WARNING computer hacker

[The Snark]

In Doi Saket, roughly across from the old police station, there is a small computer shop. I took my computer there for a minor repair as it was convenient.

Two persons took the computer apart while I watched and told me to come back the next day. When I retrieved the computer and brought it home all settings had been changed, programs were removed and other programs added. A logging program recorded their entire repair efforts were to go through my files and watch videos.

[Canta Slaus]

welcome to thailand

[faraday]

Which programs were added?

[mesquite]

This sucks, but I'm not surprised.

[BB1955]

You can expect that from just about any computer repair shop . Best to always remove or encrypt anything you might be embarrased about anyone seeing . Curious eyes will always look.

[DeaconJohn]

welcome to thailand

...and welcome to the forum.

Your education is just beginning.

[The Snark]

I'm more or less a computer expert. I lacked the tools to change out a flaky SATA plug thus why I took it to a shop. Trivial job. No need to turn the computer on.

GOM player and Media Player Classic were removed. Rich media player installed and applied for all media types. Desktop completely rearranged. Several shortcuts missing. The wrong version of TWEAKUI installed, default graphics image viewer set to MS Paint. Gimp removed. Imgburn removed. Major clown playing with toys episode.

I made this post as a heads up for people in the eastern outlying area of Chiang Mai and, fortunately, the people were just average anal orifices that did not have a clue they were, literally, playing in the sandbox. Still had to check every inch of the 2 HDs for virus and malware etc.

[amexpat]

"literally", playing in the sandbox? Yeah, that would figuratively crunch a computer.

[Benjie]

I'm more or less a computer expert. I lacked the tools to change out a flaky SATA plug thus why I took it to a shop. Trivial job. No need to turn the computer on.

GOM player and Media Player Classic were removed. Rich media player installed and applied for all media types. Desktop completely rearranged. Several shortcuts missing. The wrong version of TWEAKUI installed, default graphics image viewer set to MS Paint. Gimp removed. Imgburn removed. Major clown playing with toys episode.

I made this post as a heads up for people in the eastern outlying area of Chiang Mai and, fortunately, the people were just average anal orifices that did not have a clue they were, literally, playing in the sandbox. Still had to check every inch of the 2 HDs for virus and malware etc.

So why not stand over them whilst they did it?

What tools are needed to change a Sata (plug?) new cable or move the port surely?

Just sounds like they reloaded windows over the top, How is this hacking? definitely doesn't sound like someone who is more or less a computer expert?

[Beetlejuice]

This is not a case of computer hacking.

On the occasions when I have taken my computer into a repair shop, I first make it clear to them, not to install or delete anything from my computer, otherwise they will do it believing they are doing the customer a favour, but I still have everything backed up on external hard drives and memory sticks just in case, back ups that I religiously keep up to date.

I never store online banking details on my computer and once the computer is repaired my first priority once I arrive home is to start up the computer and change all my passwords. If you have access to a second computer, the wise thing to do is change your passwords using the second computer prior to visiting a repair shop and then you are safeguarded from having any relevant passwords copied from the computer in for repair.

It`s just a case a using common sense and taking precautions, no point in complaining afterwards.

[bangmai]

I'm more or less a computer expert. I lacked the tools to change out a flaky SATA plug thus why I took it to a shop. Trivial job. No need to turn the computer on.

GOM player and Media Player Classic were removed. Rich media player installed and applied for all media types. Desktop completely rearranged. Several shortcuts missing. The wrong version of TWEAKUI installed, default graphics image viewer set to MS Paint. Gimp removed. Imgburn removed. Major clown playing with toys episode.

I made this post as a heads up for people in the eastern outlying area of Chiang Mai and, fortunately, the people were just average anal orifices that did not have a clue they were, literally, playing in the sandbox. Still had to check every inch of the 2 HDs for virus and malware etc.

So why not stand over them whilst they did it?

What tools are needed to change a Sata (plug?) new cable or move the port surely?

Just sounds like they reloaded windows over the top, How is this hacking? definitely doesn't sound like someone who is more or less a computer expert?

Exactly.

[FolkGuitar]

Everything about this raises questions...

Of the repair shop: If they were to just change a plug, what need would they have to re-install the operating system?

If they took the time to crack the case while the OP was standing there, why didn't they change the plug while he was standing there. Replacing a SATA plug only takes just a couple of minutes. Replacing a socket would take time, but not replacing a plug.

Of the Original Poster: Says "I'm more or less a computer expert." But then goes on to say "Rich media player installed and applied for all media types." as if he doesn't realize that when you install just about any media player, it resets the default value for itself to handle all the media types.

And if this Rich media player is handling all the media types, why is "the default graphics image viewer set to MS Paint."

This does not compute...

[slipperylobster]

In the future, backup your videos, photos and documents (as you should) on a spare external drive.

Use a startup/repair disk or a Live Linux on USB thumb to boot your computer and wipe the drive clean.

do a fresh install of the operating system.

I try to keep my stuff off the computer. Can be done by using "Portable Programs" that boot from a thumb drive. In fact...I even load my Operating system "Linux Puppy" from a thumb drive. It loads into ram and disappears when the computer is off. All files saved externally. I leave windows 7 on the hard drive..just to play with. Actually my puppy boots faster and runs firefox, skype, pigeon, etc.

If my computer was stolen/went tits up...My Linux will boot up on any other computer. Amazing.

[FolkGuitar]

In the future, backup your videos, photos and documents (as you should) on a spare external drive..........................

Can't say it often enough. All it takes is one time losing really important stuff to convert the non-believer, but it's a hard lesson learned.

The only things I have on my C-drive is the operating system and associated folders, and program files. Nothing else. And that has been cloned and is saved on an external hard drive. ALL FILES, ALL IMPORTANT INFORMATION, ALL DATA, papers, music, videos, photographs, everything to run my life the way I like it run is stored on multiple external hard drives, Back-up copies of everything, and "incremental back-ups" made every night, automatically. Actually, I have copies of the copies as well.

I learned the hard way, I'm sorry to say, and lost quite a bit of stuff I'd really like to have now,

So don't forget all the stuff you stored on diskettes. Do you even have a diskette drive any more? Most computers don;t have them these days, or files that were made on software that is no longer available. I had graphic files that I made for a post-graduate Thesis that I made using software called 'Harvard Graphics" The files won't open with anything else and Harvard Graphics is no longer available except for outrageous sums of money from collectors.

Back-ups and up-dates... It really IS important

[MisterTee]

In the future, backup your videos, photos and documents (as you should) on a spare external drive..........................

Can't say it often enough. All it takes is one time losing really important stuff to convert the non-believer, but it's a hard lesson learned.

The only things I have on my C-drive is the operating system and associated folders, and program files. Nothing else. And that has been cloned and is saved on an external hard drive. ALL FILES, ALL IMPORTANT INFORMATION, ALL DATA, papers, music, videos, photographs, everything to run my life the way I like it run is stored on multiple external hard drives, Back-up copies of everything, and "incremental back-ups" made every night, automatically. Actually, I have copies of the copies as well.

I learned the hard way, I'm sorry to say, and lost quite a bit of stuff I'd really like to have now,

So don't forget all the stuff you stored on diskettes. Do you even have a diskette drive any more? Most computers don;t have them these days, or files that were made on software that is no longer available. I had graphic files that I made for a post-graduate Thesis that I made using software called 'Harvard Graphics" The files won't open with anything else and Harvard Graphics is no longer available except for outrageous sums of money from collectors.

Back-ups and up-dates... It really IS important

Yes, I was a non-believer and you converted me.

Everything cloned and saved in triplicate... then the cat jumped up and pissed on my keyboard!

What do I do now?

[FolkGuitar]

In the future, backup your videos, photos and documents (as you should) on a spare external drive..........................

Can't say it often enough. All it takes is one time losing really important stuff to convert the non-believer, but it's a hard lesson learned.

The only things I have on my C-drive is the operating system and associated folders, and program files. Nothing else. And that has been cloned and is saved on an external hard drive. ALL FILES, ALL IMPORTANT INFORMATION, ALL DATA, papers, music, videos, photographs, everything to run my life the way I like it run is stored on multiple external hard drives, Back-up copies of everything, and "incremental back-ups" made every night, automatically. Actually, I have copies of the copies as well.

I learned the hard way, I'm sorry to say, and lost quite a bit of stuff I'd really like to have now,

So don't forget all the stuff you stored on diskettes. Do you even have a diskette drive any more? Most computers don;t have them these days, or files that were made on software that is no longer available. I had graphic files that I made for a post-graduate Thesis that I made using software called 'Harvard Graphics" The files won't open with anything else and Harvard Graphics is no longer available except for outrageous sums of money from collectors.

Back-ups and up-dates... It really IS important

Yes, I was a non-believer and you converted me.

Everything cloned and saved in triplicate... then the cat jumped up and pissed on my keyboard!

What do I do now?

Keyboards are cheap. You can get one for 200 baht in any of the computer mall. Unless, that is, you like the smell of cat urine, in which case just give your cat more water.

Our cat puked on my wife's laptop keyboard, and the stomach acids shorted out a few keys. Being a Japanese brand not sold here in Thailand, no one could replace it so we cleaned up the mess, then picked up a USB keyboard for 200 baht and she continued to use the laptop until she purchased a new one in Japan a few months later. (Japanese keyboards are arranged in a different configuration than other country's.)

[bangmai]

Another computer "expert" using a pirated copy of XP........

[The Snark]

Having gone through the log, clarifying issues. Rootkit virus, adware and a 'phone home' malware was found. Attempts were made to access passwords in both email and browser. (Hacking)

I correct my wording. 4 SATA SOCKETS needed replacing. They had to get them from the city. Thus why I left the computer at the shop. No sense replacing just one.

As others have mentioned, precautions should always be taken. Back ups, separate from the primary OS drive. Passwords should be password protected. Encryption or at the least a password protected RAR or ZIP file for stored data.

In my computer's case my primary OS is Linux and Window crap is handed over there where things are not exactly accessible to the average hacker. I blew off the OS, installed my own hacked version, yes you can legally hack anything you want, the criminal violation is in the distribution, and went on my merry way. The only futz up was an attempt was made to crack my firewall which messed up that program which in turn caused the new OS to have problems. Uninstalling and reinstalling the firewall corrected that.

The smartest way to protect your computer and data when you take it in to a shop is have a copy of your OS and main programs on a separate boot drive. You can even use a USB thumb drive. Your real storage and hard drives never go to the shop. That's the only way to protect yourself from those genius repair persons who ALWAYS install a new OS, costing you all sorts of data loss.

My error was my own fault. There was never a reason to even boot up the computer. I stayed and watched them disassemble it and ASSUMED. When I left they reassembled it and tried to hack it.

Edited December 30, 2014 by The Snark

[The Snark]

Everything about this raises questions...

Of the Original Poster: Says "I'm more or less a computer expert." But then goes on to say "Rich media player installed and applied for all media types." as if he doesn't realize that when you install just about any media player, it resets the default value for itself to handle all the media types.

And if this Rich media player is handling all the media types, why is "the default graphics image viewer set to MS Paint."

This does not compute...

I don't use any programs which reset globals. Those programs are for computer victims who don't understand how their machines work. One should always assign the default programs selectively, carefully reading each pane of instructions. That is the commonest way to get software you didn't want installed and commercial interests taking over your computer.

The dipstick wanted to look at pictures and the default picture viewer was Gimp. So he swapped things around. If you have any questions, please feel free to ask.

[manarak]

the OP describes things, I have difficulty to give the story much credit.

[The Snark]

the OP describes things, I have difficulty to give the story much credit.

If you wish me to clarify something, feel free to ask.

If you wish to question my motive and intents in making this posting, perhaps you should take it up with the moderators. Especially so if you feel I have some covert intent to mislead or misinform. If, in the rare chance, you have posted that for the express purpose of being negative or vitriolic, I would appreciate a hint to that effect so I won't be wasting my time trying to comprehend the post. Thanks.

[FolkGuitar]

If I have a problem that I can't resolve, I just bring my computer to 'Goodspeed' in Icon Square. In 15 years dealing with them, I've never had a problem.

Never extra software added, never a new OS installed, no spyware, malware, or adware added, never a desktop 'rearranged.' Just the the work I requested done quickly and properly, at a reasonable price.

But out of curiosity, how do four SATA sockets on a motherboard go bad all at once? That's interesting.

[The Snark]

If I have a problem that I can't resolve, I just bring my computer to 'Goodspeed' in Icon Square. In 15 years dealing with them, I've never had a problem.

Never extra software added, never a new OS installed, no spyware, malware, or adware added, never a desktop 'rearranged.' Just the the work I requested done quickly and properly, at a reasonable price.

But out of curiosity, how do four SATA sockets on a motherboard go bad all at once? That's interesting.

Agreed. Goodspeed appears to be the most reputable shop in the area. (Feel free to offer others). They did however, or rather one of their employees, execute a pretty brutal hack job of the CPU fan mounting hardware that forced me to purchase an entire new fan cooler assembly as parts for those assemblies aren't available. Discovering it when I got home and returning, they challenged me as I couldn't prove it wasn't that way to begin with or I broke it myself later. But be all that as it may, they have an excellent reputation overall.

Two SATA sockets on my motherboard were not reliable. Checking on the web that motherboard was noted as having that problem. Thus my choosing to have all four replaced. SATA can be tricky. It uses a protocol that traps errors and retries*. So it can be difficult to determine if a socket or cable is not quite up to snuff. In this instance, the computer booted at a random speed taking anywhere from 50 to about 90 seconds to come on line and stabilize. Swapping the cable to other sockets I found one socket that booted most of the time around 34 seconds and one that consistently failed to fully boot. Heck with that fuss, change all 4.

* The wiki page gives a pretty good run down on error trapping and retries: http://en.wikipedia.org/wiki/Hard_disk_drive#Error_rates_and_handling

There is also numerous pieces found on the web that go into error trapping and detection with SATA by injecting errors into the data stream.

To make a long story short, and something all modern computer owners should be aware of, just because a SATA transfer works does not mean it is working at 100%. The easiest way to tell is things like my random boot up speed or repeated sending of a given chunk of data and timing it.

Only this morning I was transferring 65 GB of data between computers and that delightful file tosser window told me it was going to take 85 minutes. Cancelling the transfer I dived into the computer and swapped out an old SATA cable with a new one I just bought. Transfer then became 32 minutes.

Edited December 30, 2014 by The Snark

[manarak]

the OP describes things, I have difficulty to give the story much credit.

If you wish me to clarify something, feel free to ask.

If you wish to question my motive and intents in making this posting, perhaps you should take it up with the moderators. Especially so if you feel I have some covert intent to mislead or misinform. If, in the rare chance, you have posted that for the express purpose of being negative or vitriolic, I would appreciate a hint to that effect so I won't be wasting my time trying to comprehend the post. Thanks

I retract my above post. I was tired and I read too many things into what you wrote, sorry.