Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Someone is monitoring my internet. What can I do?


  • This topic is locked This topic is locked
9 replies to this topic

#1 gasgousegorillaz

gasgousegorillaz

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 10 October 2015 - 08:59 AM

I've been having a few strange computer things going on and believe someone is intercepting traffic from my laptop
 
A year ago I was looking at some postings on Craigslist and then the next day someone with a Yahoo email address with a variation of my name forwarded those Craigslist postings to my wife's email. 
 
A few weeks later I posted something on a travel web forum and someone responded using the same screen name that I use on another website. The poster also revealed some addition personal info about myself.
 
I scanned my desktop and laptop with two virus scanners and also used Kapersky to make a boot CD and scan for rootkils and viruses outside of windows - all systems were clean. I also bought a new router and beefed up my wireless security, creating new complex passwords (using special characters) and using WPA2.
 
At home I connect to the internet through the router and Comcast cable modem. I use windows remote desktop to access my desktop computer from my laptop over the wireless network.
 
So everything was fine and nothing weird was happening until yesterday. I'm traveling out of town using the hotel's wifi with my laptop. I visited a few sites and later that day someone, again using an email with a variation of my name, sent links to those sites to my wife.
 
Is it possible someone is intercepting traffic on my home network or has somehow intercepting traffic form my laptop?  What can I do to prevent this?


BC AdBot (Login to Remove)

 


#2 RolandJS

RolandJS

  • Members
  • 4,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:06:24 AM

Posted 10 October 2015 - 09:38 AM

My educated guess is that a very-well planted combination keylogger/internet monitoring program has been installed onto your computer.  Whether this is also a deep rootkit and/or malware plant, I don't know.  A couple of quick things you can try: c:\Program Files and c:\Program Files (x86) -- sort by Date Modificd, and see if any "strange," unknown to you programs appear.  Otherwise, await seasoned BC techs, follow their advice, they won't steer you wrong.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#3 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:24 AM

Posted 10 October 2015 - 10:38 AM

What does your wife have to say about receiving those emails? She would be the main 'person of interest' as to the one who would install a keylogger

from viewing the info you have provided so far.

 

Is your laptop a company owned laptop....not purchased by you?

 

Have you checked the headers of the email sent to your wife? That may give some info on the original sender though the IP may not be correct if a proxy was used.

 

If it is a keylogger installed on the laptop now or in the future you can avoid its ability to monitor by using a bootable flash drive with a Linux OS for cruising the web.

 

May have further comment after your answers to the above.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 gasgousegorillaz

gasgousegorillaz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 10 October 2015 - 02:02 PM

What does your wife have to say about receiving those emails? She would be the main 'person of interest' as to the one who would install a keylogger

from viewing the info you have provided so far.

 

Is your laptop a company owned laptop....not purchased by you?

 

Have you checked the headers of the email sent to your wife? That may give some info on the original sender though the IP may not be correct if a proxy was used.

 

If it is a keylogger installed on the laptop now or in the future you can avoid its ability to monitor by using a bootable flash drive with a Linux OS for cruising the web.

 

May have further comment after your answers to the above.

 

It's definitely not my wife - she is light years away from being tech savvy enough to try anything like this.

 

The email looks like it was sent form a proxy - iname.com 

 

This is my personal laptop, and I only use it 99% of the time on my home network. I did a fresh install of Windows 10 a few months ago.

 

What I think is super weird is that if someone had this sort of access to my info, why are they not accessing my banking accounts or using my email to embarrass me?


Edited by gasgousegorillaz, 10 October 2015 - 02:05 PM.


#5 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:24 AM

Posted 10 October 2015 - 02:38 PM

If the email was sent to your wife's account while you were still away and mentioned websites you visited only while away, then your home router would not be involved.

If you are not logged into a private network/ your employer's network then that is ruled out.

 

Keylogger is the only reason left that I can think of. Let the pros take a look in the Malware Forum.

 

You should start a new topic in the Malware Removal forum.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 gasgousegorillaz

gasgousegorillaz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 10 October 2015 - 02:48 PM

What about a Craislist administrator? Could he/she detect my computer when I look at Craigslist pages?



#7 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:24 AM

Posted 10 October 2015 - 03:01 PM

That is way farfetched...for a Craig's list administrator to know what other websites you visited and care enough to send emails to your wife.

 

Websites such as Google, Amazon, etc. do track you across the web if their cookies are on your computer. They do that for advertising/ commercial

reasons. Other 3rd party cookies from advertisers and those they hire to track you have that ability, too. But not to send your wife emails to embarass you...harm you.

 

You can block third party cookies aka ad/ tracking cookies from installing on your computer. Then delete the existing ones either manually or using CCleaner

which removes cookies from Flash, too.

How To Disable Third-Party Cookies In All Major Browsers

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


Edited by buddy215, 10 October 2015 - 03:01 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:12:24 PM

Posted 10 October 2015 - 03:04 PM

What about a Craislist administrator? Could he/she detect my computer when I look at Craigslist pages?

I doubt it, that's not how it works.

My thought is you might want to get your laptop looked at in Malware Removal Logs, so follow buddy215's instructions above.

Not to be paranoid, but your wife could have hired someone else to do it for her - who knows.

#9 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:24 AM

Posted 10 October 2015 - 03:16 PM

Yes, anyone who has access to your computer could have installed a keylogger. I'm including a link that describes the capabilities and ease of install.

Sample of commercially available keylogger


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:06:24 AM

Posted 10 October 2015 - 03:31 PM

You have posted logs in the Malware Removal Logs forum. That post is here http://www.bleepingcomputer.com/forums/t/593103/is-my-computer-infected-with-a-key-logger-or/

 

Since you have posted there:

 

Please refrain from asking for further help from other members or staff until the Malware Removal Team has checked your posted log. The Malware Removal Team work very hard to investigate a unique solution to your problem and you will receive individual expert assistance. This takes time and effort so we ask you to please be patient while waiting for assistance and NOT to make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member. Any modifications you make on your own can result in system changes which may not show it the log you already posted. Further, following advice outside of that post may cause confusion for the team member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

 

The Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean. If you followed any other advice already, please ensure you inform the Malware Removal Team Team Helper when they respond to assist you with your log. This will help them know what has been done and they probably will ask for an updated log.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

 

If HelpBot replies to your topic, please follow Step One so it will report your topic to the team members.

 

This topic is closed

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users