Someone has gained remote access to my PC

ufo550

Distinguished Member
Joined
Sep 20, 2014
Messages
4,774
Reaction score
2,558
Points
1,053
Location
Oxfordshire
We have two desktop PC's in our house, to which both are connected via Wi-Fi to the internet. My son has one, and he told me this evening that he noticed someone had control of his mouse, and was overtyping on his keyboard. Happened yesterday, and I've just found out.

Someone obviously had remote access to his PC, but he also used mine yesterday for a few minutes around the same time. I've rebooted my router as a starter. Before I do anything else, what can you guys advise. I've Nortons on my PC and he has a free virus security on his. He probably visits some web sites he shouldn't.

I've noticed nothing untoward on my PC.
 
It’s extremely unlikely that someone has “gained” access, they unfortunately will have been given it.

If I were supporting someone in this situation I would.

Isolate both pc’s from the network
Loan another pc, download a os image on bootable usb, boot one pc from the usb, format all associated drives.
Install the os from usb, setup separate user & admin accounts with secure passwords, install anti virus & do a full scan, update/patch the os, restore data from your backups, do a full av rescan including data drives.
Repeate for the other pc.
 
Yes I can understand he'd been fooled into giving access.

Thanks for your advice. Don't think I'm capable enough to do what your have suggested. Can this fraudster just carry on access our PC's when he or she wants?
 
Unfortunately who can tell.

We don’t know how long they’ve had access, we don’t know if they still do, we don’t know if they were a genuine gaming ‘friend’ playing a prank or a real threat, we don’t know if they installed any malicious software while they have/had access, etc, etc.

The list of maybe & possible impacts is quite long. The chance of your system being comprised in some way, should be lower that your sons obviously compromised & suspect system, the question is what is your appetite for risk?

What would be the worse case you can imagine should your system be compromised? Data loss vis ransomware, financial loss via compromised online banking, etc?

You’ve got multiple options here from do nothing & hope, to pay someone professionally to undertake the work.

Perhaps a mid ground is what I’ve suggested, none of the steps are really hard & there are numerous guides on YouTube you could follow, perhaps even getting your son involved, not a a punishment but a leaning exercise in both computing & impacts.

Also don’t forget to change all online passwords from a system that is known to be safe, this might be a good time to look at a password manager & also 2 factor authentication.

It’s also advisable to change your router admin username/password as well as the wifi ssid/password.
 
Rebooting the router is unlikely to have any impact on this sort of attack.

Safer as @captain morgan states to pull those PCs from the network.

Does your son have an account on your PC?

A lot of remote control software is legit and won’t raise any sort of alarm bells with Norton and the like, so it could be as simple as that rather than a hack but without investigation you can’t tell.
 
Rebooting the router is unlikely to have any impact on this sort of attack.

Safer as @captain morgan states to pull those PCs from the network.

Does your son have an account on your PC?

A lot of remote control software is legit and won’t raise any sort of alarm bells with Norton and the like, so it could be as simple as that rather than a hack but without investigation you can’t tell.
No he just used my PC, as his keyboard was faulty. He went on one web site to reply to something. Didn't see the particular access on my pc. He says he thinks the activity, was just on his account on that particular web site.
 
No he just used my PC, as his keyboard was faulty. He went on one web site to reply to something. Didn't see the particular access on my pc. He says he thinks the activity, was just on his account on that particular web site.
Unfortunately once they have access to a device & installed the malicious code it can operate behind the scenes.

The question remains are either computers compromised or not, only time will tell.
 
OP you need to check what programmes are installed and remove any remote management software like TeamViewer.

I would almost certainly remove the computers off the internet, back your data up to an external drive and do a complete windows reinstall.

Your child was probably conned into giving access to the PC and you cannot assume that they don’t have access to your PC.

Do not do online banking on either pc for now.

They might be idiot call scammers in India who can only just use a pc or they might be really good hackers who can pivot into different computers on the network and put a packet sniffer or key logger to capture personal information.

Either way, you have to stop using those computers until they are cleaned.
 
Yep you can list programs installed by date which is a little easier to determine if something unexpected has been recently installed. However backdoor installs won't normally show up in the official installed programs lists.
 

The latest video from AVForums

Is 4K Blu-ray Worth It?
Subscribe to our YouTube channel
Back
Top Bottom