I have had an ongoing problem with my ex-boyfriend hacking into my computers. Last summer, he somehow set up a VPN connection the directed all of my Internet activities to a server at his house. (I had installed a program - don't remember which one - that gave me a physical map of my network and it showed his house. I live about 60 miles away from him, so there was no mistaking the location.) I have gone through multiple "clean installs" of Windows 7, but each time I do, it seems he still has access to my laptop.
A couple of months ago, I took the new Windows 7 disk and decided to do the install myself so I could check Event Viewer and see if it told me anything. It did show that the VSS was trying to write to the disk at the same time Windows was installing, but from what I've read, that may be a normal process (?). One other thing I've noticed is that the administrator accounts gets remaned to "administrators" with an "s". I always use lower case to name the computer, but the name gets changed to all caps and a "$" added to the end. In Event Viewer, in the Security folder there are over 100 entries where the computer is being queiried for accounts and passwords, then someone signing on as one of those accounts. It also showed where Windows Firewall rules were changed, Norton files were changed from "auto" start to "demand" start, Windows Defender was disabled, and a number of other things, including a bunch of new users such as "ANONYMOUS" and "REMOTE USER".
I found an iCamera installed on the laptop before I did the Windows 7 install, and from comments he has made, I suspect there is a camera installed in my bathroom somewhere. It is VERY unnerving, to say the least.
I felt like I could never trust the security of my laptop so, after getting a wireless security system installed in my apartment, I bought a new All-In_one PC with Windows 8. Within 2 days of having it, I started seeing the same issues as all of those above. I installed a forensic program and it said that I was a workstation and part of a virtual network. I have EVERYTHING even remotely connected (no pun intended) to any type of sharing turned off or disabled. I have disabled a number of services that I see as not being essential to the operation of the computer, one of which is the Remote Desktop Connection. A couple of hours after disabling that service, I rebooted the PC for something else and when I checked the services, it was enabled again. There have been times when it has gone from being disabled to being enabled even without my rebooting.
To top it all off, I had stepped away from the PC for a minute and when I came back, my mouse was moving around on the screen!!
I've reset the PC to factory default settings 3 or 4 times in an effort to get rid of him/it, but it doesn't seem to work. Last time I tried, I got an error msg that said some of the necessary windows files were missing and it could not be restored.
Now I have TWO useless computers. I access the internet now from the library but am limited to one hour per day (ugh!!).
Can anybody help me??