Friend's Computer being SPYd?

For all my years using computers, I'm ashamed to say I really know nothing about security. But my friend is having a problem, and it worries me because we share the same internet connection - every e-mail he sends from his computer gets sent to his ex-girlfiend's e-mail and also to some bitch friend of hers who then replies to him with snide comments like "oh, wouldn't Kim like to know about this?!!"

He has used different e-mail servers, changed his passwords, all to no avail. Recently, he claims to have had some photos in his "my pictures" folder go missing - as in wiped off the drive - nowhere to be found.

I have no answers for him. I would love to get to the bottom of this. My brother-in-law sent me here. He thinks someone sent him a "spy card." Can someone help?

 

Thank you! I will do all those things. I forgot to mention too, he's been complaining that something is "recording" evertything he types on his computer.

So there must be some kind of keylogger on his machine. Wow. OK, I can't believe I'm just learning about all this stuff. I will also run HijackThis and post it.

 

A keylogger wud explain things, but that is a lot of info for the spy to decipher!

How about a email password change?

 

He's tried that - several diffent e-mail accounts and password changes almost daily.

 

Here's an idea you might try to determine whether there is a resident keylogger or spyware on his machine. Get him to open a new email or webmail account. There are plenty of free ones. Tell him not to use his other accounts to send mail for awhile. See what happens??

If you have already tried this and his mail is still being redirected then it's a sure bet that the ex-girlfriend installed some resident spyware program before she became an ex. She may have been spying on his online activities from the start of their relationship. Jealousy has many faces.

Make a record of the steps you use to remove this problem and what it did before you started fixing it. It is a sure bet that what she may have done is a crime and he can take her to court.

 

He did try different Web mail accounts and changed his passwords regularly. He still had the problem - nothing he did made it stop. So from this we can tell that someone installed spyware on his machine.

I have now removed it with X-Cleaner.

The question is, how? Did it require someone having actual physical contact with the machine here in our house? Or could it have been done remotely? He says he never downloads attachments from anyone he communicates with online.

She has a friend who is computer literate. And it was this person who was also intercepting his e-mail and making snide responses to it. Maybe this person gave the girlfriend something to install while he wasn't at home? The ex most certainly had physical access to the computer.

 

Hey cmij

Did he check the back of his computer for any device added between keyboard and tower?

Was reading an article about a guy whose ex wife planted some device on back of his computer to log his keystrokes.

I have a programme installed on my box called SPYCOP.

Very good just for this type of thing. It already caught some keylogger thing on my box about 6 months ago.

Maybe your friend should look into SPYCOP.



Snowbound

 

or maybe the friend should call a real live cop and lay a complaint. That is a real nasty piece of work if something was physically done to your friend's computer by an ex for vengeful purposes.

 

I think I've gotten rif of the problem. X-Cleaner found some things and removed them. I downloaded and installed the Sygate Personal Firewall I use, ran a Trojan Horse killing program, it found nothing.

I'm going to run HijackThis and post it, but how does this sort of thing get installed in the first place? How does Spyware end up on someone's machine?

My friend says he never downloads attachments unless he knows what it is. Can it happen from Instant messaging? This hacker <snip> did send him a photo - could malicious code be embedded in there?

I've also read about programs that allow a remote user to control a person's machine. Could she be using that? Because I still don't know how the photos in his MY Documents folder got erased.

edited one word out to keep it clean - Detox

 

Hello again,

If you feel and want to press charges be sure to have an itemized accounting of everything, including times and dates, of what was done with the PC and the email, both by him and by her and her friend. Make it as complete as possible. If he has deleted everything to do with this then the best you can do is either trap them using this stuff again or clean the spywares all off. You can indeed still report this to your local police. Spywares used by an individual to spy on another individual may be equivalent to illegal wiretapping. It's a crime, in my humble opinion, but the laws in your area have precedence.

On the other hand if you find a physical device, as suggested above, then even if he deleted much of what happened in his email, he can describe what he experienced in his own words, and also have the logs of what spywares you found and removed. Then report it to the police. They will know, far better than us, what to do next.

Spywares can be embedded within other programs you download from the Internet. When you install these programs, the embedded spywares are also installed. Another way is for someone to hack into the computer while it's online. The third way is to have physical access to install a hidden program. This is my general understanding. I am not a computer expert but I do professional security and paralegal work.


Best regards

 

Just remembered,

Link to SPYCOP

Good Luck!