Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Is this possible?

  1. #1
    Junior Member
    Join Date
    Nov 2004
    Posts
    2

    Is this possible?

    Forgive me for my ignorance but I've never had a situation like this and while I'd like to think my computer is safe and take great pains to keep it that way, I've experienced something kind of scary.

    Is it possible for a website owner to steal a user's password and somehow gain access to their computer or files?

    I visit a site designed by a husband for his wife and her friends. He is a major computer freak who works in the industry writing code and other things I can't even begin to understand. Its was just a normal chatting site on a phpBB Group discussion board. Recently, the husband and wife have separated and apparently he has access to her email program and possibly her entire computer (he lives in one state and she in another now). I understand how he could gain access to her computer (keyloggers, passwords being revealed) but there is concern that he may have gained access to other users' email accounts or possibly their computers. For those of us who know little about this stuff and what is possible, we imagine it is probably very easy for someone to do this.

    But the sensible side of me tells me this is not an easy thing for him to have been able to do. I run Norton Internet security, have downloads disabled on IE, run several spyware checks each week, have tested my firewall endlessly (have it set pretty secure), and run AV checks three times a week. I am running WINME and on DSL. Every check I run comes clean.

    Is it possible for someone to be able to gain access to another's computer simply by them logging on to a website? Is there something I should be looking for on my computer?

    This guy has posted on the main page of his site that he has control more than we small brains think and blah blah blah. Of course, I'm certain this is to make the clueless freak out but after listening to everyone whine, it is now making ME paranoid.

    got any ideas? sorry for the length of this post....btw, your site was recommended by someone who found great info here. Thanks.

  2. #2
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    Does she have remote desktop installed? He might have a alternative admin account on the computer and is able to remote in. Firewall wont block this unless told to. Remove print and file sharing and uncheck allow people to remote connect in system properties. There is a lot of different things he could be doing to get in. best bet is to disconnect from modem when not online, change email, and get a difficult password. Then again for the right price would be willing to go beat the Cr@9 out of him. LOL
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  3. #3
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    In the case of the ex-wife, it's quite common for a husband to know his wife well enough to guess what she'll pick out as a password.... Or for a semi-ethical ex to mount backorifice on a computer he knows she'll get at the split...

    Best solution for this ex is to scan for keygrabbers, and change all her freaking passes to something obscure instead of what she normally goes with. Common sense also tells you to stay the hell off his website, don't open his emails, and leave him alone in general.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  4. #4
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752

    Is it possible for a website owner to steal a user's password and somehow gain access to their computer or files?
    In general.....no. But if you have downloaded anything from his site, he could have included a trojan in that download.
    Now he will have access to the password you use to access his site and be able to know what OS you are using and other various pieces of information that your computer broadcasts to the world.

    There have been some new exploits where computer have been comprimised by visiting a web site, but those exploits have not been around long.
    Get a² Free : http://www.emsisoft.com/en/software/free/ and run a scan with that. Also get AdAware : http://www.lavasoftusa.com/software/adaware/ and Spybot S&D : http://www.safer-networking.org/en/index.html and run those also. I would run an outside AV scan such as Trend 'Housecall' also: http://housecall.trendmicro.com/hous...start_corp.asp

    Personally, I would suggest you also change OSes also. Either XP Home or XP Pro and upgrade it immeadiately to SP2, but that is a personal preference. Although either XP with SP2 is more secure than Windows ME.

    Good luck

    edit> all programs listed above are free, BTW.
    If you do upgrade to XP, then do a complete reformat and then installation and then you will be sure you have gotten any malware off of your computer (you can also reformate and reinstall ME to do the same thing).
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  5. #5
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    Just saying it when you went on to his site did any thing pop up like on of thows securtiy warnings or somthing saying you need to download this to view this site. This is a used way to get people to download virii by making this copy of a pluging pop up but instead of you downloading something you think you need you are downloading a virus.

  6. #6
    Junior Member
    Join Date
    Nov 2004
    Posts
    2
    Thank you for the replies. As far as my machine goes, everything suggested has been done (spyware blaster, adaware, housecalls, spybot, remote desktop off, filesharing/printing disabled....everything except for reformatting and installing XP. I plan on getting a new machine in a few months and really don't want the mess of screwing with my only working machine right now). She said she ran all the above as well and nothing. Will call her and suggest checking filesharing/remote desktop settings.

    I haven't been to his website since we found out he has lost his mind and don't plan on it. He's never had a popup appear that I am aware of (but he did place a request on it a few months ago asking we disable popup killers b/c they interfere with his advertiser's popups. I ignored that request and haven't had a single one). Never d/l anything from his site. No emails from him.

    The wife went to an internet cafe and changed her passwords from a machine there. He still got in. So another friend changed them from her machine across the county (and called wife on cellphone to let her know what they were) and he still got in (to her emails. Hmmm.... She is going out today to purchase a new machine and new service provider, create brand new email accounts. She can't reformat the old machine b/c he has all the software and even if she could get it from him, she can't trust it. Drastic/desperate measures but she told me she will never trust that machine, even reformatted.

    What is even more interesting is that he is here on a visa, holding a green card with his wife as his sponser. She can have his butt yanked back to the middle east in a heartbeat with one phone call. Proving he is getting into her machine (or others) is the difficult part as far as law enforcement goes but in today's political climate, she wouldn't have to prove anything. All she would have to do, as his sponser, is tell them she changed her mind and he is a danger, and supposedly poof, he's gone. Why would he even DO such a thing is beyond me. He isn't as smart as he thinks he is.

    I'm almost tempted to go out there and kick his a** myself for scaring the cr*p out of a bunch of women (some of them older ladies) who did nothing to him. We may be a bunch of small brains but there are more of us and we are paranoid. Makes US kind of scary. Esp with so many folks on the net out there who are willing to help push this guy out into the light.

    Thank you all for the advice. If I find out anything more interesting, I will post.

  7. #7
    Is it possible for someone to be able to gain access to another's computer simply by them logging on to a website? Is there something I should be looking for on my computer?
    Oh come on, first of all what makes you think you have problems to begin with I mean if the guy is going to go and post and bitch instead of actually doing something... and who da' **** wastes time with email. Chances are all of you guys combined wouldn't have anything to say in an email that would be of any interest to me at all. If you even actually do have problems then its probably powered by the phpBB version known as (outdated & poorly administered).

  8. #8
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    yea TheSpecialist is definitely right.

  9. #9
    Junior Member
    Join Date
    Nov 2004
    Posts
    1
    Cindy,
    I don't "know" you by this name, but I think we know one another and ended up in the same forum looking for answers. Yeah it was a board powered by phpBB. The weasel took over a Yahoo Group I had set up after deleting his wife from the membership list AND after changing the url address of the group. I ended up having to deleting my group. Sure makes me think he took over my computer even though I have,do or run the following:

    Spybot S&D
    Panda
    TrendMicro
    Norton (resident and runs constantly)
    Trojan Scanner
    Ject Scanner
    CWShredder Scanner
    Hijack This
    Stinger
    RegCleaner
    SpySweeper
    SpyBlaster
    Spyware Guard
    Firewall on router, WinXP OS, and ZoneAlarm
    CrazyBrowser popup blocker, Popup Stopper

    I keep coming up clean, but who REALLY knows. Paranoid? Yeah I am because of what this idiot did to ME personally! Someone inside feeding him the info? Maybe. He ROBBED his wife of MY information ON PURPOSE. I know for a fact he has my email, street and other address info. I have met this jerkwad and now I know why I didn't care for him in person. I really like the wife so I kept the friendship between she and I.

    Oh well, it is what it is. I can wipe and reformat my computer. I probably will next week when I can make the time.

    To the experts here...thanks for sharing your knowledge.
    For the skeptics....walk a mile in our shoes. Think what you like, but the nature of the info he got by using his wife's email feasibly could give him leverage if allowed to get away with it.

  10. #10
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    i only have one thing to say
    format c:

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •