PDA

View Full Version : How can I confirm being hacked?



Pirschjaeger
07-31-2007, 07:17 AM
Hi guys,

I've got some strange problems with my pc. In XP my mouse freezes for about 30 seconds unless I continue using it. This happens even when I reinstall XP. Also, the time is always wrong, even if I reset it. It says I've choosen the correct timezone but my time is always 8 hours behind. If I reset the time, it works until I reboot. Then 8 hours behind again.

Also, I hadn't changed the router password from "admin" but it seems someone else has. I guess I'll have to manually reset the router.

I decided to flash my Bios to see if that would help. It worked for about two days before going back to all the same problems.

As many of you know, I live in China and if you follow the news you'll also know the closer we get to the 2008 games the tighter the gags get. I'm thinking, due to some of my less than pro-commie posts on various sites, my pc has been infiltrated and is being monitored.

So, back to the original question. How can I know if I have been hacked?

Fritz

Low_Flyer_MkVb
07-31-2007, 07:21 AM
Type in something derogatory about the Chinese president and wait for the knock at the door... http://forums.ubi.com/images/smilies/shady.gif

B16Enk
07-31-2007, 07:33 AM
Also, I hadn't changed the router password from "admin" but it seems someone else has. I guess I'll have to manually reset the router.

Wel err..if you left it at default, and WAN management is enabled then you have left your front door closed and locked, but with the key in the lock.

stalkervision
07-31-2007, 07:33 AM
Originally posted by Pirschjaeger:
Hi guys,

I've got some strange problems with my pc. In XP my mouse freezes for about 30 seconds unless I continue using it. This happens even when I reinstall XP. Also, the time is always wrong, even if I reset it. It says I've choosen the correct timezone but my time is always 8 hours behind. If I reset the time, it works until I reboot. Then 8 hours behind again.

Also, I hadn't changed the router password from "admin" but it seems someone else has. I guess I'll have to manually reset the router.

I decided to flash my Bios to see if that would help. It worked for about two days before going back to all the same problems.

As many of you know, I live in China and if you follow the news you'll also know the closer we get to the 2008 games the tighter the gags get. I'm thinking, due to some of my less than pro-commie posts on various sites, my pc has been infiltrated and is being monitored.

So, back to the original question. How can I know if I have been hacked?

Fritz

well for one thing do you always update your windows?

for two do you leave your computer on constantly? Not good!


three do you use a firewall like zone alarm?


four..if your really paranoid get "black Ice defender" it is excellent!


five... run a free spyware program like "spybot" which attacks key loggers and trogan programs and use avg anti-virus..

Avont29
07-31-2007, 07:58 AM
leaving your pc on all the time has nothing to do with it, i leave mines on all the time, and my system runs fine

occasionally i will restart my pc to reset the page file

stalkervision
07-31-2007, 08:02 AM
Originally posted by Avont29:
leaving your pc on all the time has nothing to do with it, i leave mines on all the time, and my system runs fine

occasionally i will restart my pc to reset the page file

Oh but how wrong you are....!! Since you believe you are so right I have nothing further to add..

your just lucky my friend.. http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif

BrewsterPilot
07-31-2007, 08:09 AM
Originally posted by stalkervision:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Avont29:
leaving your pc on all the time has nothing to do with it, i leave mines on all the time, and my system runs fine

occasionally i will restart my pc to reset the page file

Oh but how wrong you are....!! Since you believe you are so right I have nothing further to add..

your just lucky my friend.. http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif </div></BLOCKQUOTE>

+1... I never leave my PC on when I'm not at it, especially not if it's connected to the internet...

leitmotiv
07-31-2007, 08:21 AM
I simply disconnect the cable each time I get up. Very simple. And, never use wireless. I even do this with my Mac. As Ike said, "Safety first." Antivirus and firewall for a PC a sine qua non.

B16Enk
07-31-2007, 08:22 AM
I have a high carbon footprint.

I leave 2-3 PCs on nearly all the time.
They have firewalls, Zonealarm, and I have a good router firewall.

Never been hacked in over 2 years of broadband, that's not luck it's precautions.
I never leave a port forwarded unless I need to use it there and then.
I use complex passwords on everything including XP.

People who have admin level accounts with blank passwords are leaving them selves open though.

Hawgdog
07-31-2007, 08:29 AM
Originally posted by B16Enk:
I have a high carbon footprint.



sig worthy quote!

I dont have an AV program, I use spybot.
My windows firewall and router firewall have prohibited any problems in 6 years. http://forums.ubi.com/images/smilies/compsmash.gif
And I've had all the top AV programs. Nice to inspecting files you dont trust...but what are you doing downloading files you dont trust?

MEGILE
07-31-2007, 08:30 AM
Router on 24/7 365. No problems for 3 years

na85
07-31-2007, 08:45 AM
Pirshjaeger: When you re-installed XP, did you use a quick reformat or a full one?

Sergio_101
07-31-2007, 09:25 AM
Originally posted by Pirschjaeger:
Hi guys,

I've got some strange problems with my pc. In XP my mouse freezes for about 30 seconds unless I continue using it. This happens even when I reinstall XP. Also, the time is always wrong, even if I reset it. It says I've choosen the correct timezone but my time is always 8 hours behind. If I reset the time, it works until I reboot. Then 8 hours behind again.

Also, I hadn't changed the router password from "admin" but it seems someone else has. I guess I'll have to manually reset the router.

I decided to flash my Bios to see if that would help. It worked for about two days before going back to all the same problems.

As many of you know, I live in China and if you follow the news you'll also know the closer we get to the 2008 games the tighter the gags get. I'm thinking, due to some of my less than pro-commie posts on various sites, my pc has been infiltrated and is being monitored.

So, back to the original question. How can I know if I have been hacked?

Fritz

Sounds like a bad BIOS chip or more likely a dying BIOS battery.

As to the router? No clue here.

As to the opressive Chinese goverment?

Not a problem here.

Sergio

BBB_Hyperion
07-31-2007, 09:42 AM
Use a seperate HD fresh and install xp again without internet connection . Check the xp source for noteable unregularities when someone hacked into you system maybe your install cd was infested already. When it runs make a driveimage and check files before and after using internet.

PF_Coastie
07-31-2007, 09:43 AM
Originally posted by Sergio_101:

Sounds like a bad BIOS chip or more likely a dying BIOS battery.

As to the router? No clue here.

As to the opressive Chinese goverment?

Not a problem here.

Sergio

http://forums.ubi.com/images/smilies/agreepost.gif Replace the mobo battery and I bet all your problems disappear.

Now everyone else, please put away your tin hats!

BaldieJr
07-31-2007, 10:06 AM
Originally posted by PF_Coastie:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Sergio_101:

Sounds like a bad BIOS chip or more likely a dying BIOS battery.

As to the router? No clue here.

As to the opressive Chinese goverment?

Not a problem here.

Sergio

http://forums.ubi.com/images/smilies/agreepost.gif Replace the mobo battery and I bet all your problems disappear.

Now everyone else, please put away your tin hats! </div></BLOCKQUOTE>

+1

Bios battery ftw

carguy_
07-31-2007, 10:15 AM
Ok then I understand if mobo battery goes down,the mobo goes down aswell huh?So when my PC won`t get up one morning then I`m assuming it`s the battery,ok.

Waldo.Pepper
07-31-2007, 10:44 AM
I thought I was hacked a few years ago. This confirmed it.

http://www.ethereal.com/

Brain32
07-31-2007, 10:46 AM
Close the ports you do not need.

Jaste07
07-31-2007, 12:08 PM
due to some of my less than pro-commie posts on various sites, my pc has been infiltrated

No matter what they do, keep fighting the good fight my friend...

mortoma
07-31-2007, 12:28 PM
Zonealarm is no longer the best free firewall. I used it for years but recently switched to Comodo, which has more funtionality and is still free. It also has better protection according to experts. But Zonealarm is not really bad. Just not the best anymore.

Taylortony
07-31-2007, 12:41 PM
Go here and check your pc, it will scan whats open etc and is very good... look for shields up amongst other freebies.....

http://www.grc.com/default.htm

DuxCorvan
07-31-2007, 02:02 PM
Now that you mention it...

How do I reset manually my router (U.S.Robotics)?

Some ***** has also entered in it using the silly "admin" default password and changed it, so I can't stop them licking my connection. http://forums.ubi.com/images/smilies/16x16_smiley-mad.gif

Hawgdog
07-31-2007, 02:33 PM
"licking my connection"

dude...that certainly lost something in the cultural translation.

stalkervision
07-31-2007, 02:38 PM
Originally posted by Hawgdog:
"licking my connection"

dude...that certainly lost something in the cultural translation.

You haven't seen all the really good porno that is downloaded onto that computer now have you..? http://forums.ubi.com/groupee_common/emoticons/icon_biggrin.gif

GBrutus
07-31-2007, 02:44 PM
Originally posted by DuxCorvan:
Now that you mention it...

How do I reset manually my router (U.S.Robotics)?

Some ***** has also entered in it using the silly "admin" default password and changed it, so I can't stop them licking my connection. http://forums.ubi.com/images/smilies/16x16_smiley-mad.gif

I don't have your particular router but try this...

Look for a tiny recessed button on the rear of the unit. You'll need a pin or pencil to press it then just hold it down for a few seconds to reset to default. I've had a couple of different routers and both had this method for resetting. Hope this helps.

Monterey13
07-31-2007, 03:43 PM
How old is your machine? Like others have said...cmos battery. There is a lithium battery on your motherboard. Every time you turn your computer off, it saves some things like your clock, etc... If it dies, everything resets every time you shut it down. They're not very expensive.

K_Freddie
07-31-2007, 03:47 PM
Originally posted by Pirschjaeger:
I've got some strange problems with my pc. In XP my mouse freezes for about 30 seconds unless I continue using it. This happens even when I reinstall XP. Also, the time is always wrong, even if I reset it. It says I've choosen the correct timezone but my time is always 8 hours behind. If I reset the time, it works until I reboot. Then 8 hours behind again.

When you reboot the power stays on, or do you switch off then on again. IOW Soft-reboot or Power-Reboot.
If it's a Power-Reboot you might be looking at CMOS/Real Time Clock (RTC) battery, but this will be confirmed if the PC boots up to the CMOS setup screen.
If it's the battery you will lose your PC/CMOS/BIOS configuration each time you power down.


Originally posted by Pirschjaeger:
Also, I hadn't changed the router password from "admin" but it seems someone else has. I guess I'll have to manually reset the router.

Naughty boy, as mentioned this is the way through to your PC. and most likely that you are hacked.
Do this:
Disconnect your router from the outside world (Mao will be happy http://forums.ubi.com/images/smilies/16x16_smiley-very-happy.gif) and your PC.
Format all you HDisks on your PC from the windoze boot disk/cd/dvd.
Clear your CMOS config - There's usually a jumper that you do this with on the mobo.
Do a power reboot (switch off - wait - then on) and reconfig your CMOS with passwords (write these down)
Where did you get your windows disk from - hopefully not china, if so trash it.
So you have the real Bill Gates windoze disk.
Reinstall Doze , but reformat all your disks a second time (this is imperative).

Once this is done:- (ALL THE FOLLOWING INFO IS IN THE WINDOZE HELP FILES)
- Disable guest accounts
- Create a 'supervisor' name and give this complete ADMIN access
- Delete the admin account. Login as supervisor.
- Create a USER account (you'll use this while online). Configure limited rights here.

[CONSULT THE ROUTER DOCS HERE]
- There should be a reset button on your router - Push this when powered up this should reset everything to default
- Now connect router to PC. With software installation change the router login AND password immediately.
- Setup the router = NO EXCEPTIONS

Now do all the other PC stuff (firewalls, NO AUTOMATIC UPDATES), remember to write all logins and password systematically, and then bury this paper in the garden somewhere. After all is done, only then connect the router to the outside world.


Originally posted by Pirschjaeger:
I decided to flash my Bios to see if that would help. It worked for about two days before going back to all the same problems.
http://forums.ubi.com/images/smilies/bigtears.gif Flashing Bios is a risky business. Remember that the bios is programmed in C and usually new stuff is not guaranteed.


Originally posted by Pirschjaeger:
As many of you know, I live in China and if you follow the news you'll also know the closer we get to the 2008 games the tighter the gags get. I'm thinking, due to some of my less than pro-commie posts on various sites, my pc has been infiltrated and is being monitored.

What are you saying comrade, viva Mao!! our spriritual leader.. join us in this great celebration http://forums.ubi.com/images/smilies/16x16_smiley-very-happy.gif
So when do you leave our beloved country http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif

Edt: Silly me, being to old an all uncle! - Most CMOS (PC) config's are now on Flash Ram so do not need battery backup. You will probably find a utility in the BIOS setup proggy to clear the 'CMOS'
http://forums.ubi.com/images/smilies/25.gif

DuxCorvan
08-01-2007, 08:11 AM
Originally posted by GBrutus:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by DuxCorvan:
Now that you mention it...

How do I reset manually my router (U.S.Robotics)?

Some ***** has also entered in it using the silly "admin" default password and changed it, so I can't stop them licking my connection. http://forums.ubi.com/images/smilies/16x16_smiley-mad.gif

I don't have your particular router but try this...

Look for a tiny recessed button on the rear of the unit. You'll need a pin or pencil to press it then just hold it down for a few seconds to reset to default. I've had a couple of different routers and both had this method for resetting. Hope this helps. </div></BLOCKQUOTE>

Thank you! I tried that but it didn't seem to work. I'll try again... with more enthusiasm.
http://forums.ubi.com/groupee_common/emoticons/icon_smile.gif


Originally posted by stalkervision:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Hawgdog:
"licking my connection"

dude...that certainly lost something in the cultural translation.

You haven't seen all the really good porno that is downloaded onto that computer now have you..? http://forums.ubi.com/groupee_common/emoticons/icon_biggrin.gif </div></BLOCKQUOTE>

Sorry, I meant 'sucking my connection'. http://forums.ubi.com/groupee_common/emoticons/icon_biggrin.gif

M_Gunz
08-01-2007, 08:32 AM
Get a different PC for internet hookup, load with Linux and all the security possible then
turn the connect on. Be really serious with the firewall and don't open a hole any wider
than you have to and only for few programs you need.

Of course your machine may be being accessed from inside your place while you are gone,
you filthy foreign spy!

M_Gunz
08-01-2007, 08:35 AM
Originally posted by DuxCorvan:
Sorry, I meant 'sucking my connection'. http://forums.ubi.com/groupee_common/emoticons/icon_biggrin.gif

You just went from the frying pan into the fire.

BrewsterPilot
08-01-2007, 08:42 AM
http://barwick.de/blog/files/ceiling-cat-is-watching-you-masturbate.jpg

DuxCorvan
08-01-2007, 04:41 PM
Slurping my broad wire? http://forums.ubi.com/groupee_common/emoticons/icon_biggrin.gif

Pirschjaeger
08-02-2007, 12:11 AM
Hi all and thanks for the replies, especially K_Freddie. http://forums.ubi.com/images/smilies/25.gif

Many mentioned my battery but I don't think this is the problem for two reasons. First, although a bad battery is possible, the board is less than a year old. Second, I use two HDDs and plug and unplug depending on what I am using. If I want to use XP I unplug the HDD with Linux and plug in the HDD with XP. Yes, I know I can run both systems on the same disk but let's not get into the whole "beauty and the beast" discussion. http://forums.ubi.com/groupee_common/emoticons/icon_smile.gif

I'm the one who originally set up my router. I bought it in China and therefore the manual was in Chinese. Having never used a router before I went ahead and clicked on what felt right. Within a few seconds I had an internet connection. I know about the reset button and plan to use it.

As for my XP, I've tried many times to find a real one here. The problem in China is that all to often a "real" one means a quality copy. Since I am leaving China soon I'll look no further.

Here's my plan; I'm going to disconnect my net connnection between the router and the pc. Then I'll remove the battery and power supply for 20 mins. Once I put them back I'll jump cmos (Hope my wife doesn't read this). I'll format my HDD with my almost exact copy of XP but won't install.

I'll install Ubuntu 7.04 (32 bit since the support for 64 totally sucks) without a net connection. Once installed I'll bait my IT buddy with beer and get him to set up the router.

Does this sound like a good plan? Is there anything else I should add to my strategic war against "little brother"?

Fritz

K_Freddie
08-02-2007, 02:58 AM
OH forgot http://forums.ubi.com/images/smilies/35.gif to mention about that reset button... You must hold it in for at least 5-10 seconds for it to reset everything

BBB_Hyperion
08-02-2007, 08:02 AM
Originally posted by K_Freddie:
Format all you HDisks on your PC from the windoze boot disk/cd/dvd.


I would suggest that he better uses a bootable linux knoppix distribution for formating. That XP might have the trouble insight as the source claimed uncertain (not that we should believe that the right source delivers nothing comparable)

http://www.knopper.net/knoppix/index-en.html

Knoppix is a cvd / cd boot only distribution which run entirely from it. You can use it for diagnostics or work or other stuff like checking you system out. Even using your Internet connection from it.

With this "ensured" iso safety you might get a safe system and you can check on the others.
Using the format command from the boot cd might work as well but doesn't tell us if it is modified.

na85
08-02-2007, 09:07 AM
You can get a Live-CD copy of Kanotix, as well. The advantage is that Kanotix has NTFS read/write. The last time I checked, Knoppix only has NTFS read support.

BBB_Hyperion
08-02-2007, 09:25 AM
Good point na85 !

SeaFireLIV
08-02-2007, 09:58 AM
I was going to do a joke here, but no, bad taste, I think.

Anyway, I always disconnect whenever I am not directly on the net. But I wonder, do you really need to worry? Are the words of one unknown forum user in an IL2 forum that much of a threat to the Chinese?

And please, no comments about how evil the Chinese must be, I`m trying to get a rational response here.

PF_Coastie
08-02-2007, 10:10 AM
Buy a $3 Battery while your at it. You will be glad you did!

BaldieJr
08-02-2007, 10:21 AM
Originally posted by PF_Coastie:
Buy a $3 Battery while your at it. You will be glad you did!

Yep yep

Also, get a frikken bootloader before you kill the machine with static. Plugging/unplugging disks is insane. I recomend:
http://gag.sourceforge.net/

BBB_Hyperion
08-02-2007, 10:33 AM
Originally posted by na85:
You can get a Live-CD copy of Kanotix, as well. The advantage is that Kanotix has NTFS read/write. The last time I checked, Knoppix only has NTFS read support.

KANOTIX notes: "Don't try to write to NTFS partitions using the standard NTFS driver included with the kernel, as its support for writing is very lacking, thus it could destroy the partition and the data in it. There is a new Captive NTFS driver that does a better job at writing to NTFS, so use it instead. For FAT partitions you can enable write-access with the context menu (right mouse button). You may not have the rights to modify Linux partitions, use the root mode in console if needed. Some links are not working in the menu - that is not my fault - the packages from Debian/sid are very new and may have some little bugs, but you can always use new releases. If you find other bugs feel free to post them in the forum."


Not what i call safe na85.

Pirschjaeger
08-02-2007, 10:59 AM
Originally posted by na85:
You can get a Live-CD copy of Kanotix, as well. The advantage is that Kanotix has NTFS read/write. The last time I checked, Knoppix only has NTFS read support.

I've tried many different versions of Linux but still prefer Ubuntu. It also reads/writes ntfs. I'm downloading Knoppix just to check it out. The last Linux I tried was PCLinuxOS which I liked but it seemed to be KDE based which is something I didn't like. I'm a Gnome fan. LinuxMint was ok but I saw little difference, other than cosmetic, from Ubuntu.

I just wish I had more free time for this stuff. Ubuntu is great but requitres time I don't have for learning. Windoze just sucks if you can't get a real copy. After hours of installing the OS and drivers for 1 day of stability, it just isn't worth it.

It's back to Ubuntu and I'll just have to make the time.

Fritz

Pirschjaeger
08-02-2007, 11:00 AM
Originally posted by BBB_Hyperion:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by na85:
You can get a Live-CD copy of Kanotix, as well. The advantage is that Kanotix has NTFS read/write. The last time I checked, Knoppix only has NTFS read support.

KANOTIX notes: "Don't try to write to NTFS partitions using the standard NTFS driver included with the kernel, as its support for writing is very lacking, thus it could destroy the partition and the data in it. There is a new Captive NTFS driver that does a better job at writing to NTFS, so use it instead. For FAT partitions you can enable write-access with the context menu (right mouse button). You may not have the rights to modify Linux partitions, use the root mode in console if needed. Some links are not working in the menu - that is not my fault - the packages from Debian/sid are very new and may have some little bugs, but you can always use new releases. If you find other bugs feel free to post them in the forum."


Not what i call safe na85. </div></BLOCKQUOTE>

Ubuntu and PCLinuxOS worked fine for this.

Pirschjaeger
08-02-2007, 11:08 AM
Originally posted by BaldieJr:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by PF_Coastie:
Buy a $3 Battery while your at it. You will be glad you did!

Yep yep

Also, get a frikken bootloader before you kill the machine with static. Plugging/unplugging disks is insane. I recomend:
http://gag.sourceforge.net/ </div></BLOCKQUOTE>

The problem with buying a battery here is that they are recycled. Recycled meaning taken from a scrap pc and repackaged as new.

Plugging and unplugging HDDs is dangerous to the pc? How?

I've tried to get a mobile rack but they just don't sell them in China. The thing is, my pc cannot be down for any longer than a few hours. I need to have two disks with separate OS's, physically separate from each other.

There are third party software problems with any OS I use, but each problem is unique. Hopefully I'll be out of this god-forsaken country by the end of September. They are so far behind when it comes to computers, especially hardware and support.

Pirschjaeger
08-02-2007, 11:13 AM
Do I understand this correctly?

I can install GAG on a floppy and always boot my system using the floppy?

BBB_Hyperion
08-02-2007, 11:39 AM
You can use mostly any bootloader to boot from fdd or usb stick even. The knoppix versions for example boot entirely from dvd without using hdd.

Taylortony
08-02-2007, 04:04 PM
Run Windows 3.0

No self respecting hacker would be hacking that or indeed running it these days, your system will run quicker without all the dross added by MicroDross over the years and and Viruses out there are long since cured............... http://forums.ubi.com/images/smilies/winky.gif

Friend tried it on one of his later PC's and could not believe the speed difference lol

Pirschjaeger
08-02-2007, 10:11 PM
I thought I might give you guys a taste of the mentality I live with here on a daily basis.

Chinese Medical News (http://news3.xinhuanet.com/english/2007-07/30/content_6450253.htm)

http://forums.ubi.com/groupee_common/emoticons/icon_rolleyes.gif

PF_Coastie
08-03-2007, 04:46 AM
I am sorry for your troubles man. But I just can't help to think that this is the classic "replace the engine because you have a bad spark plug" thread.

Good luck!