Changing ip address

[virtual shade]

Hello, my computer manufacturer remote connected to my computer and found that the ip address is hacked. we have a new router in waiting, I was wondering, if we changed the ip address for the modem, and all the comps in the household, will that get rid of the hack cloud once and for all? we have been fighting with this since last July.. Any advise much appreciated

 

[aaab]

Call your ISP immediately and ask them to change your IP

 

[rgd1101]

Hello, my computer manufacturer remote connected to my computer and found that the ip address is hacked. we have a new router in waiting, I was wondering, if we changed the ip address for the modem, and all the comps in the household, will that get rid of the hack cloud once and for all? we have been fighting with this since last July.. Any advise much appreciated

You mean they hack the router? and override the DNS?
Or they hack your computer?

 

[virtual shade]

Thank you for such a speedy response. That's where I'm confused. The hacker has always hit my computer first and stayed until he/she crashed me. According to "comp. Manu." and what I saw on my screen, my computer ip that has be hacked, but I'm not sure. I'm a biologist major, I having to learn this stuff as I go along. How can I tell if it's the router or the DNS? Thanks again for any advise

 

[mouse24]

Sorry... you say you have been fighting this since last july... How? secure your internet connection with WPA2 if its wifi, grab a firewall like comodo, use stealth ports, close off all unnecessary ports, do not allow remote desktop to even think about being enabled when you don't absolutely need it.

What makes you think he hacked your ip? and what makes you think having someones IP makes them vulnerable?

Just looking for some info on the preliminary steps you have taken thus far, also what are you connected to internet wise (IE school internet, coffee shop down the street, etc)

Most likely its just a virus or someone messing with remote desktop, going into your homegroup and mucking up things.

 

[rgd1101]

What do you mean they stayed until it crash? does it do something on the screen? it running slower and slower?
What anti-virus, anti-malware do you have on your computer?

 

[virtual shade]

I'm so sorry......I don't mean to sound like a child, but in the world of the computer, that's what I am. Our 1st hit, I had no clue- passwords were overridden, I couldn't figure out how to get back in, then the hit continued to my husbands laptop. I did some research, and gave up a little fight over passwords, ended up with the hard drive locked up.....anyway, long story short...hubby get's the new comp. I got a disk scrubber software, after that, I did a reformat and reinstalled windows, and reloaded drivers and other software. Apparently none of it did any good. I know about the Remote, I did check the settings, but I don't know anything about how to control the ports. And about my Ip, I'm only going on what ,"Comp. Manufacturer" said. They were ready to tear my computer apart immediately .Thanks, everyone , ya'll have been so nice

 

[virtual shade]

Untill I could not log on anymore, I was using Kaspersky, then norton 360, they were completely taking over, and left me unprotected

 

[mouse24]

>start menu > run > msconfig > enter > check start up for anything odd.

download Avira + malwarebytes, update them, restart into safemode, run them and tell us the results. You might also want to run Hijackthis and post it here (in a spoiler so it doesn't take up the whole page) for those who can read through it.

Are you running wifi?

 

[turk_1000]

A trolling we will go.

 

[virtual shade]

Sorry, didn't mean to skip out on you other questions. I use Firefox. we're connected broadband. modem, router, settings are WPA2

 

[virtual shade]

Thank you, on my way......the start up ONLY shows the security software. gonna go do the downloads

 

[rgd1101]

Since your hubby got a new PC running on the same router, it is working fine?

 

[mouse24]

^ that, and are your 2 pcs connected in any way, (other then sharing the same wifi) like via a homegroup or a dedicated storage box (NAS)

 

[virtual shade]

installs failed...error message was "windows update running in parallel" my window's installer isn't working right either, tried to fix, but just isn't happening. Thanks

 

[virtual shade]

his works fine as long as mine stays operating

 

[HugoStiglitz]

if it as serious as it sounds and you seem to be really struggleing with it then take your computer into a PC repair place. or even better get them to attend onsite and explain the problem to them.

 

[virtual shade]

no, no home group, he has the router software installed, I'm just plugged into the router. Right now, We are only running on modem, so I'm plugged into the modem. I took the router down, it's gonna be replaced with one that has it's own firewall. I talked to a tech with our internet provider, and that's where the Ip address change came up.

 

[mouse24]

Restart, if it does it again go to start > search > services > services > get annoyed at the small windows size > find windows installer > right click > start > try installing again (not sure if this will help though)

While you are there might aswell disable remote desktop services > right click > properties > start up type > disable.

 

[virtual shade]

Thank you Hugostiglitz....I really really would love to.. but, that cost more money than I can handle. I really wish I could. So, I must learn...

 

[virtual shade]

All Remote Access/Desktop Services status is stopped, I looked in properties for disable, but it's not available. It's also listed as a manual select service. windows installer has a status ,start, and an automatic select. In system properties Remote is unchecked, and "don't allow connections to this computer is checked. and everything I could disable on the remote desktop connections shortcut, has been.

 

[mouse24]

mmk, that should stop anyone from exploiting remote desktop. Are you on an admin account? if so make a basic user and use that, its more secure since things can't get installed as easily. You could probably download some rescue cds and burn those (KAV kaspersky antivirus rescue cd, Avira rescue cd, I think malwarebytes has one) just to be sure your pc isn't infected.

 

[virtual shade]

Yes, The admin.... I use to run as, "user". Had to switch to admin. to take in some power. So both would be alright? I've been running System Mechanic since Jan. when that hit occurred, I didn't even have boot capability, hence the disk scrubber, than reinstall windows. It looked and worked great. I thought I was clean, until unusual behavior slowly enhanced to worse than a few dings. That's why I called Hp; to get a new recovery disk sent. Hp is the manu. that advise my ip was hacked. In an earlier you mentioned something about stealth ports, and closing them off. I went to command prompt and used the, netstat -ano and saw foreign ip as established with port 80. I have a feeling the ports are my vulnerability. How do I know which one's to close off, and how do I know if they are or are not stealth? Thank you again, I'm learning so much....

 

[mouse24]

Nah that port is just used for HTTP uses. http://en.wikipedia.org/wiki/Port_80
http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol

It is very hard to hack someone via port exploiting and most definitely not worth the time investment. its most likely a virus/keylogger/etc something along those lines, what do you have for security? are you going to any rather obscure sites? downloading anything "interesting"?

Basically stealth ports is just a term comodo uses it basically signifies that other users can't see those ports, you can read more about it here: http://help.comodo.com/topic-72-1-155-1171-stealth-ports-wizard.html

I don't think it helps that much, aslong as you are doing routine virus/malware scans you should be fine.

 

[virtual shade]

Wow......that was a quick reply. Thank you for the links. Will definitely check them out. Ok, I just ran a full system anti-malware scan, and it reports no infections. Here's a dumb question, (but I have to ask), how do I know with certain, the hacking/or cracking really is gone.