Going to court Monday - Need Immediate Help

desperatemom · 03-27-2008, 11:53 AM

Hello,

As the name implies, I am desperate. You were recommended to me by a computer tech friend and told me you would help.

I am working in safe mode because it's the only way the computer will stay on for more than 1 minute. Then, it stops and I get the blue screen that says the computer has been stopped because a driver has filled up the stack or something like that.

But here's the main issue.

My ex is a computer programmer. We are in a bitter custody battle and he has (I think), hijacked this computer and stolen all my passwords, email, etc. Why do I think that? Because he has all kinds of information he shouldn't have and is using that against me in court.

I have tried to perform the 5 steps recommended by your forum but can't get past step 2. During the scan, the computer just stops (even in safe mode) and I have to restart.

Is there any way to tell if someone is hijacking my personal information? Can you help me get rid of the virus(s)?

Please help as soon as possible.

Thank You,

Desperate Mom

**Fox** · 03-27-2008, 12:12 PM

I would keep this computer completely offline from now until an expert has a chance to look at it, because by cleaning it off, you may be destroying evidence that could help you if he has violated your expectation of privacy, which you might then be able to use to have the judge rule his evidence as inadmissible.

Ask your legal counsel to call in an expert on computer security to check it out before you continue.

desperatemom · 03-27-2008, 12:18 PM

Thank you,

I am logging off now. I will contact you from another machine.

desperatemom · 03-27-2008, 01:11 PM

I am now contacting you on a "safe" computer. That is; a friend who has nothing to do with my ex and has all kinds of virus, spyware and firewall programs on this machine.

I failed to mention in my first post that I have already contracted with a computer forensics investigator who has imaged the drive and has it in safekeeping for the analysis. He told me to go ahead and see if you can help because his analysis could take more time than I have to counter the claims in court and his analysis, while it may show what, when and where files have been accessed, it will not disinfect my computer.

If I could just find where files or information has been captured and sent, I would have probable cause for a continuance until the in-depth investigation is completed.

I have the capability to download whatever I need to on this machine, run it on the other machine (offline) and post the results here.

Can/will you help?

Thank you,

Desperate Mom

**Fox** · 03-27-2008, 02:04 PM

With your friend's computer, I would download the following:

HijackThis

Spybot S&D

And put them on a flash drive or a CD. Keep in mind that whatever virus or malware that you have may taint the removable drive, so be careful not to use one with important stuff on it, because I would recommend formatting it afterwards.

Some others might have other recommendations for installers to bring along. But before you do a scan with hijackthis and post a log, follow the post here to start off. It may reference some other programs to use, in which case you'll want to take along the installers for those as well.

desperatemom · 03-27-2008, 04:32 PM

Thank you FOX. I have downloaded both HijackThis and SpyBot S&D to a new flash drive. I have also read steps 3 - 5. I hadn't done this before because I couldn't get past step 2 and didn't know if I should proceed.

I will install both on the infected computer and run them. Unfortunately, it will be tomorrow morning before I can do that. I have an appointment this evening with the lawyers.

Thank you again for your fast response. I will post the results early tomorrow morning.

Best regards,

DesperateMom

tetonbob · 03-27-2008, 07:03 PM

I would not clean anything on the machine if there's lawyers involved, and if there are lawyers involved, we should not be in my opinion.

If the security of the machine is suspect, you may be better off backing up valued data and formatting to be sure it's secure going forward...but only after lawyers' forensics team have looked it over and released it.

03-27-2008, 11:53 AM	#1 (permalink)
desperatemom Registered User Join Date: Mar 2008 Posts: 4 OS: XP Home	Going to court Monday - Need Immediate Help Hello, As the name implies, I am desperate. You were recommended to me by a computer tech friend and told me you would help. I am working in safe mode because it's the only way the computer will stay on for more than 1 minute. Then, it stops and I get the blue screen that says the computer has been stopped because a driver has filled up the stack or something like that. But here's the main issue. My ex is a computer programmer. We are in a bitter custody battle and he has (I think), hijacked this computer and stolen all my passwords, email, etc. Why do I think that? Because he has all kinds of information he shouldn't have and is using that against me in court. I have tried to perform the 5 steps recommended by your forum but can't get past step 2. During the scan, the computer just stops (even in safe mode) and I have to restart. Is there any way to tell if someone is hijacking my personal information? Can you help me get rid of the virus(s)? Please help as soon as possible. Thank You, Desperate Mom

03-27-2008, 12:12 PM	#2 (permalink)
Fox TSF Enthusiast Join Date: Sep 2002 Location: NJ Posts: 7,752 OS: XP Pro, CentOS My System	Re: Going to court Monday - Need Immediate Help I would keep this computer completely offline from now until an expert has a chance to look at it, because by cleaning it off, you may be destroying evidence that could help you if he has violated your expectation of privacy, which you might then be able to use to have the judge rule his evidence as inadmissible. Ask your legal counsel to call in an expert on computer security to check it out before you continue. __________________ Antec Neo Power 500W, ABIT IP35-E, Intel E2180@2.66Ghz, Corsair XMS2 2x1GB DDR2-800, PNY 8800GT, 320GB Seagate * lazy college student alert *- If I've inadvertently ignored a thread, please Let me know about it Have I helped you solve your problem? Donate to Techsupportforums Klart Skepp!

03-27-2008, 12:18 PM	#3 (permalink)
desperatemom Registered User Join Date: Mar 2008 Posts: 4 OS: XP Home	Re: Going to court Monday - Need Immediate Help Thank you, I am logging off now. I will contact you from another machine.

03-27-2008, 01:11 PM	#4 (permalink)
desperatemom Registered User Join Date: Mar 2008 Posts: 4 OS: XP Home	Re: Going to court Monday - Need Immediate Help I am now contacting you on a "safe" computer. That is; a friend who has nothing to do with my ex and has all kinds of virus, spyware and firewall programs on this machine. I failed to mention in my first post that I have already contracted with a computer forensics investigator who has imaged the drive and has it in safekeeping for the analysis. He told me to go ahead and see if you can help because his analysis could take more time than I have to counter the claims in court and his analysis, while it may show what, when and where files have been accessed, it will not disinfect my computer. If I could just find where files or information has been captured and sent, I would have probable cause for a continuance until the in-depth investigation is completed. I have the capability to download whatever I need to on this machine, run it on the other machine (offline) and post the results here. Can/will you help? Thank you, Desperate Mom

03-27-2008, 02:04 PM	#5 (permalink)
Fox TSF Enthusiast Join Date: Sep 2002 Location: NJ Posts: 7,752 OS: XP Pro, CentOS My System	Re: Going to court Monday - Need Immediate Help With your friend's computer, I would download the following: HijackThis Spybot S&D And put them on a flash drive or a CD. Keep in mind that whatever virus or malware that you have may taint the removable drive, so be careful not to use one with important stuff on it, because I would recommend formatting it afterwards. Some others might have other recommendations for installers to bring along. But before you do a scan with hijackthis and post a log, follow the post here to start off. It may reference some other programs to use, in which case you'll want to take along the installers for those as well. __________________ Antec Neo Power 500W, ABIT IP35-E, Intel E2180@2.66Ghz, Corsair XMS2 2x1GB DDR2-800, PNY 8800GT, 320GB Seagate * lazy college student alert *- If I've inadvertently ignored a thread, please Let me know about it Have I helped you solve your problem? Donate to Techsupportforums Klart Skepp!

03-27-2008, 04:32 PM	#6 (permalink)
desperatemom Registered User Join Date: Mar 2008 Posts: 4 OS: XP Home	Re: Going to court Monday - Need Immediate Help Thank you FOX. I have downloaded both HijackThis and SpyBot S&D to a new flash drive. I have also read steps 3 - 5. I hadn't done this before because I couldn't get past step 2 and didn't know if I should proceed. I will install both on the infected computer and run them. Unfortunately, it will be tomorrow morning before I can do that. I have an appointment this evening with the lawyers. Thank you again for your fast response. I will post the results early tomorrow morning. Best regards, DesperateMom

03-27-2008, 07:03 PM	#7 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 25,565 OS: 2000 Pro; XP Pro; XP Home	Re: Going to court Monday - Need Immediate Help I would not clean anything on the machine if there's lawyers involved, and if there are lawyers involved, we should not be in my opinion. If the security of the machine is suspect, you may be better off backing up valued data and formatting to be sure it's secure going forward...but only after lawyers' forensics team have looked it over and released it. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Our help is voluntary, but this site needs donations to operate. Please consider Donating to the Forum. Please do not ask for help via Private Message. Ask in the forums, so all may gain from the experience.