# Suspect someone remotely access my computer



## CiroPeters

Hi,

I suspected someone is messing up with my files in my system then i thought about possibility someone accessing my computer via remote access so i goggled online and check about how to detect if someone is really snooping on my computer.I found out that when i entered cmd > netstat -n, there are a list of 127.0.0.1 TCP connections and lots of various ip addresses under the foreign addresses....... this mean someone is really accessing my computer right? The scariest thing is that i checked my other computer...... the ip addresses connected to my computer are the same. I googled online and it seems that one the person got hold of your ip address, you cannot escape..... but there is another saying that there is actually a phone number program that can detect your phone number and hence ip address? I am really a newbie in this area....... All in all, from what i read online so far, it seems that 

(1) i must reinstall my OS and wipe out the harddisk ( how to i do a clean back up on my harddisk without the old hacks existing) ....... but as said, i am really a newbie in this kind of thing, how do i go about doing it? Hope someone can help me here so it speeds up stuff instead of myself surfing to figure out how to do it......

(2) Disconnect my network, untick my remote assistance and disable my remote desktop...... but from what i can gather online so far, my OS is Windows Vista........ i seems to be able to untick my remote assistance but how do i go about disabling my remote desktop?

I cannot try to disable all the services with remote on them under the services right? But the spooky thing is that after i disconnect my network, it seems that i realised someone is suspicious like almost all the services with remote are started.....do that mean that the hacker can still monitor what i am doing? It seems that he is really scary...... i was like thinking heck i just disable all the services with remote and anything go wrong then see how.....anyway i am not thinking of using remote at all so even if something to do with remote is corrupted, i think the other parts of my computer would work fine........

(4) Are there anything else to do with remote that i must disable or do before i switch on my network?

(5) Do i need to change my house phone number hence changed my router, modem to gain a new ip address so that i can be forever away from the hacker? Do i need to do till such extent?

(6) If let's say i want double protection...... what must i do to my router such as to extra protect my computer? like the settings etc...... and my norton internet security..... how can i tweak to extra protect my computer?

These are my main issues........ But i read somewhere about Tiger.....is that something to sure clean up my harddisk? I would google that later too.......

Besides, i realised the ip addresses the first 4 parts are always the same and the last two parts always differ.......does the last number refers to the port the hacker is accessing through his computer to my computer? That is my guess from foreign address and local address....... I am really clueless...... just my guess........ i think i really need to buck up on my network security......

Can someone please help me with the issues? I am stuck with not being able to use any of my computers...... it is really inconvenient. Thanks. Really pray for helpers


----------



## JMPC

I'm really not sure where to begin with this. I'm glad you've been doing a lot of reading on the subject of security but a lot of your assumptions are incorrect.

The Netstat command is just showing active/open TCP connections. It is normal to see a bunch of IP addresses listed.

There is no way to use a phone number to get an IP address. Having someones IP address doesn't mean you can automatically access that persons network or their computers.

So, let's start with your files being messed up. Can you describe exactly what is happening with your files?

The system being slow can be many things, if you think you may have a malware infection of some kind you can create a thread after reading this thread:
http://www.techsupportforum.com/for...-posting-for-malware-removal-help-305963.html


----------



## Roardawg

I'll start with the remote access part of your problem. My best advice would be to install a software firewall. Just Google 'top free(or buy one) software firewalls'. If your 100% certain someone is RD'd into your computer, download software firewall, then unplug yourself from the network, install the firewall, then plug it back in.
But before you do that, one way you can check to see if someone's RD'd you is go to control panel=> administrative tools=> computer management=> expand the "shared folder" and click on sessions. any remote incoming sessions should be listed there. Best of luck, any more questions feel free to post or pm me.
P.S. - I currently have ZoneAlarm on my laptop and am quite pleased with it.


----------

