Help! My Dad’s Computer Might Be Compromised – What Should We Do?

You'll definitely want to wipe the computer clean. It might be the only way to be sure those remote controls are gone. Before you do that, ensure you're backing up important files to an external drive—just keep it offline. And yes, get that antivirus running. Running Windows Defender is a good start, but if you don't feel confident handling the computer, getting a professional involved is a solid move.

Honestly, it sounds like the computer is pretty compromised. I'd keep it shut down for now until you can figure out a plan. If you're in the US, Geek Squad or any local repair shop could help, but backing up important data without connecting to the internet is essential. Change that Quickbooks password and consider signing out of all devices linked to your accounts to prevent further access.

You must keep the computer disconnected from any network when powering it up. Use a clean device to change passwords for everything you have, including email and banking links. Once everything is backed up, wipe the drive completely and reinstall the operating system to get a fresh start. Make sure to enable two-factor authentication on all accounts to enhance security moving forward.

It's confusing why someone would mess with Quickbooks, but it's likely linked to potentially stealing data or trying to blackmail. Quickbooks syncs with banks and financial accounts, so there could be serious ramifications. If anything looks weird, run a full offline scan or consider taking the drive to a clean machine to back up files safely. Be careful with what you assume, though; better to play it safe!