I've been hacked.
September 10, 2009 7:17 AM   Subscribe

Someone hacked my laptop! What do they know now, how much can I find out, and how can I keep it from happening again?

I woke up this morning and turned on my laptop (Toshiba, connected to wireless router to Cable internet) and discovered one of my (Unclassified) Army memos was now my desktop background.

I don't do anything special for security; just Panda Antivirus and Windows Defender.

I don't surf a lot of porn.

If they could change my background, could they log onto my Gmail account? I hate to admit it, but I use it as a password keeper. Oh my God, could they be reading this right now?

Last night, something popped up a window a couple of times, saying its scan was running slow because of my Internet connection. I assumed it was Panda. Panda was off this morning.
posted by atchafalaya to Computers & Internet (13 answers total)
Are you sure it was hacked?

If you run as Admin you are asking for trouble. Automatically install all security updates and virus updates and you're pretty safe.

If they have installed a key logger, then it is possible that all of your accounts can be compromised. If you are worried, change your password from a secure pc.
posted by devnull at 7:21 AM on September 10, 2009

At the bottom of your gmail inbox is an activity section ("Last account activity..."). Click the details section. You should see the IP address you're logged in from currently. You can see if someone else is logged into your account. You can also log out all other sessions.
posted by sharkfu at 7:22 AM on September 10, 2009 [4 favorites]

Setting your desktop background does not seem like something a hacker would do. Are you sure you didn't just set it yourself, by accident? Windows makes it very easy to change your desktop background, often from places you don't expect (e.g. Firefox).

Remember that if a hacker gets control of your computer (unlikely), why would they tell you?

Still, using gmail as a password keeper is a bad idea no matter what.
posted by katrielalex at 7:23 AM on September 10, 2009 [1 favorite]

Go to a library or friend's house and use their computer to change all of your passwords on all of your accounts. For each account use a different password unrelated to the others. Use a good password containing a mixture of numbers and letters, and not related to something in your life (like your birthday, dog's name, hobby, work-related catch-phrases, etc.)

Once you've done this come back to your regular PC. Don't use it to log in to any accounts. Back up any information you are interested in keeping and re-install the operating system using the CDs provided by the PC vendor.
posted by odinsdream at 7:38 AM on September 10, 2009 [1 favorite]

And stop storing your passwords in electronic formats. If you must store them, write them on a piece of paper and put it in a locked drawer.
posted by odinsdream at 7:38 AM on September 10, 2009

Heh... I've seen this before... an old acquaintance would scour the telco network looking for users who were utilizing a DSL gateway that was directly connected to thier computers... like those old craptacular Speed Touch Manatray units.... ADSL via USB.... yuck.

Anyway.... he would scan the local telco subnet ... finding people who had file sharing enabled.... back in those days it was rather trivial to change the background wall paper on a Win9X machine...

He'd just change the wall paper.... and leave a text file on the desktop detailing what the would need to do to prevent such access in the future. He was a good guy.... and his has was far more white than grey.

We had many good conversations... and he was a big *nix fan... Hell... he used it exclusively on his desktops back when it was HARD...

So, you may or may not have anything to worry about. But... people are not quite so altruistic these days. Assume the worst and take necessary action. Talk to your financial institutions and the credit agencies... get your ducks in a row now... and hope that you won't need them.
posted by PROD_TPSL at 7:43 AM on September 10, 2009

I don't surf a lot of porn.

I think that is like saying I am a little bit pregnant.

I echo the others and advise changing passwords from a different machine and either reinstall the OS or use good software to eliminate keyloggers.
posted by JohnnyGunn at 7:43 AM on September 10, 2009

If you must store them, write them on a piece of paper and put it in a locked drawer.

Writing them on a piece of paper and keeping that piece of paper in your wallet works too. If you're worried about someone stealing your wallet and using them, you can always use some sort of obfuscation to make it unclear to anyone else what the real passwords are or what they are used with.
posted by burnmp3s at 7:46 AM on September 10, 2009

The background picture is one of a series of documents I scanned using Irfanview.

It's the only document in C:/Users/Myname/appdata/roaming/Irfanview

I guess it's conceivable I could have reset it by accident, but I doubt it.
posted by atchafalaya at 8:18 AM on September 10, 2009

Irfanview has a "set as wallpaper" option ("Options" - "Set as Wallpaper")-- are you sure you didn't choose that by accident?
posted by sharkfu at 8:34 AM on September 10, 2009

It might be worth trying to track down the wallpaper file and then checking when it was created/modified; if it seems to have been changed when you weren't on the computer then that'll indicate a hack.

It's very easy to accidentally change your wallpaper and not notice for a while if something is maximised. More than one person I know has been approached by a panicking computer novice asking how the porn they 'stumbled upon' got onto their desktop and can they please help remove it before the IT dept finds out.
posted by malevolent at 9:02 AM on September 10, 2009

Irfanview has a keyboard shortcut for changing the wallpaper--it's something common plus shift, like Ctrl-Shift-P or Ctrl-Shift-C or something. You'd know better than me, but it seems very possible that you might've done it by accident.
posted by box at 9:41 AM on September 10, 2009

Ta da! I'm sure I used the keyboard command by accident yesterday when I was doing all the scanning. Ctrl-shift-C is the culprit.

I never thought I'd be a computer novice, but there it is. At least it wasn't some porn I'd "stumbled on"!

Thank you all very much.
posted by atchafalaya at 10:53 AM on September 10, 2009

« Older Experience with Quicken Loans for re-fi or...   |   CD downer Newer »
This thread is closed to new comments.