Sign in with
Sign up | Sign in
Your question

Changing ip address

Last response: in Windows 7
Share
June 7, 2012 11:49:40 PM

Hello, my computer manufacturer remote connected to my computer and found that the ip address is hacked. we have a new router in waiting, I was wondering, if we changed the ip address for the modem, and all the comps in the household, will that get rid of the hack cloud once and for all? we have been fighting with this since last July.. Any advise much appreciated

More about : changing address

June 8, 2012 12:03:24 AM

Call your ISP immediately and ask them to change your IP :) 
m
0
l
a b 8 Security
a b $ Windows 7
June 8, 2012 12:07:06 AM

virtual shade said:
Hello, my computer manufacturer remote connected to my computer and found that the ip address is hacked. we have a new router in waiting, I was wondering, if we changed the ip address for the modem, and all the comps in the household, will that get rid of the hack cloud once and for all? we have been fighting with this since last July.. Any advise much appreciated

You mean they hack the router? and override the DNS?
Or they hack your computer?
m
0
l
Related resources
June 8, 2012 12:20:33 AM

Thank you for such a speedy response. That's where I'm confused. The hacker has always hit my computer first and stayed until he/she crashed me. According to "comp. Manu." and what I saw on my screen, my computer ip that has be hacked, but I'm not sure. I'm a biologist major, I having to learn this stuff as I go along. How can I tell if it's the router or the DNS? Thanks again for any advise
m
0
l
a b $ Windows 7
June 8, 2012 12:22:10 AM

Sorry... you say you have been fighting this since last july... How? secure your internet connection with WPA2 if its wifi, grab a firewall like comodo, use stealth ports, close off all unnecessary ports, do not allow remote desktop to even think about being enabled when you don't absolutely need it.

What makes you think he hacked your ip? and what makes you think having someones IP makes them vulnerable?

Just looking for some info on the preliminary steps you have taken thus far, also what are you connected to internet wise (IE school internet, coffee shop down the street, etc)

Most likely its just a virus or someone messing with remote desktop, going into your homegroup and mucking up things.
m
0
l
a b 8 Security
a b $ Windows 7
June 8, 2012 12:37:52 AM

What do you mean they stayed until it crash? does it do something on the screen? it running slower and slower?
What anti-virus, anti-malware do you have on your computer?
m
0
l
June 8, 2012 12:43:18 AM

I'm so sorry......I don't mean to sound like a child, but in the world of the computer, that's what I am. Our 1st hit, I had no clue- passwords were overridden, I couldn't figure out how to get back in, then the hit continued to my husbands laptop. I did some research, and gave up a little fight over passwords, ended up with the hard drive locked up.....anyway, long story short...hubby get's the new comp. I got a disk scrubber software, after that, I did a reformat and reinstalled windows, and reloaded drivers and other software. Apparently none of it did any good. I know about the Remote, I did check the settings, but I don't know anything about how to control the ports. And about my Ip, I'm only going on what ,"Comp. Manufacturer" said. They were ready to tear my computer apart immediately .Thanks, everyone , ya'll have been so nice
m
0
l
June 8, 2012 12:45:06 AM

Untill I could not log on anymore, I was using Kaspersky, then norton 360, they were completely taking over, and left me unprotected
m
0
l
a b $ Windows 7
June 8, 2012 12:52:39 AM

>start menu > run > msconfig > enter > check start up for anything odd.

download Avira + malwarebytes, update them, restart into safemode, run them and tell us the results. You might also want to run Hijackthis and post it here (in a spoiler so it doesn't take up the whole page) for those who can read through it.

Are you running wifi?
m
0
l
June 8, 2012 12:56:43 AM

A trolling we will go.
m
0
l
June 8, 2012 12:57:20 AM

Sorry, didn't mean to skip out on you other questions. I use Firefox. we're connected broadband. modem, router, settings are WPA2
m
0
l
June 8, 2012 1:05:01 AM

Thank you, on my way......the start up ONLY shows the security software. gonna go do the downloads
m
0
l
a b 8 Security
a b $ Windows 7
June 8, 2012 1:08:20 AM

Since your hubby got a new PC running on the same router, it is working fine?
m
0
l
a b $ Windows 7
June 8, 2012 1:11:13 AM

^ that, and are your 2 pcs connected in any way, (other then sharing the same wifi) like via a homegroup or a dedicated storage box (NAS)
m
0
l
June 8, 2012 1:16:19 AM

installs failed...error message was "windows update running in parallel" my window's installer isn't working right either, tried to fix, but just isn't happening. Thanks
m
0
l
June 8, 2012 1:17:11 AM

his works fine as long as mine stays operating
m
0
l
June 8, 2012 1:21:09 AM

if it as serious as it sounds and you seem to be really struggleing with it then take your computer into a PC repair place. or even better get them to attend onsite and explain the problem to them.
m
0
l
June 8, 2012 1:27:05 AM

no, no home group, he has the router software installed, I'm just plugged into the router. Right now, We are only running on modem, so I'm plugged into the modem. I took the router down, it's gonna be replaced with one that has it's own firewall. I talked to a tech with our internet provider, and that's where the Ip address change came up.
m
0
l
a b $ Windows 7
June 8, 2012 1:28:05 AM

Restart, if it does it again go to start > search > services > services > get annoyed at the small windows size > find windows installer > right click > start > try installing again (not sure if this will help though)

While you are there might aswell disable remote desktop services > right click > properties > start up type > disable.
m
0
l
June 8, 2012 1:30:43 AM

Thank you Hugostiglitz....I really really would love to.. but, that cost more money than I can handle. I really wish I could. So, I must learn...
m
0
l
June 8, 2012 1:51:34 AM

All Remote Access/Desktop Services status is stopped, I looked in properties for disable, but it's not available. It's also listed as a manual select service. windows installer has a status ,start, and an automatic select. In system properties Remote is unchecked, and "don't allow connections to this computer is checked. and everything I could disable on the remote desktop connections shortcut, has been.
m
0
l
a b $ Windows 7
June 8, 2012 2:25:44 AM

mmk, that should stop anyone from exploiting remote desktop. Are you on an admin account? if so make a basic user and use that, its more secure since things can't get installed as easily. You could probably download some rescue cds and burn those (KAV kaspersky antivirus rescue cd, Avira rescue cd, I think malwarebytes has one) just to be sure your pc isn't infected.
m
0
l
June 8, 2012 12:15:11 PM

Yes, The admin.... I use to run as, "user". Had to switch to admin. to take in some power. So both would be alright? I've been running System Mechanic since Jan. when that hit occurred, I didn't even have boot capability, hence the disk scrubber, than reinstall windows. It looked and worked great. I thought I was clean, until unusual behavior slowly enhanced to worse than a few dings. That's why I called Hp; to get a new recovery disk sent. Hp is the manu. that advise my ip was hacked. In an earlier you mentioned something about stealth ports, and closing them off. I went to command prompt and used the, netstat -ano and saw foreign ip as established with port 80. I have a feeling the ports are my vulnerability. How do I know which one's to close off, and how do I know if they are or are not stealth? Thank you again, I'm learning so much....
m
0
l
a b $ Windows 7
June 8, 2012 12:32:54 PM

Nah that port is just used for HTTP uses. http://en.wikipedia.org/wiki/Port_80
http://en.wikipedia.org/wiki/Hypertext_Transfer_Protoco...

It is very hard to hack someone via port exploiting and most definitely not worth the time investment. its most likely a virus/keylogger/etc something along those lines, what do you have for security? are you going to any rather obscure sites? downloading anything "interesting"?

Basically stealth ports is just a term comodo uses it basically signifies that other users can't see those ports, you can read more about it here: http://help.comodo.com/topic-72-1-155-1171-stealth-port...

I don't think it helps that much, aslong as you are doing routine virus/malware scans you should be fine.
m
0
l
June 8, 2012 1:48:26 PM

Wow......that was a quick reply. Thank you for the links. Will definitely check them out. Ok, I just ran a full system anti-malware scan, and it reports no infections. Here's a dumb question, (but I have to ask), how do I know with certain, the hacking/or cracking really is gone.
m
0
l
a b $ Windows 7
June 8, 2012 1:55:32 PM

Hmmm if you don't see any symptoms of being hacked or anything over the course of say 3 days I'd say you are fine. You also need to run an anti virus scan also. Anti malware scans only pickup malware, anti virus only pick up viruses.

Did you run the scan in safemode? what program did you use? some are better then others.
m
0
l
June 8, 2012 4:25:15 PM

Umm, wasn't done in safe mode, should I re-do? I ran the anti-virus scan also, I have System Mechanic professional. It does everything, including disk scrub. I run them on a regular basis, the problems that are usually found are registry, and ms-alined files, and of course compromised security. Now when my, "comp. invader" wants to show me he's/she's back, files disappear, internet is made unavailable to us, homegroup settings are changed, all icons become Microsoft word. That's the beginning. Now if I can just figure out how to get my ,"F11" back.....
m
0
l
a b $ Windows 7
June 8, 2012 4:38:16 PM

i think he is talking about the dns changer virus, you can check if you have it here
http://www.dcwg.org/

click start type cmd (if your on xp click run and type cmd) hit enter
a black box shoud pop up (command prompt)
type ipconfig /displaydns

this will show you your dns

ipconfig /flushdns
will reset it

ipconfig /registerdn
renews client registration

need more info
http://technet.microsoft.com/en-us/library/cc780467(v=WS.10).aspx

m
0
l
June 8, 2012 4:52:23 PM

hmm, this should keep me busy for a bit. Thanks
m
0
l
June 9, 2012 7:08:52 AM

Uuugg. I checked several detection sites for the, "DNS Changer Virus", and all reported that my computer was clean, but also, said, that if my ISP redirects traffic, regardless what the site says, my computer could still be infected, and gave instructions for a manual check. So here I've been all day, playing in command prompt I don't understand what the first check was suppose to tell me, it was just ipconfig /allcomponents /all, and it said to look for the DNS servers line - & expect more than one ip address ---- that was a positive test. Than ipconfig /allcompartments /display ----- honestly, it was Greek to me. Than /flushdns, and command reported DNS Resolver Cache, and last but not least /registerdns with a successful report for all adapters. I checked my firewall settings/rules, and basically there, looks like there is no rules, everybody gets to come in and play. Strange, have no clue how it was changed like that. Anyway, knights in shining Armor, my finger tips feel like Ive been playing the guitar all day, and my eyes feel full of sand, so, I'm gonna call it a night. Thank you again!
m
0
l
!