Disconnect from the network, then reformat the hard drive and start from scratch.
It’s the only way to be sure. The cracker may have left any number of backdoors into their computer, and unless they really know what they’re doing, they’re probably not going to find them all.
When they get back up, they should make sure that file sharing, printer sharing and other things like that are turned off. Then they should go back online and immediately go and update to the latest version of their system software. ( http://windowsupdate.microsoft.com for a windows machine, Software Update in the controls panel on a Mac).
Then they should go get a firewall system like Zone Alarm ( http://www.zonelabs.com/ ) or Symantec’s Norton Personal Firewall ( http://www.symantec.com/sabu/nis/npf/ ). They should also get antivirus software as well, and make sure that the virus checker file is up to date.
They should then disconnect from the net again and scan everything on their hard drive with the virus checker.