" and "Custom Destinations."
I think these are used to send stuff to or from your mobile devices and also to other peoples' devices. But the hack uses those folders, also. Most people could be looking right at those folders and see nothing wrong, because both will show stuff they sent on their mobile devices, which they aimed at some destination. But for those who are hacked, among those entries will be entries put in those folders by the hacker, presumably to send himself information about the victim.
The only reason I found them is because those two folders should always be empty. I use no mobile devices, never have, yet entries appear in those folders. I've noticed that writing in Notepad, as I am doing now, will generate an entry in one or the other of these folders. When I named this .txt file, it instantly put TWO entries in the Automatic Destinations folder. When I edited the note, no additional entries appeared. It is probably generated by an original "save" command. Since I'm wise to them, they couldn't be sent while ZonaAlarm had blocked all web traffic. So I removed them both to the folder where I am collecting these entries.
I cannot discern the location of the hack, but these entries I have found are going to the hacker, and might be used to identify the hacker. So I've been saving these messages in a different folder, so I can submit them for examination by experts. I now save them both, even when two files seem to have the same name, because the number of bytes is not the same.
I have a feeling this may be a very widespread hack, and very sophisticated, too, if it is connected with any of the other infections I am experiencing. It can be right in front of the victim yet not be suspected among all the other items there due to their own use of mobile devices.
People should check these folders often when they are online with any device. New items can appear at any time. It would help them if there was an app that can tell you WHERE that entry is being sent to.
Ii think this is important for people to know about, so they can look for it on their own systems. You should warn people to be on the lookout for it while you study it more in depth. so people can at least thwart it some. I want these people caught!
Spread this information around, to help others who may be victimized in this way.
Edited by hamluis, 05 February 2018 - 06:40 AM.
Moved from Win 7 to Am I Infected - Hamluis.