# on & offline hacking



## cutdeep46 (Dec 11, 2007)

Hello I am new here, interesting site. 
I am being hacked on & off line 
mode is 
audio files
I have a couple programs I am using on audio files 
NCH wavepad audio editor
Diamond cut productions DC7 audio editor
I am trying to "enhance" audio files so that someone can hear them plainly, with out too much "ear training" 
I load the file & begin editing when I get it processed to be able to hear it clearly, the hacker changes what is said...pretty crazy sounding I know but I have on file 5 audio files that began as one thing being said then becomes something else.? I have 4 computers set up with the same software programs & this is happening on all of them.
Yesterday I opened a file that I had "cleaned" & it was smudged,blurred,cloudy unintelliagable, nuerous other files on that machine had the same effect done to them making them useless. I am getting pissed to say the least.
Is there a program that will tell me who, what, when, where, is being done? I have the "cmd netstat" stuff but I am rather lost in all this. I was told that someone can hack your cp without even being online by "wiFi" or whatever. 
This is an investigation into exploitation of incest & there are a couple cops involved, so God only knows the equipment available to them.
Anyone have any ideas ? no ******** pls ty I am getting death threats & being harassed daily. Thanks.. cut :4-dontkno


----------



## Guest (Dec 13, 2007)

How are you being harrased, is it personally or is it on a messenger? Do this:

Start -> Run -> type in cmd and click ok -> Type in "netstat" and hit enter

Post me the contents of that when it is finished. I would recommend going to the security forum to remove any malware, and reassign a new IP Address.

It has come to my attention that you show the symptoms of a malware issue. I am not specifically trained in the removal of malware so I will now teach you the steps to transfer your case to the Hijackthis Log Help Forum. Follow the steps in this link: *(Updated!) IMPORTANT - Read This Before Posting A Log* and post your results in the *Hijackthis Log Help Forum*. Follow the steps to the best of your ability and if you have an issue with one of the steps then include information on it with your new topic. Please give time as our analysts are very busy working with cases and other forum things.


----------



## cutdeep46 (Dec 11, 2007)

techpro5238 said:


> How are you being harrased, is it personally or is it on a messenger? Do this:
> 
> Start -> Run -> type in cmd and click ok -> Type in "netstat" and hit enter
> 
> ...



I will post a number of netstat runs : sorry if its too much. thanks for the help. 

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\Acer Customer>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : stand
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ph.cox.net

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ph.cox.net
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapte
Physical Address. . . . . . . . . : 00-19-7D-64-AC-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : ph.cox.net
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fas
Physical Address. . . . . . . . . : 00-16-D4-B6-4E-2E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f5c4:745f:2485:cff4%8(Pre
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, December 13, 2007 4:2
Lease Expires . . . . . . . . . . : Friday, December 14, 2007 5:00:
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201330608
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interfa
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4136:e390:878:502:3f57:f
Link-local IPv6 Address . . . . . : fe80::878:502:3f57:fe9a%10(Pref
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Connection-specific DNS Suffix . : ph.cox.net
Description . . . . . . . . . . . : isatap.ph.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.101%17(Pre
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\Acer Customer>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:7 stand:0 LISTENING
TCP 0.0.0.0:9 stand:0 LISTENING
TCP 0.0.0.0:13 stand:0 LISTENING
TCP 0.0.0.0:17 stand:0 LISTENING
TCP 0.0.0.0:19 stand:0 LISTENING
TCP 0.0.0.0:135 stand:0 LISTENING
TCP 0.0.0.0:3389 stand:0 LISTENING
TCP 0.0.0.0:49152 stand:0 LISTENING
TCP 0.0.0.0:49153 stand:0 LISTENING
TCP 0.0.0.0:49154 stand:0 LISTENING
TCP 0.0.0.0:49155 stand:0 LISTENING
TCP 0.0.0.0:49157 stand:0 LISTENING
TCP 0.0.0.0:49161 stand:0 LISTENING
TCP 127.0.0.1:6083 stand:0 LISTENING
TCP 127.0.0.1:31595 stand:0 LISTENING
TCP 127.0.0.1:31595 stand:49417 TIME_WAIT
TCP 127.0.0.1:31595 stand:49423 TIME_WAIT
TCP 127.0.0.1:31595 stand:49431 TIME_WAIT
TCP 127.0.0.1:31595 stand:49433 TIME_WAIT
TCP 127.0.0.1:31595 stand:49437 ESTABLISHED
TCP 127.0.0.1:31595 stand:49438 ESTABLISHED
TCP 127.0.0.1:31595 stand:49447 TIME_WAIT
TCP 127.0.0.1:31595 stand:49448 TIME_WAIT
TCP 127.0.0.1:31595 stand:49450 TIME_WAIT
TCP 127.0.0.1:31595 stand:49453 TIME_WAIT
TCP 127.0.0.1:31595 stand:49460 TIME_WAIT
TCP 127.0.0.1:31595 stand:49465 TIME_WAIT
TCP 127.0.0.1:31595 stand:49469 TIME_WAIT
TCP 127.0.0.1:31595 stand:49470 TIME_WAIT
TCP 127.0.0.1:31595 stand:49473 TIME_WAIT
TCP 127.0.0.1:31595 stand:49474 TIME_WAIT
TCP 127.0.0.1:31595 stand:49475 TIME_WAIT
TCP 127.0.0.1:31595 stand:49489 FIN_WAIT_2
TCP 127.0.0.1:31595 stand:49491 FIN_WAIT_2
TCP 127.0.0.1:49158 stand:0 LISTENING
TCP 127.0.0.1:49167 stand:0 LISTENING
TCP 127.0.0.1:49170 stand:0 LISTENING
TCP 127.0.0.1:49437 stand:31595 ESTABLISHED
TCP 127.0.0.1:49438 stand:31595 ESTABLISHED
TCP 127.0.0.1:49489 stand:31595 CLOSE_WAIT
TCP 127.0.0.1:49491 stand:31595 CLOSE_WAIT
TCP 192.168.1.101:139 stand:0 LISTENING
TCP 192.168.1.101:49174 a-70-183-191-9:http ESTABLISHED
TCP 192.168.1.101:49439 208.65.153.253:http ESTABLISHED
TCP 192.168.1.101:49440 208.65.153.253:http ESTABLISHED
TCP 192.168.1.101:49461 nz-in-f191:http TIME_WAIT
TCP [::]:7 stand:0 LISTENING
TCP [::]:9 stand:0 LISTENING
TCP [::]:13 stand:0 LISTENING
TCP [::]:17 stand:0 LISTENING
TCP [::]:19 stand:0 LISTENING
TCP [::]:80 stand:0 LISTENING
TCP [::]:135 stand:0 LISTENING
TCP [::]:445 stand:0 LISTENING
TCP [::]:3389 stand:0 LISTENING
TCP [::]:5357 stand:0 LISTENING
TCP [::]:49152 stand:0 LISTENING
TCP [::]:49153 stand:0 LISTENING
TCP [::]:49154 stand:0 LISTENING
TCP [::]:49155 stand:0 LISTENING
TCP [::]:49157 stand:0 LISTENING
TCP [::]:49161 stand:0 LISTENING
UDP 0.0.0.0:7  *:*
UDP 0.0.0.0:161 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49160 *:*
UDP 127.0.0.1:18001 *:*
UDP 127.0.0.1:18002 *:*
UDP 127.0.0.1:49212 *:*
UDP 192.168.1.101:137 *:*
UDP 192.168.1.101:138 *:*
UDP 192.168.1.101:520 *:*
UDP [::]:7 *:*
UDP [::]:9 *:*
UDP [::]:13 *:*
UDP [::]:17 *:*
UDP [::]:19 *:*
UDP [::]:161 *:*
UDP [::]:500 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:5355 *:*
UDP [::]:49161 *:*

C:\Users\Acer Customer>netstat

Active Connections

Proto Local Address Foreign Address State
TCP 127.0.0.1:31595 stand:49643 TIME_WAIT
TCP 127.0.0.1:31595 stand:49657 TIME_WAIT
TCP 127.0.0.1:31595 stand:49659 TIME_WAIT
TCP 127.0.0.1:31595 stand:49661 TIME_WAIT
TCP 127.0.0.1:31595 stand:49671 TIME_WAIT
TCP 192.168.1.101:49174 a-70-183-191-9:http ESTABLISHED
TCP 192.168.1.101:49656 tag:http TIME_WAIT
TCP 192.168.1.101:49670 a-70-183-191-120:http TIME_WAIT

C:\Users\Acer Customer>


This is off line & things are being changed whole sentences 
jim just ****** his mother changed to :
"Dale you just never give up" I am saving everything to flash drive as I go to document as this is very much crimanal activity. thank you. Dale


----------



## Guest (Dec 14, 2007)

This is being done by a trojan so do what I recommended in the above paragraph (move to the security forum). Since this is directed towards you, I am guessing it is someone personally close.

Connect online and keep a watch on the netstat command by itself. I am not sure if it will work, but you need a program that watches your ports in real time. The port with the most outgoing and incoming traffic is probably his IP as when a hacker leaves the system, it has a major outgoing flow. (I am probably going to get yelled at for saying connect online :frown


----------



## cutdeep46 (Dec 11, 2007)

thank you very much! I do not know them personaly but it is a rogue cop woman,(she is hacking me, & I believe her to be part of the Mt state cp crime team imagine that huh... like ALL priests are good too right?) exploiting incest, & using the woman (my X feanci' ) & her kids. thanks again. steven speilburg couldn't write this.

having ADD don't help with finding my way around, but I'll make it, got to!!
I think I posted in the wrong place to begin with but gotta start somewhere.


----------



## tetonbob (Jan 10, 2005)

> I am getting death threats & being harassed daily.


I think it best that you contact local authorities, and not try to resolve this issue through forums. It's a bit too serious sounding for us to get involved in.

We have no way of knowing from here who is who in such cases.

If you can't trust your machine any more, format and start over, and install better security.

http://www.techsupportforum.com/f174/pc-safety-and-security-what-do-i-need-115548.html

I'm going to close this thread, as I'm concerned with the direction it's going.

Good luck.


----------

