computer hacked to pieces, what to do

thebeyonder

Member
Dec 17, 2007
74
0
66
i'm pretty sure hackers access my computer constantly.

I had some issue with a particular IP address, forgot exactly what it was, but the firewall was seeing that it was accessing the computer even though it was supposed to be specifically blocked by the firewall. so I got a packet sniffer to see what was going on, it caught any other traffic *except* from that address.

sometimes I close IE, but the DUN icon keeps going. nothing else should be running. automatic updates turned off, haven't used a program that would be calling home looking for updates like they always want to do.

sometimes I open programs, they'll open up with a non-fullscreen window even though I always use them fullscreen, did last time and closed them that way last time. IE, outlook and excel do that fairly often.

I have the security policy set to log anything, but nothing unusual shows up.

last but not least, I'd be off doing something else and the computer makes the noise it does when a removable device is unplugged. that's happened 3 times.

yes, I have already reinstalled windows. several times.

I'm sure it's possible to remotely connect to a computer and get around the firewall, avoid detection by the security policy, and connect and disconnect remote devices such as a virtual drive.

but how can I find out who does it, what they're doing or getting, how they're doing it and when they do it?
 

seepy83

Platinum Member
Nov 12, 2003
2,132
3
71
Not to be offensive, but you just sound like you're paranoid.

so I got a packet sniffer to see what was going on, it caught any other traffic *except* from that address.

What packet sniffer were you using, and do you know how to use it?

If you are capturing traffic correctly, and you don't see anything going to or from the IP that you think is a "problem", then nothing is going to or from that IP.

There are a whole lot of legitimate reasons that you could see traffic on the wire when you're not browsing the web.
 

thebeyonder

Member
Dec 17, 2007
74
0
66
PlasticSniffer and maybe 2 others. it was a while ago, I haven't used them since because it was pointless, couldn't block or capture traffic from the IP. yes I did know how to use the packet sniffers and IP blockers, I was capturing any other traffic and blocking whatever IP I wanted, except that one.

I was using BlueTack Protowall for the IP blocker, in fact I was in contact with the people at the BlueTack forum, describing the problem in detail, still could not get their software to block it.

it was getting through because ZoneAlarm kept showing that it was.

anyways, why are those program windows opening non-fullscreen when I never close them as such? why has my computer made that noise it does when a device is unplugged, when it's connected to the internet but I don't have any devices connected and am not even at the computer at the time?
 

seepy83

Platinum Member
Nov 12, 2003
2,132
3
71
If you have a firewall installed (like ZoneAlarm...however I haven't touched ZoneAlarm in probably 10+ years), you can create a rule to block traffic from whatever IPs you want.

I've never heard of PlasticSniffer or BlueTack Protowall. My suggestion would be to use Wireshark to capture your traffic and analyze it. Like I said before, if you have a packet sniffer configured correctly, and you don't see any traffic to or from a particular IP Address, it is because there is no traffic going to or from that IP Address. I'm not sure why you would think otherwise, but maybe it is because you don't know much about the way Networking Protocols / TCP/IP work. Unless, of course, the packet sniffer you were using was garbage....Wireshark is not garbage, it is actually extremely good, so use it.


I have no explaination for your programs not opening full-screen.

And for the sound being made like a device is being unplugged, do you have any peripherals that shut off (to save power) if they are not used after a certain amount of time? I would also check Device Manager (and maybe even take screenshots of it) before you hear the sound, and then again afterwards to see if there is any difference.
 

insect9

Senior member
Jun 19, 2004
954
0
76
nothing else should be running. automatic updates turned off, haven't used a program that would be calling home looking for updates like they always want to do.

Is there a reason automatic updates are turned off? Some are pretty important and there could be a patch to close a hole somewhere...
 

Scouzer

Lifer
Jun 3, 2001
10,358
5
0
Is there a reason automatic updates are turned off? Some are pretty important and there could be a patch to close a hole somewhere...

No kidding. This is the most important thing you can do to secure your computer.

OP, you just sound hyper paranoid.
 

blackangst1

Lifer
Feb 23, 2005
22,902
2,359
126
It sounds like you might have a couple things going on, but Im not sure its hackery.

First off, regarding that IP address. What I would suggest is create a host file to deal with it, not just through your firewall. You can find instructions and what it does here: http://www.bleepingcomputer.com/tutorials/tutorial51.html

Second, I would suggest running a full system scan with Malwarebytes and Hijackthis. If you need further help, I would direct you to this forum specifically for security cleanup: http://www.dslreports.com/forum/cleanup.

You never mentioned what your internet connection is. Wireless or wired? If wireless, I would suggest going hard wired and turn off your wireless.