Stalker Hacker

Started in 2005 on my first XP when I fired my IT guy at a mid-sized company. He swore I would be sorry. Soon after I retired and the problems began. If he is my problem, I am sorry....that I ever hired him. It started when my new XP system was hacked to a VPN and taken over to Group Policy by someone who assumed all administrative privileges behind a hidden partition. He/she changes many of my programs to "folders" and controls what and when I can see or use them on "his" network. Have been through 5...count them FIVE.. computers since the first to my almost new Vista Home Prem. This Dell system has had 6 "clean" recoveries including the last 3 by private pros who used a government program to wipe out all "0"-based programming or some such and reinstall my operating system. It has only taken "him" 2 weeks to take over my system again since I got it home. I'm running a tight Comodo, AVAST AV, Ad-Aware and Windows Defender and update and scan religiously. First, I notice no Microsoft popups. Then I start having problems getting on the Internet and have to continually reset my LAC. Then my security programs stop/start and change along with my Internet options - to include "Anonymous Logon" in Intranet. I have tried (and bought) every program and paid enormous amounts to stop this. Problem is, most programs expect networking and don't see it as an exception. I am a standalone desktop with a printer, monitor, keyboard and mouse ONLY! Please....I'm out of money to fight him and really need my computer. I have my ports stealth locked. NOTE: EVERYTIME this happens, I notice on my Event Log there has been a "special logon" with "specific credentials" for NT AUTHORITY and every Remote service has been activated. Also, I have NEVER been able to do a password reset disk on my computer, whether new or recovered, and assume he/she used that to establish "ownership". Eventually, my updates will stop again and I'll lose all internet privileges. Also, the F2 Setup on this computer is "Passcoded" - and not by me. Any thoughts...help...guidance??? I'm losing hope.

 

Have you considered changing your email address and possibly ISP ?..I know I have registered email accounts under "fictitious" names and addresses and have changed ISP's.. I am not claiming this will work but, sometimes it's the little things that throw a wrench in things... You know like jumpers on a hard drive master/slave.....Good luck
Blades :major

 

"Private Pros" did not look "outside of the box" as the problem may lie with a different machine to gain access to yours (guessing). Anyone can use a disk formatting program that will wipe a drive using zeros or whatever government standard (and is freely available).

If the fired IT guy is being malicious there should be router/firewall logs to see where the activity is coming from.

Possibly a misconfiguration of Comodo firewall.

Also, if you haven't already, follow the Malware Removal Guide

 

Thank you for your replies. Yes, I have changed both my IP address and my internet providers more than once and each time after a CLEAN reinstall. Apparently, there are programs to find you somehow. I name my computer ridiculous names to evade detection...but I have not yet obtained an internet account under a fictitious name and that is a suggestion I'm checking out today.

The mention that my Comodo may have been mis-configured [to allow networking] makes sense I've had daily entries on my Problem/Solutions Report that indicate my Comodo has crashed....even though it appears to be working fine.

Does (1) another CLEAN reinstall of my operating system AFTER (2) changing my internet provider under another name make sense in resolving my problem? Should I look at something else, too? (I have followed the Malware Removal Guide.) I can't change internet providers again for a while without a penalty so only have one shot at this. Your thoughts please. Dell just told me I need to do another recovery because my system is crashing (you think..) so time is short. Thank you, BOUT2GIVUP

 

Still working on it but wanted to thank you. My firewall logs are full of 3-4 IP addresses but can't find means of tracing them. My ISP says they don't have modem logs and can't (or more likely WON'T) help me but keep asking me about my neighbors. (Hinting?) Anyway, before my computer dies or I'm locked out again and can't get back to you - thanks. Now to the Malware Removal Guide in safe mode again and for probably the last time before another recovery....