Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

vista x64 and network problem : /


  • Please log in to reply
3 replies to this topic

#1 commonscents

commonscents

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 23 April 2012 - 12:23 PM

Hi, Im running vista ult. 64 and have a netgear wnr1000 wireless router.
now my problem I think someone is on my network or sys. have had service's altered and user privilidges changed and been locked out of windows because the user profile loader service was disabled. I reinstalled 4 times each time with reformat (all to zero) did have wep (i know dumb) now have wpa2 with 63 char. pass after hard reset setup offline hardwired. currently most problems have been solved thanks to comodo but now I cannot update win and my routers ip has changed (not by me) from 192.168.1.1 to 172.16.0.1 but even if I enter either one in the explorer I cannot get into my router to manage it. then I entered 172.16.0.1 into dnsqueries dot com for a domain search and two sites came up (which I clicked) www.hubu.com which does not exist and www.allpowerelectrical.com which instantly has a logon for my router! whats going on??? used my username and pass works check logs and there are multiple macs and ip's listed. I try to change my ip and router ip by the book and withing seconds changes right back never had this happen in two years was 192.168.1.1 after firmware reinstal but 7-8hr of being online and its changed. in my hjt logs I have multiple (unkown owner) P.s was using lots of network monitoring software ip sniffers/trace found someone on my network then copied that info on another network program that needed subnet parameters and found a linux system sending a trojan on port 135 that no AV AS AM or rootkit could find was listening on various other ports and broadcasting a downfall of humanity msg on another port. this was all found on 3rd clean instal. now just need help with router and update issue and if there is any software or authority I could use or contact to get rid of him or at least off my network. Been getting the run around with my with my so called net security customer service to bad they are not as good as their firewall. Sorry if this is all over the place my first time coming to a forum instead of diy can post HJT log if given permission and requested.
Thank you for your time :) hope I can get some help and a little peace of mind :)

BC AdBot (Login to Remove)

 


#2 commonscents

commonscents
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 23 April 2012 - 06:42 PM

seem like we got the same thing if that helps http://www.bleepingcomputer.com/forums/topic450614.html wish him the best as I will be watching and cheering

#3 Shapeofwhite32

Shapeofwhite32

  • Banned
  • 63 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 29 April 2012 - 07:58 AM

Can't believe no one has responded to this thread yet..

#4 commonscents

commonscents
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 29 April 2012 - 12:04 PM

Found out someone hacked my router and pc could not see him exept once. I installed linux can see him daily found out wep wpa1/2 does not stop anyone from hijacking your router key/pass. can be bypassed so taking steps to get him off my router and attacking me he tried to setup .916backround bios hack starting to learn how much you can do on linux is pretty scary. If anyone knows some authority to report his mac and ip (if real) would appreciate it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users