# Off topic, hackers?



## NTCGRR (Jan 2, 2008)

All you computer smart folks.
a friend of mine called, and said she thinks her old boyfrined has hacked her computer.
He used to help her set it up and any thing she needs. he denies it.
But all her pass words are changed ,can't get on e-mail, etc. she watches stuff, ( what ever that means) happen on her computer.
Police/FBI / etc said nothing they can do. I have no idea.

I thought if that happened to me what can you do.??
any thoughts.??

thank you


----------



## Semper Vaporo (Jan 2, 2008)

Hard to describe what to do from here. I'd have to see it and work with it to decide how to proceed.

There are programs that can be run to remove some of the spyware that might have been installed (and it is not necessarily her (former?) boyfriend that did it).

I would run "Malware Bytes, Anti-Malware", "Microsoft Security Essentials", "RUBotted" and some other programs that are available on the web for free. One does need to be cautious because some of the advertised sites that claim to "check your computer" are really scams to infect you worse than anything they can find.

I think she needs to hire someone to come fix it. I don't think she can "send it" someplace to have it fixed as I think she needs to be present while someone works on it (answer questions about what web sites are important to her, what the passwords are supposed to be, what programs she wants on the machine and what she suspects is a problem, etc.)

There are people around that will do this, if she can find them. Where does she live? I work really cheap if I don't have to travel too far!


----------



## Michael Glavin (Jan 2, 2009)

Perhaps the "boyfriend" was privy to the passwords and logged in and changed them...... Some adults are pretty childish when it comes to breaking up! 

There are programs that allow you to operate a computer remotely like gotomypc and such. 

Semp has made some great suggestions; a professional can dig in and work the bugs out with little effort. 

Or simply wipe the drive and reload the software from scratch. 

Michael


----------



## pete (Jan 2, 2008)

It sounds like he set up her computer so he can get into the computer any time he wants. My son who works in the computer field did the same to our computer so that when we have a problem he can log on to our computer from his laptop to see what's wrong and fix our problem. He has also played a joke on me by the same method.


----------



## afinegan (Jan 2, 2008)

I would reinstall windows (make sure to format and repartition the hdd) and every piece software she had on it (real disks/software, not copied disks that could be modified). The login to the internet with fresh pc and change all the online passwords AGAIN (yes again). then you should be free and clear (PC wise). You need to change the network router password for the network she is connected to also. 

Its a giant pain, but its the only way to be sure (ever want to know something real nasty thats almost impossible to remove, look up "rootkit", if he installed one of those, sometimes, only a pure computer wipe, partition and format will get rid of it (or if your lucky, this program called combofix)).


----------



## Mike Reilley (Jan 2, 2008)

So...if this was my computer, I'd return all the software to the new condition...and then reload MY files. Normally, hackers don't change your files...you photos, messages, emails, etc...they just look at them. So me, I'd first copy my files to a DVD/CD...not the programs...my files.

Then, I'd go into windows and RESTORE the computer to it's initial condition. That installs a whole new version of Windows. Go through the whole installation process...including getting your web access working. This will take a long time...because there will be a lot of updates to download and install. Just keep downloading, installing, and rebooting...till it stops.


Then I'd go into the Program Files and Program Files (X86) directory and delete every file in there. If the computer came with software preloaded, you might be able to reinstall it....so look before you erase it. Some of the program folders include INSTALLATION options. It's OK to reinstall those programs...but don't hold your breath...most of the time, you're gonna need your own disk to install the program.


At this point, I'd run Check Disk...and then defrag it. Now you're pretty clean. 


Next, I'd load AVG from avg.com...it's a free antiviral program. I like it. Then I'd download Ccleaner from ccleaner.com and install it. I use that to clean up the computer. Then I'd download spybot from spybot.com and install it. This is a good anti-spyware program. At this point, I'd run Ccleaner...both the registry cleaner and the file cleaner...to really be sure the computer is clean. 

After that's done you can reload the software you need. I'd start by loading Firefox so I had a MODERN browser. Use IE to do that...then stop using IE.

After you've reinstalled all the software, I'd put the DVD/CD with "my files" (saved before the restore) in the DVD drive, and have AVG scan them for viruses...then Spybot for spyware...and clean em up. After they're clean, you can then reload your files (the ones you saved BEFORE you restored Windows) in My Documents. 

Be advised, if someone has hacked your computer, there's really no secure way to eliminate their access IF you leave any software on the computer. You must really gut the computer and restart.


----------



## norman (Jan 6, 2008)

new computers are super cheap. just buy a new one. Norman


----------



## krs (Feb 29, 2008)

What you're suggesting Mike is quite dramatic. 
It could take days to oad and update all the programs ond then weeks until one eventually gets all the settings adjusted to where one wants them. 
The key point I think you made is 

*if someone has hacked your computer,* 

Right now all we have is "stuff happens" 

Maybe the first thing to do is to determine if someone has actually hacked into the computer. 

I'm not that familiar with Windows, the IT guys at the office fix any Windows problems for me. 

On the Mac there are two things I would do, I assume Windows has the same capabilities: 

1. Set up my firewall in stealth mode. That way the computer becomes invisible from the net. 

2. Run "Little Snitch" or the Windows equivalent - it will tell you if anyone is trying to access your computer from the net or if the computer is trying to access the net without your specific permission.


----------



## Mike Reilley (Jan 2, 2008)

Dramatic...NO KIDDING!!!! If someone has hacked your computer and has your passwords...and has changed them...dah...DRAMATIC is called for. I'd also be calling all my banks and money related places (e.g. PayPal)...and getting new account setups. If you've been successfully hacked...YOU ARE SCREWED. This is a DRAMATIC situation.


And...IMHO...if you think someone has hacked your computer...that's an opinion that's NOT going away...so, the only thing safe to do, is slick and reload...or trash and buy a new one.

You're right...it's several days of effort. But I answered the question asked.

If this were me, I might buy a new computer and start anew...the only thing that would deter me would be the cost of comparable performance for a new computer. The one I have now is a hot one.


----------



## Trains (Jan 2, 2008)

That's why I can't figure out why everyone wants to do everything on line! They say it's safe but I don't think so.
Someone is smarter then the people who said it's safe. Are people getting that lazy that they can't write a check
and put it in a envalope to send in?


----------



## Scottychaos (Jan 2, 2008)

We have a local call-in radio show about computers..
the guy who runs it has a thing he calls the "security tango"..supposed to be good for cleaning up the computer..
you need to download the programs, print out the steps, then follow the steps one by one, skipping nothing:

Security Tango

might be useful..
Scot


----------



## krs (Feb 29, 2008)

Posted By Mike Reilley on 14 Mar 2012 11:53 PM 
Dramatic...NO KIDDING!!!! If someone has hacked your computer and has your passwords...and has changed them...dah...DRAMATIC is called for.



It's not really clear in the original post what is going on.

>>a friend of mine called, and said she thinks her old boyfrined has hacked her computer.
>>He used to help her set it up and any thing she needs. he denies it.
>>But all her pass words are changed ,can't get on e-mail, etc. she watches stuff, ( what ever that means) happen on her computer.

I read that she has changed all her passwords and that he can't therefore get into her e-mails, but she still watches "stuff happen"


Maybe I'm too optimistic and it means the passwords changed themselves - them of course DRAMATIC is called for.


----------



## Greg Elmassian (Jan 3, 2008)

I've been sitting back reading this. 

I agree with Knut... you need to do a little more investigation to know what you need to correct. 

It's very possible that her Internet passwords are compromised, and nothing at all is wrong with the computer. 

I sure would look into it a bit more. 

As for the original post and question, if I was you Marty, I'd ask an expert if it happened, and if he/she was really an expert, by talking to you over the phone, or taking a "remote look" at your computer, they could determine in under 10 minutes what actions to take. That's my answer to your question, don't try to fix it yourself until you have more information, and I would recommend getting that information from an expert. 

Regards, Greg


----------



## Scottychaos (Jan 2, 2008)

Posted By krs on 15 Mar 2012 07:18 AM 
Posted By Mike Reilley on 14 Mar 2012 11:53 PM 
Dramatic...NO KIDDING!!!! If someone has hacked your computer and has your passwords...and has changed them...dah...DRAMATIC is called for.



It's not really clear in the original post what is going on.

>>a friend of mine called, and said she thinks her old boyfrined has hacked her computer.
>>He used to help her set it up and any thing she needs. he denies it.
>>But all her pass words are changed ,can't get on e-mail, etc. she watches stuff, ( what ever that means) happen on her computer.

I read that she has changed all her passwords and that he can't therefore get into her e-mails, but she still watches "stuff happen"


Maybe I'm too optimistic and it means the passwords changed themselves - them of course DRAMATIC is called for.



No, it was pretty obvious that she didnt change the passwords herself..somehow passwords were changed, (the ex-boyfriend is the prime suspect)
and by "she watches stuff happen" it sounds like she can be sitting at the computer, just looking at the screen, and things are going on without her touching the mouse or the keyboard..
if you have ever had anyone remotely log-in to your computer, you can see that happen..
I have done it at work..you allow the corporate IT person, who is located miles away, to access your computer..
yoiu can then see them do things right on your computer, as if you were doing it yourself..cursor moves, windows open and close,
words can be typed..anything you can do yourself, can be done by someone else remotely..
to me, thats what it sounds like was happening..

someone gained full control of her computer..

If she still has *some* control, IMO she should download those programs talked about the "security tango"..then *disconnect from the internet* as
she runs the programs...passwords might be hard to get back, if they are passwords for webpages "off site"..such as yahoo mail or google mail, facebook, etc..
but getting rid of any malware is the first step, to break the connection to whoever might have control of her computer..

Scot


----------



## aceinspp (Jan 2, 2008)

Oh no hope Marty does not have girl friends. Then you need to worry. Later RJD


----------



## krs (Feb 29, 2008)

Posted By Scottychaos on 15 Mar 2012 10:04 A No, it was pretty obvious that she didnt change the passwords herself..somehow passwords were changed, (the ex-boyfriend is the prime suspect)and by "she watches stuff happen" it sounds like she can be sitting at the computer, just looking at the screen, and things are going on without her touching the mouse or the keyboard..if you have ever had anyone remotely log-in to your computer, you can see that happen..I have done it at work..you allow the corporate IT person, who is located miles away, to access your computer..yoiu can then see them do things right on your computer, as if you were doing it yourself..cursor moves, windows open and close,words can be typed..anything you can do yourself, can be done by someone else remotely..to me, thats what it sounds like was happening.. 

I know one can control a computer remotely - have been on both ends of that type of connection.
But why don't we wait for Marty to clarify what the problem actually is.


And if you are right and the passwords did get changed remotely and the computer is being controlled remotely, then do what Greg suggested, get help from an expert - nothing we can suggest via a bunch of web posts is going to resolve this.

knut


----------



## Cougar Rock Rail (Jan 2, 2008)

The first thing to do is disconnect the internet line and/or wifi to her computer! That will cut him off the remote access...then you can clean up the machine. 

Keith


----------



## Semper Vaporo (Jan 2, 2008)

Unfortunately, disconnecting the present PC from the internet is only part of the fix. That does nothing to protect against the hacker using another computer to access e-mail, and other on-line accounts if the hacker knows the passwords there. If those accounts are banking accounts, either PayPal or Credit card access, e-bay, checking accounts, you name it! they have the capability of causing all kinds of trouble. From simply sending embarrassing e-mails to people on the contacts list to cause "loss of face", to full identity take over and loss of credit worthiness, cash funds, and equity, leading to bankruptcy. 

It may seem "Dramatic" but changing ALL accounts, EVERYWHERE is probably the BEST solution... contact the bank/credit union, PayPal, E-bay, Credit card (including Department stores), ALL 'on-line' accounts where anything personal might be stored (past purchases, Social Security number, Mother's Maiden name, etc.) and get them ALL to change the accounts; At a minimum, change the password, but preferably, change the account numbers!


----------



## NTCGRR (Jan 2, 2008)

Thanks so far, I'm making notes,.


----------



## Mike Reilley (Jan 2, 2008)

One more thought...looking at it from the other side. Doing all that reloading might be a huge amount of work. But...I can tell you from personal experience, it is no where near the amount of work you'll put out to fix everything when you're identity has been stolen. Folks that have hacked into other folks computers CAN and DO sell the access and the data to folks that steal identities. Had one son who was a bit cavalier with his passwords and such...and we fought for months with credit card companies who said he owed them money.


----------



## Dan Pierce (Jan 2, 2008)

I would disconnect the internet connection (power off the modem) and then I would go into the control panel and disable remote access. 
By default, remote access is turned on by windows!! Big mistake for computer users that do not wish to have remote access by others. 
Also, make sure file sharing is turned off. 

Can the user log in? 
If so, then delete the friends account. if it exists. 
You can always call places and have the passwords changed or accounts placed on hold for protection.


----------



## Greg Elmassian (Jan 3, 2008)

Dan, what version of Windows are you talking about? XP or Windows 7? 

I'm having a little trouble understanding which of the remote schemes you are talking about. 

Greg


----------



## aceinspp (Jan 2, 2008)

Yes you can turn off the remote if on windows 7, but for the life of me why not just go in and change pass words and be done with the hole mess. Later RJD


----------



## Rail Planet (Jan 22, 2012)

I think you need to figure out whether this issue is programs, malware, etc. on the computer, or online issues (password problems, etc.). I use ESET NOD32 for security, but, as said, the only way to truly remove a virus is by re-installing windows.


----------



## Ironton (Jan 2, 2008)

On many sites you need to know the old password or the answer to a "magical" question in order to change the password. If it was set up by a knowledgeable person, the current user would be unable to answer any of these questions and unable to change the password themselves. 

The alternative would be to unsubscribe and resubscribe with a new user name and password. 

Hope this helps.


----------



## ThinkerT (Jan 2, 2008)

whoops!


----------



## Greg Elmassian (Jan 3, 2008)

whoops what?


----------

