Ive been hacked!!

[MrNeeds2kno]

I think my nephews downloaded something on a torrent site. After they were finished playing COD on my pc that is running Windows 10. A message screen popped up asking me how my pirating life was. I didn't know what to think. I thought it was just a pop up. I turned off my pc and then turned it back on. Once back on. The same message screen came up saying that's not gonna help. I ignored it for a minute and noticed the blue lights on my camera turned on. I grabbed my camera and put it down. The message board then came up and said, Aww don't move your camera. Whomever this person then messaged me I want your money and continued to say or I will destroy you and I know where you live. I since then have deleted all files through formatting my drives and have left the "C" drive untouched. This thourougly pisses me off. After about 4 minutes this person opened PayPal on my pc and messaged me you take care of the rest and you know what to do. I need assistance in just getting rid of the file that let this person in my computer. I have since spoken to my nephews and they were downloading torrents for far cry primal. Again, I have formatted all my drives except for the C drive and hope Some body can point me in the right direction. Please help me out. Any info leading to me having this person stop harassing me and potentially my $$$ and my life. Thank for everything. This community is the best.

 

[Wolfshadw]

Contact the police.

-Wolf sends

 

[Outlander_04]

Do you have an antivirus installed?

If not then AVAST is free and will perform a boot scan which usually fixes problems

 

[basroil]

I second Woldshadw's idea. Take that C drive to the cops and have them help. Make sure to point out the fact that threats of violence were used, that will normally get things to move faster.

In the mean time, change ALL your passwords, starting with your email passwords and then any websites you normally use. Next time you install a computer OS, make sure it's on a different disk (completely new one) and use a stong 12 character+ password that nobody but you knows, and then make a second normal use account. Throw some strong AV software like norton internet security on top.

Also, have a nice, long discussion with the kid's parents and demand they compensate you for any damage due to their kid's misuse of your computer. While you are at fault for allowing unsupervised use of the computer by a minor, the easiest way to educate the kids is to let them deal with the consequences.

 

[jonathan1683]

Depends on how much you want to invest in it. I would just format the drive and report it to paypal. Most likely he will be from another country and it wont matter. Once someone has root access to your PC you would have to be a security expert to wipe it clean without formatting it. Hackers can install undetectable rootkits this isnt some random virus bugging you he likely has multiple back doors on your PC.

 

[basroil]

Do NOT format the drive now. Just buy a new one. That old drive will be necessary if you want to file a report with the police office in your district, which is a must. Without that report, you may be liable for any and all abuses of your online accounts, including credit cards, paypal, and banking.

 

[Josh_70]

I had ransomware once, took laptop, downloaded TDSSKiller. and followed the instructions. Bye Bye Rootkit on my PC.and no more hacker access. now I will provide you with this but the only one I have used is TDSSKiller, so the rest are on your own risk.
This is a link to 112 rootkit removal tools http:// good luck my friend.

 

[simonchipmunk]

I agree that you should remove that hard drive as it is evidence, notify PayPal, your credit6 card company and your bank, and whomever else you do business with(ie pay with credit card) about your situation, and notify the FBI. Go ahead and notify the local police but i think they will refer you to the FBI. NEVER NEVER, LET YOUR KIDS AND/OR THEIR FRIENDS MESS WITH YOUR COMPUTER!!!!

 

[Cody_Cable]

You're infected with a RAT (Remote Access Trojan). The 100% sure way of getting rid of the RAT is to wipe your Hard Drive with a program like DBAN (Darin's Boot and Nuke) or Active Kill Disk. If I were you, I'd call Paypal to make sure that nothing compromised your account, report the incident to the police, buy a new Hard Drive to install Windows on and if the police want to keep it for evidence and decide to give it back to you later then, wipe it and keep it as a spare or a backup drive.

https://technet.microsoft.com/en-us/library/dd632947.aspx

http://searchsecurity.techtarget.com/definition/RAT-remote-access-Trojan

 

[castl3bravo]

There were a few answers given here but not enough of them. If you have a RAT then you're truly screwed and need to stop using that hard drive. Either reformat the drive or get another hard drive to keep that one as evidence for an investigation if any financial accounts were compromised. If there is a RAT then you might refresh or upgrade the BIOS on the motherboard, before reinstalling, to be extra cautious.

If this is more than a system used for gaming then do you have a disaster recovery plan, i.e. Backups? Due to concerns around Ransomware I'd be looking into a backup service that allows for incremental backups. That way if there is Ransomware you won't have to worry if you've backed up encrypted file that need a key since you can go back to a prior backup.

Avast as previously mentioned is a nice tool you should be running if you don't have a/v on your system. You can turn it off while you game if there is a performance issue with a/v.

Since this looks like a RAT then you need to take action now with your tablet or install on a new hard drive. Get a password manager like KeePassX (it's free and works with Dropbox) and change all your passwords now. Make sure they're all different from eachother. If you have a RAT on you computer then chances are it has a keylogger on it too so you must change all your online passwords now. ESPECIALLY if you've used the same password on multiple sites. Don't assume assume you're safe if they only saw you login on one site that you don't care about. There are crack tools that let criminals use your credentials on all the websites they want access to.

If possible use a tablet or MacBook or Linux for your online transactions (KeePassX works on most all platforms). Windows has had way too many bad guys coming after it for years. Why risk it?

 

[Cody_Cable]

There were a few answers given here but not enough of them. If you have a RAT then you're truly screwed and need to stop using that hard drive. Either reformat the drive or get another hard drive to keep that one as evidence for an investigation if any financial accounts were compromised. If there is a RAT then you might refresh or upgrade the BIOS on the motherboard, before reinstalling, to be extra cautious.

Why would he need to upgrade the BIOS? A BIOS upgrade does NOTHING, when dealing with RATs.

 

[alsmith]

Placebo effect?

 

[Rexer]

Hello.
The Hijacker's obviously got a host of your information so you'd want to call your bank, credit card companies and accounts like Amazon which you do online business, report/cancel them and any recent unknown transactions. They may have you contact the FBI. This is a form of extortion. It may be from a foreign country and you should unplug your rig from the internet, remove your important information off the computer to a flash drive and like Cody_Cable said, get DEBAN (Darin's Boot and Nuke) and wipeout the hard drive. You'll need to download Boot and Nuke on a separate computer and flash drive. In fact, you'll need a couple of flash drives for additional use.
Once you removed your important information to a flashdrive, you'll need to scan it on the separate computer to remove the Hijacker's signature. I'd first use Avast! then an antispyware remover and malware remover. Use 'Rouge Killer', TDSSKiller and Malwarebytes later. All are free to use. Spybot, too. Here's the address for Spybot.

https://www.safer-networking.org/dl/

I've used several anti-virus, anti- spyware and anti malware programs (scans) when I worked at the shop several years ago. The ones I've had success with are Avast!, Spybot, Super AnitSpyware, Malwarebytes and Rouge killer. Each has a specific job, I'd use Combo Fix but it doesn't work with Window 10.
The first thing I'd do is get Avast! Free. Get the free program. Download Avast! Free and load it on the separate computer. Remember to use 'Scan All Drives'. You don't want it reoccurring on the another computer.

https://www.avast.com/en-us/lp-ppc-win-01c?device=c&gclid=COSri6HqyssCFZOCfgod8nsOjg

Don't get 'Avast! Free' anywhere else because the host web companies (like download cnet.com) want you to download other programs with 'Avast! Free' you don't need.

1)On the separate computer, go to MajorGeeks. com for advice (to top of page, Support Forum> Malware Removal>Read Me Run Me First) to get instructions on removing malicious software. They will also have instructions on downloading 'free to use' scans and programs.

http://www.majorgeeks.com/

1) If you want to try and save your computer without a total wipe out, put the antivirus tools on a flash drive and load it to the infected computer.
2) Disconnect the internet connection (RJ45) off the infected computer (you don't want the Randsomware to infect your network).
3) Run Avast! first. Use scan for viruses>(drop down) boot scan in Avast ! >set scan settings on 'high' and run it. It will tell you it needs to restart your computer and will run on restart (will run automatically in DOS program black screen). let it run. Doing this will allow it to scan for viruses without booting to Windows. It will stop and give you instructions when it finds a virus. Remove it (delete it and if possible, click 'delete all'). You may see more than a few. When it finishes, it will restart Windows. Before plugging it back into the network, reset your router and modem. Lol. It puts to rest a whole lot of advice dealing with the superstition of hidden viruses.
4) then DO the rest of the Malware Removal Guide from Major Geeks.

Hope this helps.

 

[Rexer]

I had ransomware once, took laptop, downloaded TDSSKiller. and followed the instructions. Bye Bye Rootkit on my PC.and no more hacker access. now I will provide you with this but the only one I have used is TDSSKiller, so the rest are on your own risk.
This is a link to 112 rootkit removal tools http:// good luck my friend.

This is a good tool. I generally use it with other scans I run separately. A more complex tool that works good is Rogue Killer.

http://www.bleepingcomputer.com/download/roguekiller/

http://www.majorgeeks.com/

This site and MajorGeeks.com have dedicated Support Forums on malware removal. TDSSKiller is one of their favorites. However, it doesn't get rid of all the trojans, malicious software and spyware. It only works on selected rootkit types.

 

[castl3bravo]

There were a few answers given here but not enough of them. If you have a RAT then you're truly screwed and need to stop using that hard drive. Either reformat the drive or get another hard drive to keep that one as evidence for an investigation if any financial accounts were compromised. If there is a RAT then you might refresh or upgrade the BIOS on the motherboard, before reinstalling, to be extra cautious.

Why would he need to upgrade the BIOS? A BIOS upgrade does NOTHING, when dealing with RATs.

I'm not suggesting they're related. There are hacks that change the BIOS as well, but they're really rare. Having someone use a RAT isn't normal script kiddie activity.

 

[nirrtix]

Take out he harddrives.... report it tot he police with the harddrives. You may have to admit to the torrents...

Then put in a new harddrive and install security as well as a firewall and but VPN services.

Id this is not a laptop do not use a webcam... I have desktop and unless something I do requires it I would never use a webcam... I will stick to mics at most... even those are hackable...

As another said they are more than likly in another country, but report the HARDDRIVE INTACT AND WITH ALL FILES ON IT for EVIDENCE.