Did someone hack my computer? And what can i do to improve my security..

For a few weeks i´ve been suspecting someone is hacking my computer. Im sure my computer was malware free, because i scanned my computer with cis av, malwarebytes, hitman pro and superantispyware (i usually scan with cis and occasionally with malware bytes). Nothing was found except for a few tracking coockies.

But my computer was running a little slow so i decided to format and reinstall my win7 64bit os, just to be sure there is no malware on it. I updated everything and installed cis.

I set cis to proactive mode and set it to automatically block both firewall and hips popups and protect it with a password, because i am the only one with some computer knowledge and dont want other familly members clicking on those popups.

I also stealthed my ports, blocked all incoming connections in stealth ports wizzard.

Yesterday i turned on my computer and tried to go to cis. I was asked for a password and everytime i typed in a password it said it was a wrong one. I KNOW i typed it right. So i thought maybe i was hacked and someone change it. I booted into safe mode and changed some stuff in regestry so i was able to set a new password.

Later i was watching youtube video with ff and ff froze. I closed ff and when it closed for a second it looked like a windows 8 window closed. I know how win8 looks. I dont use windows 8. I use win 7!

So i immediately ran tcpview. There were no established connections other than firefox connections, but they closed. I didn´t notice any suspicious processes either.
Is it possible that hacker hides his activity, so you cant notice him in tcpview or in cmd with netstat -ano command?

Im connected through isp modem and i use wired connection. It´s also the only pc connected, because i only have this pc. But i do have wifi router connected to the modem. I use it occasionally, when i browse with my phone and then turn it off when i don´t need it any more.

So based on what i told you, do you think i was hacked or is it possible that someone hacked me or am i just paranoid?

Id also appreciate some suggestions how to improve my security. I use password protected admin account on my computer with enabled uac. Should i make a standard accound.

I also don´t use secure dns, filter ipv6 traffic, block fragmanted IP traffic, protocol analysis and anti ARP spoofing. Do you think i should enable those.

Also, how can i make comodo prevent registry changes. I have both hips and bb blocker enabled and i can still access registry.

Please give me your opinions and suggestions. Thanks.

filter ipv6 traffic, block fragmanted IP traffic, protocol analysis and anti ARP spoofing

Why not use it

Please give me your opinions and suggestions. Thanks.

maybe someone has a infected external hardrive or usb memorysticks

disable “autorun”
http://www.addictivetips.com/windows-tips/disable-autorun-autoplay-in-windows-7/

These options are disabled by default

May be one of the keys of your keyboard was not cooperating. Next time such a thing happens type the password in Notepad and copy/paste from there. I sometimes use that to be sure I am entering the right password.

Later i was watching youtube video with ff and ff froze.

That could be caused by various things including freezes caused by FF or Flash Player plug in. Those would be the usual suspects. Until further notice I haven't seen reports that You Tube videos have been spreading malware.

I closed ff and when it closed for a second it looked like a windows 8 window closed. I know how win8 looks. I dont use windows 8. I use win 7!

Not sure what that was.

So i immediately ran tcpview. There were no established connections other than firefox connections, but they closed. I didn´t notice any suspicious processes either. Is it possible that hacker hides his activity, so you cant notice him in tcpview or in cmd with netstat -ano command?

In case of doubt run TDSS Killer, Bitdefender anti rootkit and gmer anti rootkit tools.

Im connected through isp modem and i use wired connection. It´s also the only pc connected, because i only have this pc. But i do have wifi router connected to the modem. I use it occasionally, when i browse with my phone and then turn it off when i don´t need it any more.

So based on what i told you, do you think i was hacked or is it possible that someone hacked me or am i just paranoid?

I am not convinced you’re infected. When scans with MBAM, HMP and SAS and the three rootkit scanners are not coming up with anything then I am not convinced you’re infected until further notice of vague behaviour of your OS that cannot be attributed to the regular troubleshooting of OS functions.

Id also appreciate some suggestions how to improve my security. I use password protected admin account on my computer with enabled uac. Should i make a standard accound.

I don't UAC as it asks the same thing over and over again. Instead CIS is on guard.

I also don´t use secure dns, filter ipv6 traffic, block fragmanted IP traffic, protocol analysis and anti ARP spoofing. Do you think i should enable those.

When using another device and wireless you absolutely should enable ARP cache protection; it is the way in for people who want to infiltrate a Wireless Lan network.

Block fragmented IP diagrams may bring you into trouble on big corporate and university networks. If you consider using it see if it does not break communication on your local network.

Protocol Analysis is up to choice. Remember to see if using these settings does not break some functionality.

Also, how can i make comodo prevent registry changes. I have both hips and bb blocker enabled and i can still access registry.

Please give me your opinions and suggestions. Thanks.

CIS does protect the relevant registry keys.

A lot of user get confused that they can make all sorts of changes and assume that a malware is also allowed. CIS allows the user to everything he wants to the OS and CIS. However unknown programs are not allowed these same things. You can see for yourself by writing a batch file that tries to write to a protected registry key. It will be sandboxed and will not be able to.

CIS is the nanny of program behaviour it is not the nanny of user behaviour. And I am happy I can do anything on my computer without a security program interfering and that CIS controls unknown applications.