Can avast help locating a stolen laptop?

Hi, my laptop is stolen a week and a half ago. :frowning:
Avast still installed on the stolen computer and it’s connecting every day, I can see the laptop last IP on my.avast.com. :slight_smile:

Can Avast help me locate the thief?

  • Maybe Avast have more information that not shown in my.avast.com? (maybe SSID/BSSID of the access point?)
  • The free licence of the stolen laptop is about to expire in 13 days, I will be happy if avast team can extend it remotely to avoid that whoever uses the computer decides to delete avast av when he sees it’s expired.

I opened a ticket in support.avast.com but a week and a half has passed and I didn’t received any response… :frowning:
I also filed a complaint with the police and gave them the IP, but it’s a long process until the police can locate the thief by his IP.

Any help would be appreciated!!
Thanks!!! :slight_smile:
(Sorry for my bad english…)

Aloha !
Are you certain the police are actually doing anything ?
If you do a “tracert” on the IP address you may be able to tell who owns the actual connection. or do a whois lookup on it.
www.whois.sc/“ipaddress”
Then you could contact the internet service provider who owns the connection and instruct them to preserve data (dates and times of connection) for legal retention and forward the data over to the police and provide them the police report number. that is of course if the IP address is not a public access site like an internet cafe, university or some other location. Then if it is you could get that site to trace out the Mac address, traffic reports or something and match it to their internal network ip. and the next time the computer shows up on the network they woudl know exactly where it is (or close by if its wireless)

I wish I had better news, but unless the law enforcement agencies get very lucky
you probably never see that laptop again. The thieves can switch out the HDD, change
log-on password, and use any number of IP’s. So the chances of getting your laptop
are thin at best.

All that’s true assuming you’re dealing with professional thieves. Though, most thefts are done by opportunists that see a chance to steal an unguarded device and take it. Often these are not the smartest of people… with low-income/in heavy debt.
I’m afraid your best chances are with the police. However, an IP alone might not be enough to pinpoint one specific person/address. This might make it difficult for them to get a warrant.

This is why I firmly believe a person should put a strong hard drive password on the laptop especially if you have important info on it.

Edit: But there a methods to remove those also, albeit not very easily.

HawaiianHope - Thanks!
Police said they need a warrant from a judge to get the data from the ISP, they said they will submit a request
I don’t believe the ISP will give information to the police without a warrant - which afaik only police can get.
But you’re right, I need to check if they actually did something.
The laptop is connected a few hours every day so I believe it wouldn’t be difficult to find the computer even if it is connected to public wifi.

Para-Noid - Thanks!
Actually - That’s what I thought, until I saw the laptop communicates again with my.avast.com a few days after the theft, and it connects every day from the same IP since

propheticus - Thanks! I was hoping maybe Avast has more details not shown in my.avast.com that could help shorten this process, which will increase the chances of finding the laptop.

zorgon - Thanks! putting a hard drive password will prevent the thief reformat the hard drive?

A password of any length will not prevent a thief from altering your HDD.
The thief can pawn it or sell it or as I stated above put in a new HDD.
Changing HDD also means a new password can be entered.

I doubt there is little that can be done to recover your laptop. Sorry. :-X

One thing absolutely NOT to do at this time is trying to connect to the laptop.
The thief (or person that currently has the laptop), may notice it and gets alarmed.

Al you can do is keep monitoring my.avast and wait for the police to take action.

Keep in mind that the person who has the laptop now doesn’t have to be the thief.
It can be someone who bought it, not aware that it is a stolen laptop.

Para-Noid - Thanks!, Yet I’m pretty sure there are great chances we can find this specific laptop, that because the thief still connecting to the same router a few hours each day and avast is still reporting to my.avast.com

Eddy - OK, Thanks!!

  • Does anyone know if avast send more details like SSID/BSSID or any other helpfull details to the server?
  • Another thing - the free licence of the stolen laptop is about to expire in 15 days, I will be happy if avast team can extend it remotely to avoid that whoever uses the computer decides to delete avast av when he sees it’s expired.

Thanks!!!

You can contact avast directly by using this form http://www.avast.com/contact-form.php

I am not talking about a BIOS lock but a Hard Drive lock. The thief could of course purchase a new drive but a hard drive password is in the firmware of the drive. It is rendered unusable even in a new computer because reads and writes on the drive are not permitted so formatting is not possible.

A bios nor a hd can be locked.
It is like securing a house.
You can have the best locks, alarm system etc…
There is always a way around it.

It’s the same as opening support ticket or there is a chance I will get faster response? (I have open ticket from 01/03/14, still waiting for response.)
btw - which subject/topic you think I should select there?
Thanks!!!

But not easily especially in Maximum Security Mode.

http://www.datarecovery.com.sg/data_recovery/hard_disk_lock.htm

In Maximum security mode, one can not unlock the disk without knowing the passwords. One way to reuse the disk is to issue the SECURITY ERASE PREPARE command followed by SECURITY ERASE UNIT. However, The SECURITY ERASE UNIT command will require the Master password and all data will be erased as a result.

A person can always use Truecypt using two layer encryption with a long password which IMHO would be unbreakable.

Hi

Try a Geolocalisation trak of the ip

Maybe the page, codehtml, on My.Avast ask for it (longitude+latitude) and avast have it on log

I dont use MyAvast but i suppose this is activate on that page.

Good luck

Zorgon, you are so wrong!

I’m not gonna tell how etc, but I don’t need a password to access the data on those drives at all.

I would like to see you access a Truecrypt encrypted drive with dual encryption and boot password after is has been powered down when law enforcement could not do it.

As far as the hard drive encryption. Try it on a laptop, remove it and see if you can access it on another machine. You can’t do it with linux. It may possible to remove the encryption with hardware, a lot of money and a clean room but this isn’t something the average thief is going to have access to. Maybe I am wrong. Please PM me and tell me how you would do it.