Long time user of Bleeping Computer to find fixes for my problems, but this is my first post. I've got a problem that I just can't seem to solve.
I am a self-taught computer repair guy in a small town in rural America. I've been removing malware from comptuers for years, so I'm fairly versed in the available removal products. About 6 to 8 months ago, my wife and I got hacked on our home/work computer network. The hacker was able to uninstall software, delete folders, pull up Word documents, etc. In other words, he seems to have complete remote control of both of our machines.
What makes this guy so insedious is that he seems to know us and seems to have a grudge. He has pulled up Word documents on my wife's pc saying things in large font like: "bleep you'd better leave town or you're dead" and "F*** you, go to hell, you've ruined my life, now you're going to pay!" and recently "I can see what you're doing". He also seems to know her really well, as he put a Nebraska Cornhuskers desktop background on her computer when she's a Colo Buffs fan. (Did I mention her ex is from Nebraska? hummmmm) He has also deleted family pictures and other important documents off of her comptuer.
He has also really messed with my machine, leaving Word documents that say things like "Quit downloading porn" and such. I also do field service work through several different online tech platforms. One of these he's been able to get into 3 times now and cancel work orders that were upcoming for me. I have saved 2 of them but the 3rd got assigned to a different tech before I realized it had been canceled and I lost that money. This is not very good for my reputation on that platform to have these canceled at the last minute. He has delete documents and files off of my computer, seemingly targeting anything that looked important to my work, such as all the ISO files for the various operating systems that I need to rebuild computers from time to time.
Over the last several months, I have rebuilt both computers multiple times, and sometimes that seemed to get rid of him for a few weeks, but he's always gotten back in somehow. Lately on my machine, I've ran AVG Free, Malwarebytes, Spybot Search and Destroy, and Superantispyware, all coming up with clean scans, yet he's still got access. I even installed Zone Alarm Free firewall last week, and that didn't slow him down a bit. This guy seems to be REALLY good at being evil.
I've changed the password on my wireless network multiple times, and even went to the length of shutting off SSID broadcasting and changing the name and password. He was back in the network the next morning! We have cable internet through Optimum, and a fairly new Netgear wireless N router using WPA2 security.
Anybody have any suggestions as to how this guy is doing this. What I'd really like to do is CATCH him. At this point I have taken great lengths to back up what's left of our data, and have taken to doing my field work website access on a laptop that gets turned off as soon as I finish that work, so he can't hurt us any further, other than the mental anguish (our 12 yr old daughter was afraid to go to bed the other night because she was the one that discovered his "I can see what you're doing" message and thought that meant he could actually see inside the house).
Can anyone help me catch this guy? My wife is a basket case because she's afraid he is someone local and will actuall try to harm us physically.
Thanks for your help!!
[Moderator edit and note: post moved to more appropriate forum. jgw]
Edited by jgweed, 07 January 2013 - 09:48 AM.