Go Back   Hardware Canucks > SOFTWARE > Networking

    
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old June 13, 2018, 03:13 PM
Top Prospect
 
Join Date: Jan 2009
Posts: 125
Default Got a Hacker problem.

Got a hacker getting into my computer via the Internet. No Virus/Malware and OS reinstalled 2x. Win 10 Home x64. When Microsoft was remotely repairing damage done by hacker, hacker actually replied to a question from the tech by typing OK in the Chat Box.

Tried to re-install Windows a couple times with only the SSD and Opticals and deleting all partitions on drive using Windows Install.

Also concerned that one of these partitions (https://imgur.com/nxCIQaj) was created by the hacker.

In the last 2 days 2 files were downloaded onto my computer and one of the files suggest the hacker is an ex-family member or at least associated.

Any ideas of blocking this person would be much appreciated.

Last edited by Gonzo; June 15, 2018 at 05:17 AM. Reason: More Info
Reply With Quote
  #2 (permalink)  
Old June 13, 2018, 03:29 PM
sswilson's Avatar
Moderator
F@H
 
Join Date: Dec 2006
Location: Moncton NB
Posts: 17,412

My System Specs

Default

Quote:
Originally Posted by Gonzo View Post
Got a hacker getting into my computer via the Internet. No Virus/Malware and OS reinstalled 2x. Win 10 Home x64. When Microsoft was remotely repairing damage done by hacker, hacker actually replied to a question from the tech by typing OK in the Chat Box.

Also concerned that one of these partitions (https://imgur.com/nxCIQaj) was created by the hacker.

In the last 2 days 2 files were downloaded onto my computer and one of the files suggest the hacker is an ex-family member or at least associated.

Any ideas of blocking this person would be much appreciated.
How exactly did this come about? How did you convince Microsoft to do remote maintenance on your PC?

What browser are you using? Have you completely uninstalled that browser / tried a different one?

Aside from that... the only thing I can suggest is to try a completely fresh install on a different HDD (with all current storage devices disconnected/removed). If you do have a nasty that isn't showing up in AV software, restoring a previously saved image might very well be restoring something that's already infected.

That said.... this really sounds suspicious. Most cases like this aren't hacks.
__________________
ASUS ROG Strix Z370-G Gaming (WiFi AC) / i7 8700K / 2X 8G XPG Spectrix D40 (3000) / XFX XTR 750 / ASUS Strix GTX 1070ti
AZZA Titan 240 / Custom WC / Intel 730 Series 480GB SSD / Intel 760p 512GB NVMe / Seagate Barracuda 1TB / ASUS SWIFT PG279Q

Asrock AM1H-ITX / AM1 Athlon 5350 / 1X4G Gskill PC3-14900 / Intel 6235 Wi-Fi / 90W Targus Power Brick / Uncased 256GB Sandisk Z400S SSD / Mini-Box M350 / 24" Westinghouse L2410NM
Reply With Quote
  #3 (permalink)  
Old June 13, 2018, 03:29 PM
Shadowmeph's Avatar
Hall Of Fame
F@H
 
Join Date: Oct 2007
Posts: 3,847

My System Specs

Default

How do you know that it is actually Microsoft accessing you remotely? I know that there are people out there claiming to be from Microsoft asking access to there PCs and one of my mothers friends let them then she was hacked and latter locked out of her PC . Microsoft will never call you and say that you are hacked and that they need access to your PC or internet .

the only ways that I know of that a hacker can access files is either you letting them remotely in or you download a file that my opens you up to being access that file might not be know yet as a hack . as for blocking then set up your router better only have your personal things able to access your Internet like you cell phone tablet PC laptop and nothing else I use my mac address 's on my router also have it set up that no more then 3 things can access my Internet
Reply With Quote
  #4 (permalink)  
Old June 13, 2018, 03:31 PM
Sagath's Avatar
Moderator
F@H
 
Join Date: Feb 2009
Location: Edmonton, AB
Posts: 3,551

My System Specs

Default

We need way more information, but what you're saying is (nearly) impossible on modern OS's without virus or malware. Even more so after a full clean format on your hard disk. From what you're describing ("When microsoft was remotely repairing"...) you've been phished and/or social hacked. Microsoft doesnt 'remotely repair' anything.

I'd recommend popping in your Windows media, deleting all partitions, then create/install windows.
__________________
My Disclaimer to any advice or comment I make;
Quote:
Originally Posted by CroSsFiRe2009 View Post
I'm a self certified whizbang repair technician with 20 years of professional bullshit so I don't know what I'm talking about
Reply With Quote
  #5 (permalink)  
Old June 13, 2018, 03:34 PM
Cannon Fodder's Avatar
MVP
 
Join Date: May 2010
Location: Mission, BC
Posts: 250
Default

Quote:
Originally Posted by Gonzo View Post
When Microsoft was remotely repairing damage done by hacker, hacker actually replied to a question from the tech by typing OK in the Chat Box.

Uhm, I think you must've received one of those phone calls, "this is Microsoft, and we've detected some problems with your Windows OS & we need to fix it"...... does MS actually "remotely repair damage done by hackers"? To me, it SOUNDS as though this is one of those scam phone calls, and you fell for it.....


As sswilson suggested, a fresh install of Windows, maybe with a complete format of the drive in question, and it'd probably be a good idea to NOT be connected to the net while doing it.
Reply With Quote
  #6 (permalink)  
Old June 13, 2018, 04:13 PM
enaberif's Avatar
Hall Of Fame
 
Join Date: Dec 2006
Location: Calgahree, AB
Posts: 11,128
Default

Quote:
Originally Posted by Gonzo View Post
Got a hacker getting into my computer via the Internet. No Virus/Malware and OS reinstalled 2x. Win 10 Home x64. When Microsoft was remotely repairing damage done by hacker, hacker actually replied to a question from the tech by typing OK in the Chat Box.

Also concerned that one of these partitions (https://imgur.com/nxCIQaj) was created by the hacker.

In the last 2 days 2 files were downloaded onto my computer and one of the files suggest the hacker is an ex-family member or at least associated.

Any ideas of blocking this person would be much appreciated.
You fell for MS Representative call. Your going to need to put that drive into another machine and do a full scan and sweep. If something is in the MBR a format will not fix it.
Reply With Quote
  #7 (permalink)  
Old June 13, 2018, 04:36 PM
Caldezar's Avatar
Hall Of Fame
F@H
 
Join Date: Aug 2008
Location: Langley, BC
Posts: 2,177

My System Specs

Default

And if you WERE victimized by the Microsoft scam, and you gave them your credit card info, I would immediately report that to your card issuer, have them reverse the payment and issue you a new card. Then, as mentioned, completely erase and delete all partitions and start a fresh install from new. Then change all your online passwords or any password you may have used to access ANYTHING since this first occurred.
Reply With Quote
  #8 (permalink)  
Old June 13, 2018, 07:32 PM
Sagath's Avatar
Moderator
F@H
 
Join Date: Feb 2009
Location: Edmonton, AB
Posts: 3,551

My System Specs

Default

Quote:
Originally Posted by enaberif View Post
You fell for MS Representative call. Your going to need to put that drive into another machine and do a full scan and sweep. If something is in the MBR a format will not fix it.
Deleting all the partitions, including the MBR absolutely will work. The drive is salvageable.
__________________
My Disclaimer to any advice or comment I make;
Quote:
Originally Posted by CroSsFiRe2009 View Post
I'm a self certified whizbang repair technician with 20 years of professional bullshit so I don't know what I'm talking about
Reply With Quote
  #9 (permalink)  
Old June 13, 2018, 09:02 PM
enaberif's Avatar
Hall Of Fame
 
Join Date: Dec 2006
Location: Calgahree, AB
Posts: 11,128
Default

Quote:
Originally Posted by Sagath View Post
Deleting all the partitions, including the MBR absolutely will work. The drive is salvageable.
Formatting doesn't delete partitions... you need to do that manually.
Reply With Quote
  #10 (permalink)  
Old June 14, 2018, 06:58 AM
Mr. Friendly's Avatar
Hall Of Fame
 
Join Date: Nov 2007
Location: British Columbia
Posts: 1,163

My System Specs

Default

a partition bullet would also prove quite effective in fixing the issue too. of course, there is the consequence of rendering it useless, but hey, ce la vie.

Vortex and I disabled many a HDD with my steel core 7.62x39 when we first started working together 10 years ago.
Reply With Quote
Reply


Thread Tools
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacker on HWC BF3 server Delavan Gaming 9 January 24, 2012 07:39 AM
Hacker Group Anonymous Vows To Destroy Facebook On November 5 headsh0t Off Topic 33 November 17, 2011 01:16 PM
My 7 years old son is a hacker MarkOne Off Topic 44 March 27, 2010 09:09 PM
Hacker Spaces Chilly Off Topic 2 May 24, 2009 08:34 AM
Alleged Carleton hacker faces criminal charges jay51 Off Topic 5 September 13, 2008 10:43 AM