Questions

Answer for:

How To Get Rid Of A Hacker??

Message 10 of 28

View entire thread
+
0 Votes
Mike Bird

DG:

The entry I produced above is a handout I have for staff in my own office if they ask questions about Home/Personal PC security.

If you believe your "hacker" is following you based on your IP number then the simple thing is to change your external IP address.

1) Go to www.whatismyipaddress.com
note the IP Address number it gives you in the upper right corner of the page.
its in fairly large blue text so you can't miss it.

2) Power down your computer
3) Power down your ROUTER

4) GO TO WORK.

Now, the way that most ISPs work is that they randomly assign an IP number when a Router connects to the internet and validates itself against their service. If you switch your router off, and leave it for a while, then another PC will likely get the IP number you had, and your router when you switch it back on later will get a new number.

5) Return from work
6) Switch on Router and give it 5 minutes (reasonable time to boot up and connect).
7) Switch on your PC and login, check the same page.

If the IP number is different then see if your "friend" is still following you.
If the IP number is the same then either your ISP has setup a FIXED IP NUMBER on your router configuration - OR - they have a longer timeout factor on the allocation (it takes longer for the number to be moved from your "switched off" router to the "ready to reallocate" table.)

Either try switching it off for a whole 24 hours or speak with your ISP and ask them how the router is assigned IP (DHCP or STATIC) and if DHCP then what the TIMEOUT is on DHCP allocation.

However I don't really consider this to be a plausible diagnosis. More likely you're infected with something that is logging your keyboard activity and its relaying this back to someone else. From the sound of things, they're being pretty aggressive (and stupid) in following you this closely.

I am slighly confused by your description of seeing (1) in the "marquee", and your assertion that this is a second computer accessing the same site with your login details. Perhaps you could screencap an example to me? (follow the entry for my profile and use the "send contact a private mesage").

With due respect to Alpha_Dog, i'd personally stay away from COMBOFIX (and any automated diagnosis/fix tool) unless you are quite competent. It doesn't fix every problem and I am always wary of any tool that plays with the registry.

However the information on the BLEEPINGCOMPUTER.COM website is of course a valuable resource for all provided you take the time to read and understand the resource.