Is she watching everything I do?
September 9, 2010 8:41 AM Subscribe
Is there a way to find out if someone is spying on my computer? Or is it even possible for someone to do what I think their doing? Or is this just garden variety paranoia on my part?
All of a sudden a "friend" of mine knows what pages I've clicked on, and it couldn't possibly be a random guess either. This is my home computer, not at work where she is the database administrator. She knows everything about computers trust me, she's never been to my house before so she's never had direct access to my PC. In conversations the other day she let on that she knows I have been researching something that she couldn't possibly have known, otherwise. She even winked at me when she said it! This is not something I would EVER tell anyone about or even talk about the subject at all with anyone I know, so I'm not making a mistake!! She couldn't have heard it through the grape-vine, or anything else, is my point. I don't want to just ask her because I know she would lie about it, because I think she is baiting me now. Plus we were in a group setting when she said it, so I couldn't let on that she's right about it, for fear that people would shift the whole conversation to talk about that. Is it possible that when I clicked on a link in email she sent me that something downloaded that I can't see or "feel"? It's a video she sent from her own computer, not a You Tube Video or anything hosted, and two pictures of herself that she also has up on her Facebook. They were in seperate emails, and I had to click on them to open them. I know I'm not supposed to do that without checking them first, but I have antivirus software installed so I didn't think it was bad. Another suspicious thing is the pictures she sent me, I downloaded them into a file, and when I tried to open them they opened as MS DOS instead of jpeg, how they were labelled. I have a old Gateway PC running windows XP. I also run Norton Security Suite. This is Anonymous because now nothing I am doing on my home computer feels safe! And I think she still reads MetaFilter sometimes. Ugh.
Oh and another reason this isn't too farfetched is that we work together, and we dated for a few weeks before I broke it off with her because she was so _obsessive_ about checking up on me. And I know she stalked an ex-bf through his computer a few years ago, because she told me! That's what made me not want to have anything to do with her! She also told me that the first program she ever wrote successfully was a virus script! Double UGH!! What have I gotten myself into? Is there a way to find out if she did this without nuking my home computer's OS? I looked at the list of running process' and I can't tell if there is anything out of the orndinary because there's so many things running and I don't know very much about that kind of thing because I'm not usually paranoid or having to watch out for stuff like this.
P.S. I read the old questions about this. I tried to install Little Snitch, but I don't understand it at all, and it was too confusing, so I deleted it off my computer.
All of a sudden a "friend" of mine knows what pages I've clicked on, and it couldn't possibly be a random guess either. This is my home computer, not at work where she is the database administrator. She knows everything about computers trust me, she's never been to my house before so she's never had direct access to my PC. In conversations the other day she let on that she knows I have been researching something that she couldn't possibly have known, otherwise. She even winked at me when she said it! This is not something I would EVER tell anyone about or even talk about the subject at all with anyone I know, so I'm not making a mistake!! She couldn't have heard it through the grape-vine, or anything else, is my point. I don't want to just ask her because I know she would lie about it, because I think she is baiting me now. Plus we were in a group setting when she said it, so I couldn't let on that she's right about it, for fear that people would shift the whole conversation to talk about that. Is it possible that when I clicked on a link in email she sent me that something downloaded that I can't see or "feel"? It's a video she sent from her own computer, not a You Tube Video or anything hosted, and two pictures of herself that she also has up on her Facebook. They were in seperate emails, and I had to click on them to open them. I know I'm not supposed to do that without checking them first, but I have antivirus software installed so I didn't think it was bad. Another suspicious thing is the pictures she sent me, I downloaded them into a file, and when I tried to open them they opened as MS DOS instead of jpeg, how they were labelled. I have a old Gateway PC running windows XP. I also run Norton Security Suite. This is Anonymous because now nothing I am doing on my home computer feels safe! And I think she still reads MetaFilter sometimes. Ugh.
Oh and another reason this isn't too farfetched is that we work together, and we dated for a few weeks before I broke it off with her because she was so _obsessive_ about checking up on me. And I know she stalked an ex-bf through his computer a few years ago, because she told me! That's what made me not want to have anything to do with her! She also told me that the first program she ever wrote successfully was a virus script! Double UGH!! What have I gotten myself into? Is there a way to find out if she did this without nuking my home computer's OS? I looked at the list of running process' and I can't tell if there is anything out of the orndinary because there's so many things running and I don't know very much about that kind of thing because I'm not usually paranoid or having to watch out for stuff like this.
P.S. I read the old questions about this. I tried to install Little Snitch, but I don't understand it at all, and it was too confusing, so I deleted it off my computer.
It's too bad you asked this question anonymously, because it would be nice to have a back-and-forth with you to clear up a few places where spyware could be. You can feel free to MeMail or email me, and I'll help you as best I can.
It seems like this question- "am I being watched on my computer?" comes up fairly frequently. In general, the answer is "probably not", although in cases like yours (where somebody has a personal motivation) it can be slightly more likely.
Software that watches what you do or transmits your activities is called spyware, and it can hide in a lot of different places on a Windows XP machine. A good first step to calm your nerves is to run a spyware scanner like Spybot-SD on your machine, and let it get rid of anything it finds.
Do you have a router or firewall in your house between your cable/DSL modem and your computer? If so, it's less likely that an attacker would be able to access your computer without you specifically allowing it. If you don't have one, you might consider purchasing one.
Little Snitch is a Mac app, so it won't do you any good here.
posted by aaronbeekay at 8:54 AM on September 9, 2010
It seems like this question- "am I being watched on my computer?" comes up fairly frequently. In general, the answer is "probably not", although in cases like yours (where somebody has a personal motivation) it can be slightly more likely.
Software that watches what you do or transmits your activities is called spyware, and it can hide in a lot of different places on a Windows XP machine. A good first step to calm your nerves is to run a spyware scanner like Spybot-SD on your machine, and let it get rid of anything it finds.
Do you have a router or firewall in your house between your cable/DSL modem and your computer? If so, it's less likely that an attacker would be able to access your computer without you specifically allowing it. If you don't have one, you might consider purchasing one.
Little Snitch is a Mac app, so it won't do you any good here.
posted by aaronbeekay at 8:54 AM on September 9, 2010
Yeah, you are not being paranoid. I don't know if confrinting her works to your advantage at this point. I say this because if this is illegal, her shooting herself in the foot (admiting she did this before, hinting she is doing it to you) will only help you build a case againt her. Besides, you might not want to "taunt" her in anyway. She's obviously not to be trusted.
posted by marimeko at 8:56 AM on September 9, 2010
posted by marimeko at 8:56 AM on September 9, 2010
Oh, right, I missed the "opened as ms dos instead of JPEG" part of that. Can you forward those emails to me or somebody else on the site, or at least the attachments? That would be a big help in determining what it is you opened.
Don't go crazy and delete all your files or anything yet. If your system is compromised, leaving it turned off or unplugging it from your Internet access will prevent her from accessing anything.
posted by aaronbeekay at 8:57 AM on September 9, 2010
Don't go crazy and delete all your files or anything yet. If your system is compromised, leaving it turned off or unplugging it from your Internet access will prevent her from accessing anything.
posted by aaronbeekay at 8:57 AM on September 9, 2010
One other thing: What were the file names that she sent you? Feel free to MeMail me if you don't want it out in the open.
It seems like this question- "am I being watched on my computer?" comes up fairly frequently. In general, the answer is "probably not", although in cases like yours (where somebody has a personal motivation) it can be slightly more likely.
Agreed - my first instinct was to say no, because the answer is almost always no, but the more I read, the more likely it started to look.
posted by FAMOUS MONSTER at 8:57 AM on September 9, 2010
It seems like this question- "am I being watched on my computer?" comes up fairly frequently. In general, the answer is "probably not", although in cases like yours (where somebody has a personal motivation) it can be slightly more likely.
Agreed - my first instinct was to say no, because the answer is almost always no, but the more I read, the more likely it started to look.
posted by FAMOUS MONSTER at 8:57 AM on September 9, 2010
1. Turn off the PC and disconnect the internet cable.
2. Contact the police.
3. Do not wipe anything on your PC yet.
If she did install some keylogger or remote access program, that's completely egregious, and she should never be allowed to work in IT again. As an IT admin myself, this pisses me off, because it just reinforces a stereotype of spying.
She may be getting her information some other way, and I hope that turns out to be the case - but you need to protect yourself first. Document everything.
posted by HopperFan at 8:58 AM on September 9, 2010 [14 favorites]
2. Contact the police.
3. Do not wipe anything on your PC yet.
If she did install some keylogger or remote access program, that's completely egregious, and she should never be allowed to work in IT again. As an IT admin myself, this pisses me off, because it just reinforces a stereotype of spying.
She may be getting her information some other way, and I hope that turns out to be the case - but you need to protect yourself first. Document everything.
posted by HopperFan at 8:58 AM on September 9, 2010 [14 favorites]
We've used keyloggers to gather evidence on a couple of employees, and Spybot et al did not find them when we ran a test. Just a word of warning.
posted by HopperFan at 9:00 AM on September 9, 2010
posted by HopperFan at 9:00 AM on September 9, 2010
1. Another suspicious thing is the pictures she sent me, I downloaded them into a file, and when I tried to open them they opened as MS DOS instead of jpeg, how they were labelled.
That's kind of a giant, raging red flag. Mislabeling executable files as images is a common way to get people to run them inadvertantly. (There used to be a way to name files something like "foo.jpg .exe" (with many more non-breaking spaces) so that the .exe part would be cut off and not displayed in the attachment listing, but would still cause Windows to treat the file as an executable — I have no idea if this is possible in XP in particular.)
Running anti-spyware software is not necessarily going to help you in a case like this. As FAMOUS MONSTER said, I think you need to reinstall your OS from scratch.
If I were you I would take that email to the police. This is a criminal issue, not something for HR, in my opinion.
posted by enn at 9:00 AM on September 9, 2010 [3 favorites]
That's kind of a giant, raging red flag. Mislabeling executable files as images is a common way to get people to run them inadvertantly. (There used to be a way to name files something like "foo.jpg .exe" (with many more non-breaking spaces) so that the .exe part would be cut off and not displayed in the attachment listing, but would still cause Windows to treat the file as an executable — I have no idea if this is possible in XP in particular.)
Running anti-spyware software is not necessarily going to help you in a case like this. As FAMOUS MONSTER said, I think you need to reinstall your OS from scratch.
If I were you I would take that email to the police. This is a criminal issue, not something for HR, in my opinion.
posted by enn at 9:00 AM on September 9, 2010 [3 favorites]
I am no computer expert, but the first thing that came to my mind is that if you have a google account, she may have stolen your password. If you search the web using google and have keep my search history thing turned on maybe she logs into your account and checks that way. If I had a google account, I would change the password from a computer that was not my home one and not my office one but one that was secure.
posted by JohnnyGunn at 9:03 AM on September 9, 2010 [2 favorites]
posted by JohnnyGunn at 9:03 AM on September 9, 2010 [2 favorites]
Actually yes, please ignore what I said about wiping and confronting her. I was kind of stunned by the situation. My apologies.
The rest stands. She is almost certainly spying on you. Disconnect from the Internet as soon as you can, and contact the police.
posted by FAMOUS MONSTER at 9:05 AM on September 9, 2010
The rest stands. She is almost certainly spying on you. Disconnect from the Internet as soon as you can, and contact the police.
posted by FAMOUS MONSTER at 9:05 AM on September 9, 2010
In conversations the other day she let on that she knows I have been researching something that she couldn't possibly have known, otherwise. She even winked at me when she said it! This is not something I would EVER tell anyone about or even talk about the subject at all with anyone I know, so I'm not making a mistake!!I don't get it. If you're sure about this statement then you have the answer: yes, someone is spying on you or your computer.
posted by caek at 9:06 AM on September 9, 2010
YIKES. I'm sure others can address the technical part of this question, but there is a unaddressed social aspect here that is downright scary. This woman is not normal. She has no boundaries and is very blasé about flaunting that fact. She is manipulative and her behavior inappropriate and obsessive. Obviously I don't know what it is you both do for work, or what that dynamic is like, but if it's appropriate to do so, confidentially talk to someone higher up. This woman is not to be trusted and may be a threat to you and/or your workplace.
(Take this advice with a grain of salt...it may be entirely inappropriate to discuss this with somebody at work. The only reason why I suggest talking to somebody is because you two work together, dated, and she is manipulative and dangerous. Be careful and use good judgment. Your actions from this point forward could cause her to react quite drastically (and likely in an even further unacceptible manner).)
posted by iamkimiam at 9:08 AM on September 9, 2010
(Take this advice with a grain of salt...it may be entirely inappropriate to discuss this with somebody at work. The only reason why I suggest talking to somebody is because you two work together, dated, and she is manipulative and dangerous. Be careful and use good judgment. Your actions from this point forward could cause her to react quite drastically (and likely in an even further unacceptible manner).)
posted by iamkimiam at 9:08 AM on September 9, 2010
Correct me if I'm wrong: if she can see everything he types she can see this thread as well, and the emails he's going to exchange with those here who help him.
posted by iconomy at 9:09 AM on September 9, 2010 [1 favorite]
posted by iconomy at 9:09 AM on September 9, 2010 [1 favorite]
Actually, threat level elevated based on rethink and reread of others' responses. Don't wait. Call the police. Her violation of your privacy and spying are not legal and need to be treated accordingly.
posted by iamkimiam at 9:12 AM on September 9, 2010
posted by iamkimiam at 9:12 AM on September 9, 2010
"Correct me if I'm wrong: if she can see everything he types she can see this thread as well, and the emails he's going to exchange with those here who help him."
That's right, if he's using his home pc. He should use an alternate pc (library, for example), and change ALL of his passwords ASAP.
posted by HopperFan at 9:14 AM on September 9, 2010
That's right, if he's using his home pc. He should use an alternate pc (library, for example), and change ALL of his passwords ASAP.
posted by HopperFan at 9:14 AM on September 9, 2010
Correct me if I'm wrong: if she can see everything he types she can see this thread as well, and the emails he's going to exchange with those here who help him.
Go to your public library or somewhere else with free computer use (a computer that is not connected to your home internet connection in any way), create a new Gmail/Google account that is not connected to your current one (ie, do not put your current Gmail address as the email to use in case of a lost password), and then start emailing people here who can help you.
posted by thebazilist at 9:15 AM on September 9, 2010 [7 favorites]
Go to your public library or somewhere else with free computer use (a computer that is not connected to your home internet connection in any way), create a new Gmail/Google account that is not connected to your current one (ie, do not put your current Gmail address as the email to use in case of a lost password), and then start emailing people here who can help you.
posted by thebazilist at 9:15 AM on September 9, 2010 [7 favorites]
Isn't it possible she said "you're researching x", either A) because something you did or said while you were dating that gave her a hint, or B) just to fuck with you and see how you react even though she has no "proof"? I'm thinking it's like a tactical thing, a bluff, I guess is the word I'm looking for. Maybe she just got lucky, or she got lucky thanks to some inside info gleaned while you dated. I'm finding it hard to be articulate, but I just want to put it out there that she may just be messing with your mind, not your PC.
posted by segatakai at 9:29 AM on September 9, 2010
posted by segatakai at 9:29 AM on September 9, 2010
You ask if you're being paranoid. Honestly, yes, you do sound kinda paranoid and not terribly computer literate (which is fine!). This sort of thing is technically possible and it does happen in the real world, but nowhere near as often as it happens in the movies.
Forgive me for saying this, but you sound a little frazzled and confused about what's happening. Is it not possible that she might reasonably infer these things from information she's got through completely normal, above board channels? Or just guess? That doesn't mean she's not a little weird and maybe creepy, but it's a much simpler explanation. And even if she's checking up on you without your knowledge, maybe it's possible to do that the good old-fashioned and creepy legal way, without committing felony computer crime.
But the you've made clear statements that they are certain someone is tampering with your PC. In that case, I'm not sure what the question is. If you're sure, yes, what you're talking about is technically possible and illegal. Your next move is to turn off your Gateway PC and call the police. Good luck.
posted by caek at 9:36 AM on September 9, 2010 [2 favorites]
Forgive me for saying this, but you sound a little frazzled and confused about what's happening. Is it not possible that she might reasonably infer these things from information she's got through completely normal, above board channels? Or just guess? That doesn't mean she's not a little weird and maybe creepy, but it's a much simpler explanation. And even if she's checking up on you without your knowledge, maybe it's possible to do that the good old-fashioned and creepy legal way, without committing felony computer crime.
But the you've made clear statements that they are certain someone is tampering with your PC. In that case, I'm not sure what the question is. If you're sure, yes, what you're talking about is technically possible and illegal. Your next move is to turn off your Gateway PC and call the police. Good luck.
posted by caek at 9:36 AM on September 9, 2010 [2 favorites]
Isn't the 'messing with your mind' a given? The PC is just the vehicle for mental screwery. It's just a matter of scope as to how far that vehicle is being used to perform her manipulation tricks.
posted by iamkimiam at 9:37 AM on September 9, 2010
posted by iamkimiam at 9:37 AM on September 9, 2010
Go to your public library ... create a new Gmail/Google account
This is good advice. The single most helpful thing to determine what's on your computer right now and what she could be seeing would be that email and its attachments (the ones that opened as "MS-DOS". You should forward those to me, or another MeFi user who can help, or a new Gmail account that isn't linked to a previous account.
posted by aaronbeekay at 9:38 AM on September 9, 2010
This is good advice. The single most helpful thing to determine what's on your computer right now and what she could be seeing would be that email and its attachments (the ones that opened as "MS-DOS". You should forward those to me, or another MeFi user who can help, or a new Gmail account that isn't linked to a previous account.
posted by aaronbeekay at 9:38 AM on September 9, 2010
It very much sounds like she has installed software on your computer. The "JPG opening in DOS," combined with her comments, make this clear. A few simple things you should know about the technical aspects:
1) If you disconnect your computer from the internet (unplug it or unplug the router if you connect to a wireless router), she cannot spy on you or control your computer. As long as your computer is connected to the internet, both of those are possible.
2) The police may be poorly equipped to help. They may take your computer away for a long time as evidence. They may not have the expertise needed to investigate this. Just be aware of that.
3) The emails from her are the best evidence you have for proving her involvement. Save those in multiple locations, ideally flash drives and online accounts that have no connection to this woman at all.
4) Until you have someone very knowledgeable go over your computer, you can't trust it. You may not know enough to evaluate whether someone is "very knowledgeable" in this way, and any such person may be overestimating their ability. Someone who thinks they can fix it may mistakenly miss something. The safest course is to (eventually, after evidence has been collected, if needed) save your personal files off of the computer and completely wipe / reinstall the operating system. This is a pain, but it is worth it for the peace of mind. If you have the resources, simply purchasing a new computer may be the best option for you, given the ease and peace-of-mind guarantee.
5) Assume she knows everything you have done on the computer since you got those emails. This includes passwords, information typed in to any website or program, and websites visited. She could also have a copy of any file on your computer. Be aware of what she might know. Take steps to negate that knowledge where possible, such as by changing passwords from a different computer.
The social aspects, such as how to alter your situation to no longer be involved with this woman in any way, are more complex. They depend on the structure of your company, the personalities involved in HR and IT, your own capacity for drama and conflict, etc. None of us can know the best course for you in that respect, but it is fairly clear that the end result needs to include the two of you no longer working at the same company.
posted by whatnotever at 9:49 AM on September 9, 2010 [3 favorites]
1) If you disconnect your computer from the internet (unplug it or unplug the router if you connect to a wireless router), she cannot spy on you or control your computer. As long as your computer is connected to the internet, both of those are possible.
2) The police may be poorly equipped to help. They may take your computer away for a long time as evidence. They may not have the expertise needed to investigate this. Just be aware of that.
3) The emails from her are the best evidence you have for proving her involvement. Save those in multiple locations, ideally flash drives and online accounts that have no connection to this woman at all.
4) Until you have someone very knowledgeable go over your computer, you can't trust it. You may not know enough to evaluate whether someone is "very knowledgeable" in this way, and any such person may be overestimating their ability. Someone who thinks they can fix it may mistakenly miss something. The safest course is to (eventually, after evidence has been collected, if needed) save your personal files off of the computer and completely wipe / reinstall the operating system. This is a pain, but it is worth it for the peace of mind. If you have the resources, simply purchasing a new computer may be the best option for you, given the ease and peace-of-mind guarantee.
5) Assume she knows everything you have done on the computer since you got those emails. This includes passwords, information typed in to any website or program, and websites visited. She could also have a copy of any file on your computer. Be aware of what she might know. Take steps to negate that knowledge where possible, such as by changing passwords from a different computer.
The social aspects, such as how to alter your situation to no longer be involved with this woman in any way, are more complex. They depend on the structure of your company, the personalities involved in HR and IT, your own capacity for drama and conflict, etc. None of us can know the best course for you in that respect, but it is fairly clear that the end result needs to include the two of you no longer working at the same company.
posted by whatnotever at 9:49 AM on September 9, 2010 [3 favorites]
Oh, yeah. Yup. Red flags, klaxons, etc. Here is a question you must ask yourself. Are you looking to:
1) Make this all go away? This skips prosecution and she will suddenly know something is up, that she's been found out.
2) Stop it now, but attempt to prosecute? She will still know something is up.
3) Build a case, allowing her to continue, up until the point that there's a knock on her door from the police?
Each one of these options means a different plan of action. In the first, you nuke your machine from orbit, saving critical files, change your passwords, etc, and she knows the jig is up. You can do that with the help of some more technical friends fairly quickly.
The second is more extensive — you have to preserve evidence and deal with the police. They may be interested; they may not. It's a whole new level of hassle. Resign yourself to buying a new PC because yours will probably be off-limits until the police clone out a drive or the like.
The third is like the second, but you also have to set up new gmail/Flickr/whatever accounts, still pretend to be going on about your daily business, and generally act like nothing is going on while at the same time securing the cooperation of the local police in what is essentially a mini-sting operation they'd coach you through. That sounds like the plot to a novel to me, but for all I know there's someone on the force looking to make rank and is technically savvy enough to want to add cybercrime to her or his resume.
Options two and three may also have some work impact.
This isn't just surveillance behavior, as she is taking the time to let you know she is watching you. She wants you to know this. This is behavior designed to induce fear, which goes beyond the fairly unpleasant business of privacy violation. People who want that level of control tend to react poorly to having that control taken away.
posted by adipocere at 9:52 AM on September 9, 2010 [2 favorites]
1) Make this all go away? This skips prosecution and she will suddenly know something is up, that she's been found out.
2) Stop it now, but attempt to prosecute? She will still know something is up.
3) Build a case, allowing her to continue, up until the point that there's a knock on her door from the police?
Each one of these options means a different plan of action. In the first, you nuke your machine from orbit, saving critical files, change your passwords, etc, and she knows the jig is up. You can do that with the help of some more technical friends fairly quickly.
The second is more extensive — you have to preserve evidence and deal with the police. They may be interested; they may not. It's a whole new level of hassle. Resign yourself to buying a new PC because yours will probably be off-limits until the police clone out a drive or the like.
The third is like the second, but you also have to set up new gmail/Flickr/whatever accounts, still pretend to be going on about your daily business, and generally act like nothing is going on while at the same time securing the cooperation of the local police in what is essentially a mini-sting operation they'd coach you through. That sounds like the plot to a novel to me, but for all I know there's someone on the force looking to make rank and is technically savvy enough to want to add cybercrime to her or his resume.
Options two and three may also have some work impact.
This isn't just surveillance behavior, as she is taking the time to let you know she is watching you. She wants you to know this. This is behavior designed to induce fear, which goes beyond the fairly unpleasant business of privacy violation. People who want that level of control tend to react poorly to having that control taken away.
posted by adipocere at 9:52 AM on September 9, 2010 [2 favorites]
... they opened as MS DOS instead of jpeg ....
I would almost bet my career as an IT professional that YES, given this single statement, she has put SOMETHING malicious on your pc. Since this is a targetted attack (she's not trying to take over a cloud of computers or anything), this will likely be able to slide under the radar of almost any spyware detection suite out there.
As to next steps - remove your computer's connection to the internet. Now. Stop reading, go behind your pc, and pull the ethernet cable. I'll wait.
Done? Good. She can't see anything on your computer any more. The advice above about setting up a new gmail account from a different computer - that's gold right there. Be sure to use a different password than your old one. From this point on, assume anything you have typed, viewed, or done on that computer, she has knowledge of. All your passwords need to change (if you do online banking, call your bank NOW, and tell them your password is compromised). Any access information that was used on that computer needs to be changed. (I apologize if I'm hammering on this point, but ... it's an important one).
Once damage control is done (Passwords changed from a different pc, et cetera), look forward towards preventing this from happening again. If she is an IT "professional", PLEASE discuss this with HR. Being an IT professional is only half knowing the computers. The other half is being trustworthy enough to hold the keys, and she has proven that she is NOT. If proof can be acquired (this is why I've not mentioned wiping the pc ... yet), then this is definitely a criminal matter, and your computer is evidence. Keep it shut off, disconnected, in a corner, until any investigating parties are done with it. A side warning - if you have anything incriminating on yourself on that computer (I'm not suggesting you do, just offering the blanket warning that I give to anyone who will have a thorough inspection of their machine), it will almost certainly be discovered if the PC is investigated. Just .. food for thought.
After the whole fiasco is taken care of, and any investigating parties are done with your machine, go get a portable drive or usb key, and copy any data (NOT PROGRAMS) from the computer that you might need. You might want to disable Windows' "Hide Extensions for Known File Types" (mefimail me for help with that if you need) ... that "feature" is probably what enabled her to sneak a .exe in as a .jpg. Anyway, copy the files off. Re-install windows XP from the recovery CD that Gateway (hopefully) gave you. After that re-install, your computer will be clean.
posted by frwagon at 10:00 AM on September 9, 2010 [3 favorites]
I would almost bet my career as an IT professional that YES, given this single statement, she has put SOMETHING malicious on your pc. Since this is a targetted attack (she's not trying to take over a cloud of computers or anything), this will likely be able to slide under the radar of almost any spyware detection suite out there.
As to next steps - remove your computer's connection to the internet. Now. Stop reading, go behind your pc, and pull the ethernet cable. I'll wait.
Done? Good. She can't see anything on your computer any more. The advice above about setting up a new gmail account from a different computer - that's gold right there. Be sure to use a different password than your old one. From this point on, assume anything you have typed, viewed, or done on that computer, she has knowledge of. All your passwords need to change (if you do online banking, call your bank NOW, and tell them your password is compromised). Any access information that was used on that computer needs to be changed. (I apologize if I'm hammering on this point, but ... it's an important one).
Once damage control is done (Passwords changed from a different pc, et cetera), look forward towards preventing this from happening again. If she is an IT "professional", PLEASE discuss this with HR. Being an IT professional is only half knowing the computers. The other half is being trustworthy enough to hold the keys, and she has proven that she is NOT. If proof can be acquired (this is why I've not mentioned wiping the pc ... yet), then this is definitely a criminal matter, and your computer is evidence. Keep it shut off, disconnected, in a corner, until any investigating parties are done with it. A side warning - if you have anything incriminating on yourself on that computer (I'm not suggesting you do, just offering the blanket warning that I give to anyone who will have a thorough inspection of their machine), it will almost certainly be discovered if the PC is investigated. Just .. food for thought.
After the whole fiasco is taken care of, and any investigating parties are done with your machine, go get a portable drive or usb key, and copy any data (NOT PROGRAMS) from the computer that you might need. You might want to disable Windows' "Hide Extensions for Known File Types" (mefimail me for help with that if you need) ... that "feature" is probably what enabled her to sneak a .exe in as a .jpg. Anyway, copy the files off. Re-install windows XP from the recovery CD that Gateway (hopefully) gave you. After that re-install, your computer will be clean.
posted by frwagon at 10:00 AM on September 9, 2010 [3 favorites]
Yea, this is cyberstalking and almost certianly violates several types computer fraud and wiretap laps. Most states have a cybercrimes division these days, you need to contact them. Unplug the computer and do not attempt to change anything she may have done.
posted by T.D. Strange at 10:03 AM on September 9, 2010
posted by T.D. Strange at 10:03 AM on September 9, 2010
Set up a sockpuppet account so you can answer questions in this thread. Unlike other websites, this actually OK on metafilter for certain purposes. Quoting from the FAQ:
... people have sock puppet accounts for various reasons and they are not forbidden unless they are being used deceptively to mess with the site ...
Some reasons people have sock puppet accounts:
... they want to ask a question in Ask MetaFilter that is not linked to their primary account
Do you have a second computer, a laptop maybe, that you can use while following advice to leave it turned off or unplug it from your Internet access? If not, and you're not going to nuke your OS immediately, get Knoppix or a similar live CD. This will allow you to run an operating from your CD drive without affecting your hard drive or booting into your primary OS. You can use this to access the internet and do other basic stuff without be affected by any spyware that may be installed on your hard drive, because you have to boot into your OS for it to run. Can you get a friend to burn this for you if you need it?
Save the emails she sent you. And, yes. send them to people here who've asked to look at them.
Realize that we're mostly debating, what kind of spyware you might have gotten, not whether. We could all be wrong, but your paranoia is not misplaced.
posted by nangar at 10:19 AM on September 9, 2010
... people have sock puppet accounts for various reasons and they are not forbidden unless they are being used deceptively to mess with the site ...
Some reasons people have sock puppet accounts:
... they want to ask a question in Ask MetaFilter that is not linked to their primary account
Do you have a second computer, a laptop maybe, that you can use while following advice to leave it turned off or unplug it from your Internet access? If not, and you're not going to nuke your OS immediately, get Knoppix or a similar live CD. This will allow you to run an operating from your CD drive without affecting your hard drive or booting into your primary OS. You can use this to access the internet and do other basic stuff without be affected by any spyware that may be installed on your hard drive, because you have to boot into your OS for it to run. Can you get a friend to burn this for you if you need it?
Save the emails she sent you. And, yes. send them to people here who've asked to look at them.
Realize that we're mostly debating, what kind of spyware you might have gotten, not whether. We could all be wrong, but your paranoia is not misplaced.
posted by nangar at 10:19 AM on September 9, 2010
I would unplug the computer from the internet, and not reconnect it until you've taken it to a computer security professional. Do not discuss this with anyone at work, because who knows who else she may be watching. I would find out exactly what she has installed on your laptop, so you know what she has had access to and then go to the police with whatever evidence you can get. I'd also think about contacting a lawyer to see if you can bring civil action.
posted by empath at 10:19 AM on September 9, 2010
posted by empath at 10:19 AM on September 9, 2010
From the description you've given, it's more likely that she has access to your Google account. If you are signed into a Google account (could be Gmail, iGoogle, Voice, or whatever--they're all tied to the same user database), all your searches and first-page-from-search-results-page-visits are tracked. You can look at your history here, but you should not do this if you are currently using a machine tat might be compromised. If you're signed in at home and searching for things, those get logged, and if you're signed it at work, you should assume that the DBA can see everything you're doing at your work PC, up to and including passwords into non-work-related-sites.
So, while it's a good idea to listen to advice given upthread about reinstalling your home computer OS (and if that sounds too technical, you can find someone more technically inclined who would do this for not-a-lot-of-money), your first order of business should be to log out of every web-based account you're using on your work computer, and then change every password for every web-based account that you have (from the keyboard of a third-party computer, not using your company network or your home computer).
posted by Mayor West at 10:25 AM on September 9, 2010 [1 favorite]
So, while it's a good idea to listen to advice given upthread about reinstalling your home computer OS (and if that sounds too technical, you can find someone more technically inclined who would do this for not-a-lot-of-money), your first order of business should be to log out of every web-based account you're using on your work computer, and then change every password for every web-based account that you have (from the keyboard of a third-party computer, not using your company network or your home computer).
posted by Mayor West at 10:25 AM on September 9, 2010 [1 favorite]
I would tell you to run some of the fun stuff in my profile just to see if it picks up anything in the malware realm, but I don't want you removing anything from this computer. I do want you seeing a computer professional to assess what's done, and if anything is there seeing a lawyer, and turning the stinking thing off now. NOW.
If you live anywhere near me, MeMail me. Or hit the e-mail address in my profile. But dear sweet lord, don't do it from this machine.
posted by deezil at 11:10 AM on September 9, 2010 [1 favorite]
If you live anywhere near me, MeMail me. Or hit the e-mail address in my profile. But dear sweet lord, don't do it from this machine.
posted by deezil at 11:10 AM on September 9, 2010 [1 favorite]
I was just wondering if the OP should have a lawyer approach the police in his jurisdiction so that they take this more seriously? Ditto approaching HR on the OP's behalf.
If anyone is in touch with the OP, I hope this suggestion helps.
posted by jbenben at 11:31 AM on September 9, 2010
If anyone is in touch with the OP, I hope this suggestion helps.
posted by jbenben at 11:31 AM on September 9, 2010
You can turn off (pause), as well as delete your google web history.
Probably bolting the stable door after the horse as bolted at this point, but worth doing going forward.
posted by tallus at 11:56 AM on September 9, 2010
Probably bolting the stable door after the horse as bolted at this point, but worth doing going forward.
posted by tallus at 11:56 AM on September 9, 2010
From the description you've given, it's more likely that she has access to your Google account.
Do we even know if he has a Google account and used G-mail to access the two e-mails and their attachments?
posted by ericb at 12:04 PM on September 9, 2010 [1 favorite]
Do we even know if he has a Google account and used G-mail to access the two e-mails and their attachments?
posted by ericb at 12:04 PM on September 9, 2010 [1 favorite]
While I am thankful I have never been involved in a situation like the OP here, I am very curious as to what the resolution might be. I know this is a fundamental difficulty with anonymous questions, but if there's a way to get a follow-up on here from either the OP or through one of the VERY kind and generous MeFites who has offered to help, I'd certainly be appreciative.
posted by indiebass at 1:07 PM on September 9, 2010 [1 favorite]
posted by indiebass at 1:07 PM on September 9, 2010 [1 favorite]
Another thought: Google does a pretty good job of protecting against email virus and spy programs.
If the JPGs were named as EXEs wouldn't GMail filter them out?
Do COM programs still work (ala DOS days) ?
posted by Drasher at 1:19 PM on September 9, 2010
If the JPGs were named as EXEs wouldn't GMail filter them out?
Do COM programs still work (ala DOS days) ?
posted by Drasher at 1:19 PM on September 9, 2010
... they opened as MS DOS instead of jpeg ....
I've done a good deal of reverse engineering and there is no legitimate reason for this to happen. Your computer has been compromised by someone, and unless you have other people stalking you it is her. Here is what you need to do:
Disconnect your computer immediately. Like, NOW. Like 5 minutes ago.
Go to the library, change all of your passwords. Do this NOW. Like 5 minutes ago.
Next: Put a fraud alert on your credit report. If you do online banking, she could have compromised any of your bank accounts.
Finally, make a decision about the right way to handle this: I'd go for turning off the computer and talking to a lawyer. You really don't want to deal with the cops as it will take years and a million hassles. I'd think that a lawyer might better be able to advise you on your options, such as restraining orders. Do NOT under any circumstances go to the police without talking to a lawyer first to understand your options. Do not delete or otherwise alter the files on your computer either. It should as of now be considered evidence.
posted by An algorithmic dog at 1:22 PM on September 9, 2010 [1 favorite]
I doubt this is spyware considering its a mac. I say she installed a nvc client onto his machine and watches him. With vnc you can watch a user without controlling the machine.
All he has to do is uninstall the vnc software.
posted by majortom1981 at 1:43 PM on September 9, 2010
All he has to do is uninstall the vnc software.
posted by majortom1981 at 1:43 PM on September 9, 2010
Anonymous is using an old Gateway PC running windows XP.
posted by CancerMan at 1:45 PM on September 9, 2010
posted by CancerMan at 1:45 PM on September 9, 2010
Yet another voice to the chorus. I was completely prepared to say "No, she's not spying on you through your computer, don't be ridiculous."
But as soon as I read the bit about images opening as MSDOS I was like "Oh, yep. She sent him spyware, and is spying on everything he's doing." (I assume you are a he; if you are a she, please forgive my presumption.)
I wouldn't go to the police. Her behavior is frightening and dangerous, but will be virtually impossible to prove. Furthermore, the police don't know a goddamned thing about computers. Thirdly, calling the cops and telling them that "this lady at work is spying on my home computer" will almost certainly be brushed off as paranoia.
Instead, I would go to her boss. Or your HR manager. Or your boss. Someone at work who has the technical knowledge to grasp what's happening, and the authority to get her fired.
Because oh, she needs to be fired. An IT person who sends spyware to their coworkers is like a bank teller who embezzles cash. It's not just illegal; it's a violation of trust at a fundamental level.
posted by ErikaB at 1:48 PM on September 9, 2010 [1 favorite]
But as soon as I read the bit about images opening as MSDOS I was like "Oh, yep. She sent him spyware, and is spying on everything he's doing." (I assume you are a he; if you are a she, please forgive my presumption.)
I wouldn't go to the police. Her behavior is frightening and dangerous, but will be virtually impossible to prove. Furthermore, the police don't know a goddamned thing about computers. Thirdly, calling the cops and telling them that "this lady at work is spying on my home computer" will almost certainly be brushed off as paranoia.
Instead, I would go to her boss. Or your HR manager. Or your boss. Someone at work who has the technical knowledge to grasp what's happening, and the authority to get her fired.
Because oh, she needs to be fired. An IT person who sends spyware to their coworkers is like a bank teller who embezzles cash. It's not just illegal; it's a violation of trust at a fundamental level.
posted by ErikaB at 1:48 PM on September 9, 2010 [1 favorite]
I'd be very, very wary about getting work involved without having had a computer pro look at the computer and verify what exactly was installed on his computer and how it works. That kind of thing can backfire on you if you aren't careful, especially when a previous relationship was involved, which HR might frown upon. There's nothing HR people like less than getting involved in messy break-ups between co-workers.
posted by empath at 1:58 PM on September 9, 2010
posted by empath at 1:58 PM on September 9, 2010
Do what everyone here has said about taking the system offline.
Copy the files she sent and send them to the folks here who have said they'll look at them. I'm also willing to take a look.
Call in sick tomorrow and go to the library and change all your passwords. Call your bank and ask that a watch be put on your account. Contact the major credit agencies and ask that a freeze be put on your record. Tell them that your information has been compromised.
Depending on what various folks here find in the files, your subsequent steps may vary. If there is malware there, and it can be documented and proven, you may to want to get an attorney to help you through the steps of reporting her to work, and the appropriate law enforcement agencies. (This may or may not be something you want to report to the Secret Service cyber team, rather than local cops.)
The hidden executables almost always mean malware. Please send it to someone who can decode it for you and tell you what it's doing.
Do not nuke the system yet.
Best of luck. Don't panic. We can fix this.
posted by SecretAgentSockpuppet at 7:25 PM on September 9, 2010
Copy the files she sent and send them to the folks here who have said they'll look at them. I'm also willing to take a look.
Call in sick tomorrow and go to the library and change all your passwords. Call your bank and ask that a watch be put on your account. Contact the major credit agencies and ask that a freeze be put on your record. Tell them that your information has been compromised.
Depending on what various folks here find in the files, your subsequent steps may vary. If there is malware there, and it can be documented and proven, you may to want to get an attorney to help you through the steps of reporting her to work, and the appropriate law enforcement agencies. (This may or may not be something you want to report to the Secret Service cyber team, rather than local cops.)
The hidden executables almost always mean malware. Please send it to someone who can decode it for you and tell you what it's doing.
Do not nuke the system yet.
Best of luck. Don't panic. We can fix this.
posted by SecretAgentSockpuppet at 7:25 PM on September 9, 2010
Follow-up... what was the resolution, if any?
posted by indiebass at 1:21 PM on September 23, 2010 [1 favorite]
posted by indiebass at 1:21 PM on September 23, 2010 [1 favorite]
« Older Credit card surcharge legal on rent payment in... | Why is my normally well behaved dog suddenly... Newer »
This thread is closed to new comments.
1. Another suspicious thing is the pictures she sent me, I downloaded them into a file, and when I tried to open them they opened as MS DOS instead of jpeg, how they were labelled.
2. we dated for a few weeks before I broke it off with her because she was so _obsessive_ about checking up on me.
3. And I know she stalked an ex-bf through his computer a few years ago, because she told me!
The extremely likely answer to your question is yes. Here is what you should do:
1. Turn off your home computer.
2. Confront her in private about this.
3. Back up important files, format your hard drive, reinstall the OS, blacklist her email. The first two parts of this step may be a pain but consider it the price paid for a valuable lesson.
She mentioned the thing you are researching because she wants you to know she knows; she wants to intimidate you. If I were you I'd talk to HR about this, because this woman is dangerous. But you have the answer to the question you asked, so govern yourself accordingly. Good luck.
posted by FAMOUS MONSTER at 8:47 AM on September 9, 2010 [4 favorites]