I have a classmate who borrowed my computer at school one day. He is really
talented when it comes to computers and I am not. He did something to my computer that allows him to access my webcam from his computer. I have no idea how he did that, but when I use the computer, I can suddenly see the light indicating that my webcam is running and he can watch me. Itās creepy and I donāt know how to undo what he did. My question to you is how can I remove his access to my webcam?
Youāre right. It is creepy.
And depending on where you live, it might actually be an illegal form of
harassment or even assault.
If this person is really your friend, you would ask him to remove it, he
would, and youād believe him when he told you that there was nothing left of his
handiwork on your machine.
But because youāve come to me instead, I can only assume at least one or more of
those conditions is not true.
]]>
Get a better friend
Unfortunately, all of the techniques to get rid of what amounts to spyware are fairly technical in nature. If you donāt feel knowledgeable enough to handle those kinds of things, then the solution boils down to a completely a different approach.
Find someone you trust ā completely ā and who is technical enough to be able to handle situations like this.
Unfortunately, itās very difficult to know exactly who to trust. Trust the wrong person and you could end up with even more malicious software on your computer than you started with.
And I can tell you from all of the questions that I get on Ask Leo!, itās extremely common for friends who you might trust today to turn out to be exceptionally untrustworthy tomorrow.
But I do suggest this first because for many people, itās often the only practical approach.
Just donāt trust too quickly or easily, OK?
Get professional help
Another approach would be to take your computer into a computer shop or a repair shop and see if they have a service or recommendation for a service that would clean this up for you.
Obviously, this will most likely cost money.
Not so obviously is that the approach that they take might well be significantly more severe than you might think.
And yet, itās really the only option thatās guaranteed to work completely.
Backup, reformat, and reinstall
Hereās the problem: You donāt know what your classmate did.
More completely, you donāt know what else your classmate may have done.
Sure, he installed something that apparently controls your webcam and allows him to look in on you. But he could have done much, much more.
He could have installed other spyware or malware thatās not nearly as easy to notice.
Unfortunately, once your machine has been compromised, thereās no way to ever guarantee that all of the malware has been removed by the various tools and techniques that might be employed.
None.
Short of erasing everything and starting over, that is.
So, the safest approach is to backup your entire system and then reformat the hard disk, erasing everything on it. Then, youāll reinstall Windows and all of your applications and restore your data from that backup.
Now, you can see why itās critical to never, ever loan your computer to someone who you donāt completely trust.
Do-it-yourself
Most people find the steps that Iāve listed so far unacceptable. Perhaps they have no technically savvy friends that they would trust to this degree. Perhaps they canāt afford professional help. Or perhaps they donāt have the time, resources, or ability to do a complete reformat and reinstall.
They just want to know what programs to run to get rid of whatever it is.
Even though after running those programs, thereās still no guarantee that there still isnāt malware on the machine.
Fine. Hereās what Iād do:
-
First, put a piece of masking or electrical tape over the webcam, blocking its ability to see anything. That portion of your privacy, at least, is instantly restored.
-
Iād seriously consider uninstalling the webcam completely. If itās part of your laptop, Iād uninstall its drivers. The result is that thereās no webcam for him to control remotely. Yes, that means you canāt use the webcam either; thatās the price that youād pay.
-
I would follow all of the steps outlined in How do I recover from a bad virus infection?
-
If you end up not reformatting and reinstalling, Iād probably also add scans by Spybot Search & Destroy (free) and perhaps Ad-Aware Free anti-spyware tools as well.
The lesson to learn
The single biggest lesson to learn here is to never loan your computer to someone you donāt completely trust.
As Iāve often said, āIf itās not physically secure, itās not secure.ā Anyone who has physical access to your computer can, if they know what theyāre doing, access all your data, compromise your online accounts, and install malicious software on your computer.
All without your knowing about it until itās too late.
Iād add Malwarebytes to that list from this link.
http://majorgeeks.com/download.php?det=5756
I like it because it is updated often, like several times a day, so the odds are that it has the definitions of whatever you are fighting.
Everything more is getting into serious geek territory.
Love the electrical tape suggestion as a quick fixā¦duct tape and hammer can fix anythingā¦LOL.
Seriously, if sheās not going to do a complete reformat of the HD and new install of the OS then I would add TDSSKiller and HitMan Pro to the list of scanners to run.
Also a freeware piece called Revo Uninstaller will go through all the hoops and uninstall anything related to your web cam (even in the registry). It works great for just such a case. Itās not the cure all though.
Under āget professional helpā, you state āObviously this will most likely cost money.ā
My wife has been doing such cleanups for clients for years, and she charges $185 for her services. (And most people are happy to pay it.) Of course, unlike those ābig boxā stores, she does everything she can to clean the system and save the data, leaving the wipe/reinstall as a last resort.
Take that into account, along with āan ounce of prevention is worth a pound of cureā.
If you have Internet Explorer (or other browser) setup to remember your userids and passwords, Iād also make sure you immediately change the password on all your email and other on-line accounts as your āfriendā probably has access to them as wellā¦
First, a word about this āfriendā: He could be a malignant narcissist who has sociopathic tendencies. For that reason, I suggest that this person make no contact with him ever again. Unfortunately, he will probably do very well in life and become a powerful figure in business or politics.
A hacker whom Iād met online had installed spyware on my computer by way of infected attachments and hyperlinks that were attached to, or embedded in, emails that the hacker had sent me. Soon after Iād realized that the person had hacked my computer, I took my computer to a professional computer technician. The technician āremovedā malware and spyware from my computer, but I subsequently realized that the hacker was still spying on my computer. I think this suggests that a hacker can get back into your computer fairly easily if all you do is āremoveā his/her spyware. As a result, Iād transferred my personal files ā that is, documents, photos, and music files, which are probably still infected ā to my other computer, which I suspect is still infected by the hackerās spyware but which is never, nor ever again will be, connected to the internet. I keep those files off my internet-accessible computer. Then, I learned how to flatten the hard drive registry ā deleted both or all three partitions; I forget exactly how many ā and rebuild my computer. To date, I have not found evidence that the hacker is still spying on my computer. I loaded the OS (20 minutes) from the original disc; my software programs (an hour) from the original discs and manufacturerās websites; and all of the Windows Updates (around 20 hours!). Iām training myself to open emails only from people and sources whom I know or do business with; to scan all email attachments before opening them; and pasting hyperlinks in browser windows. Finally, Iād changed ALL of my passwords, security questions and answers, and when possible, my usernames. The last point is important: If you change your passwords and other information BEFORE youāve flattened and rebuilt your computer hard drive, the hacker will just get your new passwords and other information.
Iāve been told that you should flatten and rebuild your computer once every two or so years, anyway.
Leo, should anyone who finds him or herself in a similar mess run DBAN and/or TrueCrypt before flattening and rebuilding his/her computer?
Hacking is a federal crime, which brings me to a slightly off-topic question: Has anyone here ever had a similar experience with a hacker, reported the hackerās crimes to the FBI, and found that the FBI actually did anything to help prosecute the hacker?
I would report this to the Police, and I do agree find a new Friend, best thing to do is reformat the computer
Hello,
when I start my computer runs a error
ā
Additional information about the problem:
BCCode: a
BCP1: 00000000
BCP2: 0000001B
BCP3: 00000000
BCP4: 824E29DE
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1
Files that help describe the problem:
C:\Windows\Minidump\Mini122711-02.dmpā
Can You please suggest how to fix it?
Happy new Year
Fanis
This is a criminal invasion of privacy. Tell the jerk to get it off your or you will press charges. This is unconscionable. Exactly what purpose does this serve. He may also have a put a backdoor on your system.
A friend of mine hosted a party and he found someone he knew and considered a friend at his computer. The guy had screens open and was busily engaged with what he was doing. My friend asked the guy what he was doing and he was told āhouse cleaningā by putting things in folders and deleting unnecessary files because the computer was all cluttered up and poorly organized. It didnāt go over too well.
Now, Iām a big proponent of computer privacy and I couldnāt imagine in my wildest dreams nosing through someones computer unless I was specifically asked to and poking around was required to accomplish what I was asked to do. I liken it to rearranging some-oneās furniture or reading their mail without permission.
The guy who was mucking around with the computer had a ācomputer repair serviceā on the side meaning he worked out of his house and did computer calls at peopleās homes. mostly family, friends, and friends of the same. Thereās nothing wrong with a business like that if the tech knows his business.
However, it was later discovered that whenever this guy worked on some-oneās computer he installed something and configured the computer so that he could remotely access it. He never told anyone whose computers he worked on that he had done that or installed anything. After my friendās mother had worse problems with her computer after this guy had worked on it and she took it to a computer repair store did she find out that her computer had been configured for remote access.
The people at the repair shop told her the way it was done that there were no permissions needed from the owner/user to connect to the computer and nothing alerted the owner/user that the computer was being remotely accessed.
After his mom told him about it, my friend had his computer checked out and also found out the remote access software and configuration was installed on it. It had obviously been done at the party.
The same tech had worked on about 10 computers for that family and every one was later found to be remotely accessible. There was a file with his computer business name installed which was what called attention to it. When the tech was confronted about it, his explanation was that he did it as a convenience to his āclientsā so if a problem arose, he could be called any time and if he had his laptop with him or was at home, he could check out and likely fix the problem from his computer saving them a service call charge. He did his best to downplay it as āno big dealā and even suggested it was a common practice.
Considering that he never told anyone about that remote access ability before-hand and even after getting busted, never explaining the degree of control and access to everything he had, I think he had quite different ideas that what he said. He did a wonderfully clever job of downplaying what he did and although he lost a number of clients over it. Even though thereās a shadow still over his reputation over it, I would bet he still does it. While I could almost understand his reasoning about why he installed it, doing so without the computer ownerās knowledge, understanding, and permission is unpardonable.
As far as I know nothing was ever tampered with or any information stolen. I knew the guy that did it from years ago when took some classes together, it would not surprise me to know he did a bit of spying not only with web cams but via the microphone a lot of PCs have built in or added on. It may also explain why he caters to people who are computer illiterate or new to the whole thing.
The point is, even when seeking help from professionals, you still have to be very careful and make sure you understand what they did.
Jim Hās comment is a situation that warrants police involvement. When an event such as this involving āabout 10 computers for that familyā, seems substantial enough for legal action. If anything, at least an appointment with this guy to āfixā his computer [wink,wink].
In regards to Jim H.ās comment, Itās Jerks like that guy that screw things up for people like myself. I operate the same type of small business to supplement my income since becoming disabled. If I were to do something like that, Id likely wind up in jail. This is definitely a situation that warrants legal action. No wonder so many people are opting for spending the extra $100 -$200 and buying a new machine instead of fixing the ones they have.
I wanted to comment on Jim Hās post. I donāt know if this repairman had alternative motives (though I tend to agree with your gut reaction that he did) but his unprofessionalism is rivaled only by his unprofessionalism. Any tech like him (myself included) knows there are alternative means to remotely connect that are both legal AND MUTUALā¦meaning you have to agree to it before the connection begins AND you can end it at any time AND itās over when itās over (meaning I canāt reconnect to you after weāre done). VERY shady business practice and stay completely away from his services but donāt write off independent services like mine and John Servisās because we really do want to help and supplement our income in the process.