Hacker caught ?

F

FlashGordan

New Member
hey there im new here and im not even sure if this is the right section never mind site for this thread. im pretty confident with pcs and know all about them however today this really stumped me. my father called me over asking who some guy i had never heard was. i asked why and he said because hes logged into Facebook on my laptop. i took the laptop in disbelief and looked and this guy who i have never met or seen in my life has his Facebook logged on right in front of me. my fathers twitter account was also locked saying it had been compromised but this does not explain how i have access to this strangers account who we do not know. i was thinking however this is probably unlikely that he was using asome kind of key log vpn and had my fathers actoins unning on his screen and forgot that it was running and he logged in on my fathers laptop by accident ? and i really cant think of a time where some random spanish looking guy would have acess to my fathers laptop as my dad is really protective about his laptop and wont even let me use it. so does anyone here have any idea how this happened cause i sure as heck dont . thanks
 
So what you are saying is that someone is logged into their own facebook account on your dads laptop? And you can see them doing stuff? Or someone is logged into your dads facebook on your dad's laptop?

If its the first option then most likely you have a program installed that allows remote access to laptop such as log me in or teamviewer. I would turn computer off, disconnect wifi and then turn computer back on and check in add/remove programs for a program such as those. I would also start scanning for malware using Malwarebytes and whatever virus program you have installed.
 
johnb35 said:
So what you are saying is that someone is logged into their own facebook account on your dads laptop? And you can see them doing stuff? Or someone is logged into your dads facebook on your dad's laptop?

If its the first option then most likely you have a program installed that allows remote access to laptop such as log me in or teamviewer. I would turn computer off, disconnect wifi and then turn computer back on and check in add/remove programs for a program such as those. I would also start scanning for malware using Malwarebytes and whatever virus program you have installed.
Click to expand...

yes its the first one however i cannot see him doing anything its just logged in . yeah well my dad is actually a ict consultant and uses those to access customers pages however they have no access to his and he knows all of his customers
 
I would immediately shut down any remote assistance programs and only have those open when needed. The only thing I can tell you at this point is to scan the system for malware with Malwarebytes.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.


Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
johnb35 said:
I would immediately shut down any remote assistance programs and only have those open when needed. The only thing I can tell you at this point is to scan the system for malware with Malwarebytes.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.


Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
Click to expand...

thank you soo much for all of your help ! however i asked my father a few more questions about the laptop and he said that it was just in the previous log in details and he pressed log in . then he went on to tell me that he had bought the laptop second hand and the old user had just forgot to delete there passord . i was about to hit him sorry for bothering you but i really appreciate the help.
 
FlashGordan said:
thank you soo much for all of your help ! however i asked my father a few more questions about the laptop and he said that it was just in the previous log in details and he pressed log in . then he went on to tell me that he had bought the laptop second hand and the old user had just forgot to delete there passord . i was about to hit him sorry for bothering you but i really appreciate the help.
Click to expand...

Yeah, that info would have been beneficial to note in the first post. lol Anytime you buy a pc second hand, you should always do a fresh install of windows as you have no idea what is on the pc.
 
You must log in or register to reply here.
Back
Top