Have I Been Hacked?

  • Thread starter Thread starter TeeFran
  • Start date Start date
T

TeeFran

Guest
Hello all.
A couple months ago I was having problems with Vista and software not
operating correctly, so I restored Vista to it’s original factory
settings and things have been fine. I re-activated my purchased
softwares and what-not. About a month ago though, I logged off and the
next day upon hitting the button to turn the PC on it came on like it
does when it boots from sleep or hibernate, and my wireless internet
account was active. I closed the connection and shut the system down.
The day after that I had to re-add my wireless internet connection as I
was not listed with the other names in the connection box. Normally my
wireless connection is the first one at the top of the connection box.
Then a day or so after that my name was at the bottom or further down
than it normally is in the connection box and another name/connection
was at the top where my name normally is. I immediately added a standard
user instead of having just me as the only administrator/authorized
user, and I activated parental control for the standard user and gave
the standard user only limited access to the PC. For the most part I
only get online now with the new standard user, and for the last two
weeks or so I have not noticed any anomalies. But today using my normal
admin account I downloaded a file online and I attempted to convert it
using a software I bought last year to convert files from one format to
another and my System ID has been changed (like it was when I restored
to factory settings). I had already contacted the company and got a new
activation code for my new System ID when I restored a few months back.
Now I need to contact the company once again for another activation code
for this software to go with another System ID.

Questions:
1) Does it sound like my PC was and/or has been hacked?
2) When I was noticing all the strange things before could someone have
changed my System ID then and
I’m just now noticing it?
3) Could someone still have a window into my System?
4) Is there any other way your System ID can be changed besides
restoring to factory settings?
5) I only restored once so how can my System ID be different again
without a second restore?
6) Could just adding a new standard user have changed my whole System
ID?
7) Or could the software itself or another software be screwing with my
PC?

And finally;
8) If I have been compromised, how can I make my regular admin account
more secure, with or without using UAC (which I don’t like using)?

Please help!
:confused:


--
TeeFran
 
On Fri, 29 Aug 2008 01:17:44 -0500, TeeFran wrote:

> Hello all.
> A couple months ago I was having problems with Vista and software not
> operating correctly, so I restored Vista to itÂ’s original factory
> settings and things have been fine. I re-activated my purchased
> softwares and what-not. About a month ago though, I logged off and the
> next day upon hitting the button to turn the PC on it came on like it
> does when it boots from sleep or hibernate, and my wireless internet
> account was active. I closed the connection and shut the system down.
> The day after that I had to re-add my wireless internet connection as I
> was not listed with the other names in the connection box. Normally my
> wireless connection is the first one at the top of the connection box.
> Then a day or so after that my name was at the bottom or further down
> than it normally is in the connection box and another name/connection
> was at the top where my name normally is. I immediately added a standard
> user instead of having just me as the only administrator/authorized
> user, and I activated parental control for the standard user and gave
> the standard user only limited access to the PC. For the most part I
> only get online now with the new standard user, and for the last two
> weeks or so I have not noticed any anomalies. But today using my normal
> admin account I downloaded a file online and I attempted to convert it
> using a software I bought last year to convert files from one format to
> another and my System ID has been changed (like it was when I restored
> to factory settings). I had already contacted the company and got a new
> activation code for my new System ID when I restored a few months back.
> Now I need to contact the company once again for another activation code
> for this software to go with another System ID.
> Questions:
> 1) Does it sound like my PC was and/or has been hacked?
> 2) When I was noticing all the strange things before could someone have
> changed my System ID then and
> IÂ’m just now noticing it?
> 3) Could someone still have a window into my System?
> 4) Is there any other way your System ID can be changed besides
> restoring to factory settings?
> 5) I only restored once so how can my System ID be different again
> without a second restore?
> 6) Could just adding a new standard user have changed my whole System
> ID?
> 7) Or could the software itself or another software be screwing with my
> PC?
> And finally;
> 8) If I have been compromised, how can I make my regular admin account
> more secure, with or without using UAC (which I donÂ’t like using)?
> Please help!

Help: I Got Hacked. Now What Do I Do?
http://technet.microsoft.com/en-au/library/cc512587.aspx

Installing and reinstalling Windows.
Reinstalling Windows Vista when you want to restore default Windows
settings or when you are having trouble with Windows and need to reinstall
it by performing a clean installation.
https://windowshelp.microsoft.com/Windows/e...0522671033.mspx

How To Perform a Repair Installation For Vista.
http://www.vistax64.com/tutorials/88236-re...tall-vista.html

For Vista the most dependable defenses are:
1. Do not work in elevated level; Day-to-day work should be performed
while the User Account Control (UAC) is enabled.
User Account Control Step-by-Step Guide.
http://technet.microsoft.com/en-us/library/cc709691.aspx
Understanding and Configuring User Account Control in Windows Vista.
http://technet.microsoft.com/en-us/library/cc709628.aspx

2. Familiarize yourself with "Services Hardening in Windows Vista".
Services Hardening in Windows Vista
http://www.microsoft.com/technet/technetma.../SecurityWatch/
Educational reading:
10 Immutable Laws of Security
http://technet.microsoft.com/en-us/library/cc722487.aspx

3. Don't expose services to public networks.
Windows Vista Service Configurations Introduction
http://www.blackviper.com/WinVista/servicecfg.htm

4. Keep your operating (OS) system (and all software on it)
updated/patched. (Got SP1 yet?).
Why Service Packs are Better Than Patches.
http://www.microsoft.com/technet/archive/c...h.mspx?mfr=true

5. Reconsider the usage of IE.
Utilizing another browser application can add to the overall security of
the OS.
Alternative Browsers:
Operaâ„¢
http://www.opera.com/download/
Firefoxâ„¢
http://www.mozilla.com/en-US/
The SeaMonkey® Suite (Internet Browser)
http://www.seamonkey-project.org/
--or--
5a.Secure (Harden) Internet Explorer.
IE7 safe/secure settings
Internet Explorer7 Desktop Security Guide
http://www.microsoft.com/downloads/details...&displaylang=en
Internet Explorer Enhanced Security Configuration changes the browsing
experience
http://support.microsoft.com/default.aspx?...kb;en-us;815141
The Internet Explorer 7 Security Status Bar
http://www.microsoft.com/windows/products/...v/security.mspx
Extended Validation SSL Certificates
http://www.microsoft.com/windows/products/...ev/default.mspx
Note: Tight security settings will break down some websites. You need to
add these websites into the Trusted Zone for smooth access.
You could consider disabling all Security Settings in IE and use IE only
for the 'Patch Tuesday' updates; To do so you must add the following URL's
to the Trusted sites:
http://update.microsoft.com
http://download.windowsupdate.com
https://*.update.microsoft.com
http://*.update.microsoft.com
http://*.microsoft.com

6. Review your installed 3rd party software applications/utilities;
Remove clutter, *including* 3rd party software personal firewall
application (PFW) - the one which claims:
"It can stop/control malicious outbound traffic".
Remove clutter, dispose of all your 'Anti-Whatever' applications. Keep your
pc lean, install only applications you are really need - try to be a
'minimalist'.
Belarc Advisor can assist
http://www.belarc.com/free_download.html
--As can--
Revo Uninstaller
http://www.revouninstaller.com/

7. Activate the build-in firewall and tack together its advanced
configuration settings.
Tap into the Vista firewall's advanced configuration features
http://articles.techrepublic.com.com/5100-10877-6098592.html
--Or--
Configure Vista Firewall to support outbound packet filtering
http://searchwindowssecurity.techtarget.co...1247138,00.html
--Or--
Vista Firewall Control (Free versions available)
http://sphinx-soft.com/Vista/
Managing the Windows Vista Firewall
http://technet.microsoft.com/en-us/magazine/cc510323.aspx

7a.If on high-speed Internet connection use a router.
Implement countermeasures against DNSChanger.
http://extremesecurity.blogspot.com/2008/0...t-hijacked.html

And (just in case) Wired Equivalent Privacy (WEP) has been
superseded by Wi-Fi Protected Access (WPA).

8. Utilize one (1) each 'real-time' anti-virus and anti-spy
application.
Avira AntiVir® Personal - FREE Antivirus
http://www.free-av.com/
(The free version won't scan your emails.)
Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
http://thundercloud.net/infoave/tutorials/...nning/index.htm
Ensure your e-mail program is configured to display e-mail messages in
'Plain Text' only.
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm

Windows Defender - (build-in in Vista)

9. Employ vital operating system monitoring utilities/applications.
Process Explorer, AutoRuns, TCPView etc.

10. Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html

Also, ensure you back-up regularly; Develop a Contingency Plan; Be
prepared! Consider "What if..."

Good luck
smile.gif
 
I knew it! I Knew it!

Every since I've been a member of this forum, it's never taken anyone
this long to post back to me, or either this post is in the wrong
place....

or

I"m screwd maaaaaan!!!!!


OH my GOD!!!
OH my GOD!!!
OH my GOD!!!
:sick:


--
TeeFran
 
On Sat, 30 Aug 2008 09:30:53 -0500, TeeFran
wrote:

>
>I knew it! I Knew it!
>
>Every since I've been a member of this forum, it's never taken anyone
>this long to post back to me, or either this post is in the wrong
>place....
>
>or
>
>I"m screwd maaaaaan!!!!!
>
>
>OH my GOD!!!
>OH my GOD!!!
>OH my GOD!!!
>:sick:

You're a raving, moronic child.

Did you look at anything in the reply from "kayman"?
 
OK I've been doing some searching on the web and came across some
websites and other tech support sites and at Microsofts site my post
from here has been forwarded to them so much thanks to whoever did that.


Some guy named Kayman posted some articles over there that I'm
currently reading and printing out, and I'll go from there.

Anyway, thanks.

(BTW, if these posts ARE in the wrong place on the forum, maybe one of
the moderators can delete them or move them).


--
TeeFran
 
On Sat, 30 Aug 2008 12:16:17 -0500, TeeFran
wrote:

>
>OK I've been doing some searching on the web and came across some
>websites and other tech support sites and at Microsofts site my post
>from here has been forwarded to them so much thanks to whoever did that.

The forum software you are on did that. All the posts from "guests"
come from the Microsoft site, not from the forum users.

>Some guy named Kayman posted some articles over there that I'm
>currently reading and printing out, and I'll go from there.

Shows one of the big problems with your forum: it SHOULD have that
post, but it doesn't.

Stick with the groups here if you MUST use a web-interface:

http://www.microsoft.com/communities/newsgroups/en-us/
 
You must log in or register to reply here.
Back
Top