A lot of gibberish (to me) and apparently a message from me (using my Microsoft online ID)to someone with a Portuguese or Spanish surname with one of my passwords communicated in the chat... with a time log when I was not even at my computer.

I fear I've been hacked. I've logged off, changed my MS online password... and then started to look around my money accounts (bank, Venmo, etc.) and nothing seems out-of-sorts... so far.

My niece used my computer this afternoon... but she would not have known any of my passwords.

Questions:

1) Besides changing all my passwords, what should I do?

2) If someone had remote control of my computer... what should I look for? I do online banking... but use a different password than what was listed on the logmein chat box.

I personally would back up anything you want to keep and nuke it and re-install windows.

But at the very least, remove the LogMeIn program.

By "nuke" you mean wipe the hard drive?

I'm no expert, but if you have another way to access the internet, then disconnect this computer from the internet entirely. I'd keep it this way until things are resolved.

Yes, some seem to think it's overkill. But a fresh install of Windows is a nice thing to do periodically.

I hope you didn't start logging into your banking accounts from a computer you thought might be compromised...

I would also disconnect your backup hard drive from the computer until you get it cleaned up.

quote:

Originally posted by Aeteocles:
I hope you didn't start logging into your banking accounts from a computer you thought might be compromised...

This ^^^^^

quote:

Originally posted by Skull Leader:
Yes, some seem to think it's overkill. But a fresh install of Windows is a nice thing to do periodically.

I don't think it's overkill. Nuke it from orbit.
It's the only way to be sure...

Did your niece access Logmein? She may not know your passwords, but your computer does.

flashguy

quote:

Originally posted by mttaylor1066:
My niece used my computer this afternoon... but she would not have known any of my passwords.

Did she have her own login on the computer, without Administrator privileges? Or did she use the same login you do, and you do have Administrator privileges? Worse: Have you done as many MS-Windows users do and turned User Access Control (UAC) way down or completely off because the "Do you want to grant permission to do this?" pop-ups became "annoying?"

quote:

Originally posted by Skull Leader:
Yes, some seem to think it's overkill.

Not if the computer has been 0wn3d, it's not. In fact it's the Only Way To Be Sure.

And even then: To be completely sure you have to scan any files you plan to restore before you restore them after the fresh re-install.

quote:

Originally posted by Skull Leader:
But a fresh install of Windows is a nice thing to do periodically.

Never in my twenty-five years of administering MS-Windows PCs as part of my job did I ever once re-install MS-Windows on any machine "just because." It got re-installed when it needed to be re-installed--which wasn't often.

quote:

Originally posted by OKCGene:
I'm no expert, but if you have another way to access the internet, then disconnect this computer from the internet entirely. I'd keep it this way until things are resolved.

This.

quote:

Originally posted by Skull Leader:
Yes, some seem to think it's overkill. But a fresh install of Windows is a nice thing to do periodically.

And then this.

quote:

Originally posted by ensigmatic:
In fact it's the Only Way To Be Sure.

Because this.

LogMeIn and TeamViewer are evil programs. I'm sure there's scenarios where they're necessary, but I feel pretty comfortable saying that pretty much nobody should have these on their machine unless they're a freaking uber-hacker.

I checked money accounts from my phone. Checked them again this morning and no activity. No recent charges on any of my credit or debit cards. Changed passwords on some of those accounts from my tablet and phone. Will likely change all my passwords now.

Turned off Wi-fi to that computer. It's my personal computer, not my work computer. However, I do my online banking on that computer.

I don't ever save money account passwords on any computer, I write them down in a small book.

The niece hadn't used that computer until yesterday... she was learning to play chess from lichess.org. She also looked at youtube videos about LOL dolls. She is 7 yo.

I deleted the only app/ program that was listed as logmein.

If I was hacked and the cretin recovered one password... what would he/she do next?

Do you have a cat?

I'm firmly in the re-install Windows camp. In fact, if it is not a work computer, depending on where you're at with this thing (age/refresh cycle) maybe this is a good opportunity to just buy a new computer? It's a clean break if it's a little long in the tooth.

If you do get a new computer, perhaps consider a Mac. While I fully agree that a Windows computer can be made and kept secure with some expertise and interventions, most owners don't take those actions. I also agree that a Mac can be made insecure with some expertise and interventions, but most owners don't take those actions either.

Either way, get your 7 year old niece an iPad to use (or a separate user account as described) when she visits.

I had a diff scenario, but a hacker did get control of the personal computer I regularly use.

As part of the cleanup, I spent a hour on line w a Norton's tech doing their highest level of analysis. He assured me everything was then ok.

Two days later, I said screw it. Bought a new computer.

One trick that has saved me a lot is to routinely log in as a user, not administrator. Gets somewhat inconvenient from time to time,. but adds a lot of protection.

quote:

Originally posted by r0gue:
While I fully agree that a Windows computer can be made and kept secure with some expertise and interventions, ...

Well... yes and no.

Whether OS X is any more or less secure, by nature, than MS-Windows is arguable, but what is true MS-Windows is a much bigger target.

quote:

Originally posted by r0gue:
... most [MS-Windows] owners don't take those actions.

One of those actions being separate user accounts for every user, particularly 7-year-olds. I bet most Mac users don't do that, either.

Just as you should never use the same login credentials on multiple on-line accounts, you should never, ever share one computer login with several people.

quote:

Originally posted by r0gue:
I also agree that a Mac can be made insecure with some expertise and interventions, but most owners don't take those actions either.

I have no recent experience with Mac OS X, but, from what I recall, as with any other Unix-derivative, you could not override the mechanism that prevented Admin-level access w/o explicit permission. MS-Windows, last I knew, still allowed you to disable User Access Control.

Both OS' have Administrator/root login disabled by default. (As of MS-Win 7 for MS-Windows. I believe that was always the default for OS X.)

Turn off MS-Windows' UAC and allow all users to use a single account with Admin privileges and you might as well be using MS-Windows 95. Doing that defeats one of the greatest advances in MS-Windows security they ever implemented.

All the anti-virus/-malware tools and constant updates in the world will not save one from poor practices.

One additional thing, you may want to turn on two-factor authentication with your banks. I think USAA at least has made this mandatory with no opt-out allowed. When logging in, they text a secret to a cell phone associated with the account, this secret has to be entered for the login to proceed. So an attacker would have to compromise both devices to actually steal money.

I personally reinstall windows periodically just because it cleans things up. I have everything stored on a separate drive and if I ever suspected anything I'd nuke the computer, run check on that drive from wife's computer then add files back.

Your computer became self aware at 09:05 PM July 24, 2020. It's knowledge growth will be exponential.

A storm is coming.