remote access/without permission - Tech Support Forums

Jesika · October 12th, 2004, 04:27 PM

A neighbor/ friend of my husband's owns a computor repair business and worked on my computor a few weeks ago. It started acting wierd so I checked all the stuff in the control panel and found that he had set exceptions in my firewall program to allow file sharing and remote assistance. I changed everything back to default and removed the exceptions. There were other changes as well, a network I didn't recognize and a personal web server. I think this guy has been accessing my computor. I have little more than novice knowledge and am not sure what to do next....I ran a port scan test at dslreports.com to be sure there were no longer any open ports. I wonder if I can trace this activity. Any suggestions?

~Jesika

The_Shooter · October 12th, 2004, 05:06 PM

Hopefully there is some logs within your firewall or the webserver. Try looking for those. If you find that, retrieve the IP that was used and trace it. If it is indeed the guy who repaired your computer, then I would put a lawsuit against him. If I am right, it is completly illegal to install 'backdoors' onto someones computer without their concent. There is no reason someone should have access to your computer.

Jesika · October 13th, 2004, 06:25 PM

Thanks Shooter :-) for the advice !

The McAfee firewall I recently installed (2 days ago) has kept a log of activity, so I have some IP addresses. However it's not clear to me yet how to uncover the actual source of the pings and attempts at unsolicited access to my computor, from these IP's. A lot of them were AOL IP's - so I emailed AOl at abuse@aol.net to inquire as to the activity from these IP addresses. Here's the list I sent them:

ACC43111.jpt.aol.com - 172.196.49.17
ACC416A4.jpt.aol.com - 172.196.22.164
172.145.182.89
172.178.126.229
172.196.54.131
172.196.56.88
172.195.59.12
172.196.186.117
172.196.226.165
172.198.197.93
172.198.214.82

Like I said earlier, I think I know who's doing this, but I'd like to be able to prove it. The guy owns a business that sells Altigen internet phone systems to businesses. He has mega access to the web is my quess. I closed all the connections and ports on Monday morning and the above AOL IP addresses attempted access repeatedly since then, recorded on the McAfee firewall. I think this person was looking for the ports he had left open on my computor when he "fixed" it. He is the one who set up my Windows firewall to allow exceptions, so I know he has something to do with this.

~Jesika :-)

**EvilRick** · October 13th, 2004, 09:58 PM

Threaten him with legal recourse. Call your local police department and tell them the story. Maybe you're not the first he's done this to. You need to contact your ISP as well to let them know what's going on. They should take some sort of action as well.

DO NOT let that fool back in contact with your PC either.

Jesika · October 13th, 2004, 11:51 PM

I'll never fall for that again - no more "friends" fixing my PC !!

This guy's a neighbor in the same building so I see him everyday, plus he's been a friend of my husband's for 15 years. Thus, I thought him trustworthy. I ran into him this afternoon and asked why he set the exceptions in my firewall for remote transmission & file sharing ? He stumbled around a lot, said maybe he was tired, maybe it was a default setting and came that way, maybe a hacker got into my computor & reset my firewall, etc. Then he talked about how he repairs security issues on business computers all day every day in his business and has to use remote assistance to fix his clients security problems.

Could be like a peeping tom problem.