Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nervous after Teamviewer attack where hackers took over computer.


  • Please log in to reply
2 replies to this topic

#1 Ghostkov

Ghostkov

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:09 AM

Posted 29 January 2017 - 04:50 PM

I was hit by last summer's Teamviewer security breach. Several PC's and a Mac were compromised. I realized this after logging on and there would be a Teamviewer session box on the screen. I am the only one who as access to the affected machines and there is no question that they were remotely hacked. I never save passwords or keep filled login information on any websites, and I immediately changed login info and passwords, etc. for anything and everything.I use a 50 character password on my home network. So far I haven't had anyone get to my Amazon, Paypal, banking, email accounts, etc., so I consider myself lucky. 
 
I am running purchased versions of both Malwarebytes Premium 3.0 and Kaspersky Total Security. Both find nothing, even in safe mode. I am using latest version of Chrome as browser with no add-ons or extensions except Kaspersky Protection. No browser redirects as far as I can tell.
 
Despite resetting all machines to factory settings or doing a clean install of the OS and starting fresh, and trying some of the methods per the virus removal guides, I still have a feeling things aren't right. I'm even paranoid now that my router and home network may have been hacked (also did factory reset on router and updated to latest firmware).
 
Among unusual activities are:
 
1. Malwarebytes Malicious Website and Real Time protection settings keep turning off sporadically;
 
2. NordVPN will absolutely not run and keeps disconnecting. Works on iPad and iPhone.
 
3. CPU usage running high at times for no apparent reason;
 
4. Did see an unidentified client on home network once but bumped him off and changed password;
 
5. Several suspicious phishing pop-ups on iPad and iPhone;
 
6. Previously NordVPN was working, but still when I was connected I couldn't connect remotely to office VPN and had to disable in order to work.
 
I'm not expert enough to feel like I can call it myself, so at this point I would appreciate your help determining if it could be a possibility of malware. I've messed around a lot with all my router, AV, etc., settings. I am running Windows 10 64-bit on this laptop. Thank you! 


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:09 AM

Posted 31 January 2017 - 06:16 AM

A clean install of the OS, resetting the router and securing the router with your own password, etc. would have removed any

malware that may have been on the computer and the router.

 

Can't help you with the NordVPN or IPhone. 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Ghostkov

Ghostkov
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:09 AM

Posted 31 January 2017 - 10:38 PM

Ok, thanks. I appreciate your reply.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users