being spied on

Started by Susan Home, September 25, 2005, 09:32:23 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages1 2 3 All
User actions

Susan Home

September 25, 2005, 09:32:23 AM
First I will say that I know very little about computers and understand very little that is discussed here. After a year long relationship with a software designer I was told that he had been reading my email for a month. He gave me quotes. He read back a year because I don't delete things. He had not had access to my computer so he must have done this remotely. Is this possible?! How is this possible? I have changed my password but I don't know that this isn't still going on.

Raptor

#1
September 25, 2005, 09:52:45 AM Last Edit: September 25, 2005, 09:53:59 AM by Raptor
Change all passwords you are currently using. Do not use names or numbers only. Use a combination of letters, numbers and reading marks.

What E-mail provider are you using and have you spoken with them?

Virus scanners
AVG Free
-- Anti virus scanner
Trend Micro Housecall
-- Online anti virus scanner.

Anti spy/malware
Microsoft Antispyware
-- Anti spyware scanner. Windows XP Home and Professional only.
Spybot Search & Destroy
-- Anti spyware scanner
Adaware SE Personal
-- Anti spyware scanner

Firewalls
Use both a hardware and software firewall.
Be advised as dual software firewalls may cause problems

ZoneAlarm Free
-- Free firewall - more user friendly
Sygate Personal
-- Free firewall - more configuration options

Removal tools
The following files are not substitutes for the ones described above.
They are either diagnostic tools or removal tools for malware of a certain kind

HijackThis
-- Manual malware remover. Post the HijackThis log generated only if requested!
McAfee Stinger
-- Virus removal tool. No substitute for a fully functional virus scanner!
CWshredder
-- CoolWebSearch removal tool. Widely known and persistant Hijacker.

Read the articles at How tuff Works on Computer security and technology. Easy to understand.

Flame

#2
September 25, 2005, 10:46:16 AM
Do you work with this person? If so, does this person hold a higher rank?

[glb]Flame[/glb]

Susan Home

#3
September 25, 2005, 12:08:46 PM
Yahoo. No I haven't contacted them. How would he be able to do this? Can he do it again if I change my password?

Susan Home

#4
September 25, 2005, 12:10:36 PM
No I don't work with him.  Why?

Susan Home

#5
September 25, 2005, 12:12:55 PM
We don't work together but we had a lot of mutual friends that won't speak to me anymore. I don't know all that he has told them but I do know he has told people about some things from my emails.

Flame

#6
September 25, 2005, 01:47:55 PM
QuoteNo I don't work with him.  Why?

Becuase is he has a higher rank than you in the same job, then he may be entitled to see them.

[glb]Flame[/glb]

Raptor

#7
September 25, 2005, 02:02:40 PM
QuoteYahoo. No I haven't contacted them. How would he be able to do this? Can he do it again if I change my password?

It will at least eliminate the chance of him knowing your password.

What else does he know about your computer or E-mail accounts?

Do you want an entirely new E-mail adress? Yahoo is not trustworthy, anyway.

Susan Home

#8
September 25, 2005, 02:56:39 PM
He knew my two accounts adresses and then apparently passwords. He helped me set up the first one on his laptop. The second one I opened after we were broken up and he shouldn't even have known it existed.

Raptor

#9
September 25, 2005, 03:28:46 PM
Could be a keylogger.

Virus scanners
AVG Free
-- Anti virus scanner
Trend Micro Housecall
-- Online anti virus scanner.

Anti spy/malware
Microsoft Antispyware
-- Anti spyware scanner. Windows XP Home and Professional only.
Spybot Search & Destroy
-- Anti spyware scanner
Adaware SE Personal
-- Anti spyware scanner

Firewalls
Use both a hardware and software firewall.
Be advised as dual software firewalls may cause problems

ZoneAlarm Free
-- Free firewall - more user friendly
Sygate Personal
-- Free firewall - more configuration options

Removal tools
The following files are not substitutes for the ones described above.
They are either diagnostic tools or removal tools for malware of a certain kind

HijackThis
-- Manual malware remover. Post the HijackThis log generated only if requested!
McAfee Stinger
-- Virus removal tool. No substitute for a fully functional virus scanner!
CWshredder
-- CoolWebSearch removal tool. Widely known and persistant Hijacker.

Susan Home

#10
September 25, 2005, 03:58:01 PM
So does this mean that he can read anything that I type on my computer and therefore read my passords also? How would he get this on my computer? When he started this he didn't have access to my computer. I never noticed anything.

Raptor

#11
September 25, 2005, 04:14:51 PM
QuoteSo does this mean that he can read anything that I type on my computer and therefore read my passords also? How would he get this on my computer? When he started this he didn't have access to my computer. I never noticed anything.

One does not need physical access. He may have see you type your password or perhaps guessed it. (Some people seem to think that their pets names make good passwords..)

He may be connecting to your PC through remote desktop or something similiar. However, knowing your password is most likely the issue here.


This is the second time you have ignored the list I posted.

If you ignore it once more, I will retreat myself from your issue.

Susan Home

#12
September 25, 2005, 04:22:20 PM
Sorry. I didn't mean to ignore the list. I have since reading that,  changed my passwords again and am checking out the list to try to figure some of it out.

Raptor

#13
September 25, 2005, 04:27:56 PM
You will want to:

  • Install a virus scanner (AVG Free)
  • Install a Spyware scanner (Windows XP Antispyware is recommended)
  • install a firewall (ZoneAlarm is the most userfriendly)
  • to post a HijackThis log.

Susan Home

#14
September 25, 2005, 04:41:27 PM
Okay. Thanks. I am working on the list.


Logfile of HijackThis v1.99.1
Scan saved at 3:11:36 PM, on 9/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tp4mon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\bmmw\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.washington.edu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Patient Care Services IS
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free People Search Agent] C:\Documents and Settings\bmmw\Local Settings\Temporary Internet Files\Content.IE5\D0KVXDOP\FreePeopleSearchAgent_v1[1].exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.washington.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u.washington.edu,washington.edu,mcis.washington.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u.washington.edu,washington.edu,mcis.washington.edu
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

Print
Go Up Pages1 2 3 All
User actions