Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm hacked again!


  • Please log in to reply
1 reply to this topic

#1 Bizgal

Bizgal

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:46 PM

Posted 05 February 2009 - 06:49 PM

Hi there,

My ex-husband is a skilled hacker and during my divorce from him, I found out that he had juvenile felony convictions for hacking. To my knowledge, he continues to be involved in the hacking community and not the good guys! He is quite skilled and crafty, whereas I am an “average” computer user.

During my divorce, my ex accessed my home and work computers and was able to view my information remotely. He very likely had already set this up during our marriage. At one point, my credit card information was published on the web and it took me two years to clean up that mess. I also got the impression during my divorce that my ex and his divorce attorney had knowledge of the emails were sent between my attorney and myself, even though I used my work email, which had stronger protection than my home computer. That immediately led to my work computer being re-imaged and rebuilt. My workplace also placed my computer in a special group with higher protection. My attorney and I encrypted our emails. The police were also notified of the activity, but my employer wouldn’t look for or release any IP information because their servers get pinged thousands of times daily (this is a university). This was back in 2004! I'm at a new job this year, so my work computer is a potential target once again.

Back in 2004, on my home computer, I had the OS re-installed, tightened up security with firewalls, spyware and virus protection, and stronger passwords. That seemed to work for a few years or at least I didn’t notice any activity until recently.

Lately, I have found that someone has accessed my new computer. I am finding searches of my Yahoo email account left open (searches on my new boyfriend’s name) and some other peculiarities with both my Yahoo and Google accounts and some left-open searches through the file management. Also, new tabs are opened in Firefox. There have also been occurrences that I can’t even remember, except that I felt something was “different” about my system. I haven’t been able to find some of my recent work files, they seem to disappear. In general, I feel that I am being “messed with.” The only person I know who might have any interest in this type of malicious activity is my "loser" former husband.

I am currently running a 64 bit Windows Business Ultimate OS with Office 2007 and currently use AVG as my virus protection. I also weekly run SpyBot S & D, Adaware, Spy Doctor, and CCleaner, and defrag my hard-drive. My system is set up on a router that is also password protected and I have a wireless network that uses WPA security, also password protected. My system is set to require a password to enter past the screensaver, but sometimes, my computer does not go to sleep when I am inactive and I’m not sure as to why. My computer also runs very slowly. A few months ago, I followed some tips on this website to speed things up and even installed a ReadyBoost flashdrive, but the system is still very very slow. I have 2G of RAM.

Since this latest potential hackin discovery, I have changed my passwords on most of my accounts, email, banking, credit card, etc. to 10-digit upper/lower case letters and numbers based on random acronyms of things I can easily remember. I’ve also changed my security questions/answers.

I feel that a keystroke logger has been installed. This is how my ex previously gained access to my personal accounts. However, none of the anti-virus/spyware programs mentioned above have found anything. Every scan is “clean.”

I’d appreciate any ideas of what I can do to detect this illegal access, eliminate the problem, and do what I can to eliminate or reduce this from happening again, especially since this may likely be a targeted attack from someone who knows me and is quite skilled at malicious computer hacking. Thank you.

BC AdBot (Login to Remove)

 


#2 Guest_superbird_*

Guest_superbird_*

  • Guests
  • OFFLINE
  •  

Posted 06 February 2009 - 09:39 AM

Hi,

Welcome here. :thumbsup:
Well let's try to get the malware:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users