my husband's best friend built my computer windows px and I use a wireless cable connection. And for the next six months my spouse had complete control of the computer when I was at work. Spouse has now since moved out and I am worried they are able to access my computer remotely without my knowledge. I am not a computer person per say and would really appreciate any advice you could provide that would help me secure a safe computer in which to conduct my business. I am really at a lose. Thank you
Being controlled by hostile person
- Thread starter sunshine
- Start date
Buzz1927
Digaredd
Post a Hijackthis log, it should tell us if this is happenning.
http://www.computerforum.com/showthread.php?t=24672
http://www.computerforum.com/showthread.php?t=24672
Go here and download/run the software, then post the details by "copy and pasting the log" the log is the output from the software.
http://www.majorgeeks.com/download3155.html
http://www.majorgeeks.com/download3155.html
JustCallMeBob
New Member
I would do the highjack this log first as it will reveal any trojans, as long as your antivirus software recognices the trojan (assuming you have one). So as a first question, i will ask, how is this dudes computerskills, is he like average or does he spend way to much time with his computer? Lets hope its the first.
Now if i were him there are several moves i would have done. The first and easy would be to set up your computer to accept remote logins. Now this is really simple but check it anywy here, rightclick my computer, properties, the fan called remote or something (aint got a english version of xp) and make sure "allow users to connect to your computer remotely" is unchecked. Just to have this done.
Next lesson: Lets first clear out something, how vulnerable are you on your home computer? There is an important distinction between servers belonging to companies ( like if your hacking Microsoft) and standalone homecomputers. Buisness servers can easily be hacked if you know what your doing, but home computers as a matter of fact aint that easy. You cant just hack any homecomputer. (Were talking about the human factor now, not viruses so on. Thats another ballgame, which often go wrong because people are stupid.) All you can do to a clean computer is DOS attacks (Denial Of Service Attacks, make your computer hang). I will explain why.
If you have a standalone homecomputer with ONLY windows on it, you are most probably safe from being hacked. You see you cant just connect through your internet connection or something, you connect through expliots in services running on your computer. Lets take an example, lets say your computer is running a webserver, ftp server or something. If this service got a vulnerability, an expliot, a hacker can use this weakness to gain acess to you computer. But the key point is, your computer needs some kind of service that is listening to the internet, eg a webserver. There need to be a bridge, see? Luckily its not usual for homecomputers to have services like this running, unfortunately if this dude have had access to your computer, and he is an evil dude with more than average computer skills, you can have services running on your computer.
Lets clear up something what a attacker would do to a compromised computer, so you can understand this better, what might have happened to you. If someone wanna hack your computer you would either need a running service as said or a backdoor trojan on your computer. If you connect through expliots a normal move would be to afterwards place a trojan on your computer for easy access. If the person has physicall access to your computer he could simply put it there, just like that. And if a geek has just coded his own Trojan your antivirus wont find it, so you got a door open. Another metdod would be to, after the hacker has compromised your computer, he would set up hes own services to run on your computer for easier access. The next move, if hes not a moron, would be to hide his traces. Either of these ways would allow an intruder free access. As your guy has had full access, he could easily have done this. Im just curious, who is this dude since your worried about him accessing your pc?
You might be asking, but i got a firewall, antivirus and all, why aint i safe? Thats easy, firewalls can be bypassed, so they really are no security if the attacker has some skills, and really want in. The thing is, no firewall is bulletproof, they arent meant to be, cause in that case you wouldnt be able to connect to the internet. Eg the windows firewall can be bypassed in minutes if your good. If your using Norton, that firewall can be set to block or allow certain trojans, which means he could have put allow on some trojan, like eg Back Orifice, a popular trojan, make sure its blocked.
To sum up, if he is accesing your computer its either as
1: a remote desktop, which is a breeze to stop.
2: he has set up services containing expliots he can sneek through
3: or you got a backdoor trojan
So what to do, update your antivirus and scan your computer. Make sure its scanning ALL files and all program types, trojans, spyware, joke programs, everything.
Im not quite sure how thorough highjak this is, so buzz, just out of curiosity, do highjack this only scan processes as they appear in the task manager, or also processes running back in the registry? The thing is, if this guy is good he have hidden any services well, so im just corious how deep highjack goes. Anyway if your interested you can check out your processes here. Id say, lets Buzz do the log first and we'll see. But hey relax, i dont wanna freak you, there might be nothing!
I dont hope i have broken any forum rules, in that case im sorry again. My only intention was to briefly explain the theoretical situation for sunshine, based on your worries, so she can know what to look for and why. Im just the kinda guy that hate people fixing stuff, without explaning what to do, leaving me just as smart afterwards.
Now if i were him there are several moves i would have done. The first and easy would be to set up your computer to accept remote logins. Now this is really simple but check it anywy here, rightclick my computer, properties, the fan called remote or something (aint got a english version of xp) and make sure "allow users to connect to your computer remotely" is unchecked. Just to have this done.
Next lesson: Lets first clear out something, how vulnerable are you on your home computer? There is an important distinction between servers belonging to companies ( like if your hacking Microsoft) and standalone homecomputers. Buisness servers can easily be hacked if you know what your doing, but home computers as a matter of fact aint that easy. You cant just hack any homecomputer. (Were talking about the human factor now, not viruses so on. Thats another ballgame, which often go wrong because people are stupid.) All you can do to a clean computer is DOS attacks (Denial Of Service Attacks, make your computer hang). I will explain why.
If you have a standalone homecomputer with ONLY windows on it, you are most probably safe from being hacked. You see you cant just connect through your internet connection or something, you connect through expliots in services running on your computer. Lets take an example, lets say your computer is running a webserver, ftp server or something. If this service got a vulnerability, an expliot, a hacker can use this weakness to gain acess to you computer. But the key point is, your computer needs some kind of service that is listening to the internet, eg a webserver. There need to be a bridge, see? Luckily its not usual for homecomputers to have services like this running, unfortunately if this dude have had access to your computer, and he is an evil dude with more than average computer skills, you can have services running on your computer.
Lets clear up something what a attacker would do to a compromised computer, so you can understand this better, what might have happened to you. If someone wanna hack your computer you would either need a running service as said or a backdoor trojan on your computer. If you connect through expliots a normal move would be to afterwards place a trojan on your computer for easy access. If the person has physicall access to your computer he could simply put it there, just like that. And if a geek has just coded his own Trojan your antivirus wont find it, so you got a door open. Another metdod would be to, after the hacker has compromised your computer, he would set up hes own services to run on your computer for easier access. The next move, if hes not a moron, would be to hide his traces. Either of these ways would allow an intruder free access. As your guy has had full access, he could easily have done this. Im just curious, who is this dude since your worried about him accessing your pc?
You might be asking, but i got a firewall, antivirus and all, why aint i safe? Thats easy, firewalls can be bypassed, so they really are no security if the attacker has some skills, and really want in. The thing is, no firewall is bulletproof, they arent meant to be, cause in that case you wouldnt be able to connect to the internet. Eg the windows firewall can be bypassed in minutes if your good. If your using Norton, that firewall can be set to block or allow certain trojans, which means he could have put allow on some trojan, like eg Back Orifice, a popular trojan, make sure its blocked.
To sum up, if he is accesing your computer its either as
1: a remote desktop, which is a breeze to stop.
2: he has set up services containing expliots he can sneek through
3: or you got a backdoor trojan
So what to do, update your antivirus and scan your computer. Make sure its scanning ALL files and all program types, trojans, spyware, joke programs, everything.
Im not quite sure how thorough highjak this is, so buzz, just out of curiosity, do highjack this only scan processes as they appear in the task manager, or also processes running back in the registry? The thing is, if this guy is good he have hidden any services well, so im just corious how deep highjack goes. Anyway if your interested you can check out your processes here. Id say, lets Buzz do the log first and we'll see. But hey relax, i dont wanna freak you, there might be nothing!
I dont hope i have broken any forum rules, in that case im sorry again. My only intention was to briefly explain the theoretical situation for sunshine, based on your worries, so she can know what to look for and why. Im just the kinda guy that hate people fixing stuff, without explaning what to do, leaving me just as smart afterwards.