Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remote Control Over My entire network


  • This topic is locked This topic is locked
36 replies to this topic

#31 dfred2300

dfred2300
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 05 September 2017 - 12:24 PM

 
2017-09-04 23:52:13 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/085BA43C-9E62-486E-AE20-97FB83B0278E.microstackshots.XXXXXX.gz'
2017-09-04 23:52:13 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/8AB13DE2-40BD-4A2E-A506-DB7ABCDDFB32.microstackshots.XXXXXX.gz'
2017-09-04 23:52:14 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/8FEEE153-A707-4316-A14F-204D3AA39781.microstackshots.XXXXXX.gz'
 
 
This is on my Mac computer


BC AdBot (Login to Remove)

 


#32 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:45 PM

Posted 05 September 2017 - 01:00 PM



2017-09-04 23:52:13 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/085BA43C-9E62-486E-AE20-97FB83B0278E.microstackshots.XXXXXX.gz'
2017-09-04 23:52:13 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/8AB13DE2-40BD-4A2E-A506-DB7ABCDDFB32.microstackshots.XXXXXX.gz'
2017-09-04 23:52:14 -0400 Issue: 'corrupted file' detected in '/private/var/db/systemstats/8FEEE153-A707-4316-A14F-204D3AA39781.microstackshots.XXXXXX.gz'


Nothing to worry about.
https://community.sophos.com/products/sophos-home/f/sophos-home-for-mac/81468/sophos-home-sec-full-scan-found-corrupt-files

===


Yes I have see your latest logs.

===

Try this and let me know if you have any prolems.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

#33 dfred2300

dfred2300
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 05 September 2017 - 05:34 PM

I have reset my router 10,000 times, they are setup as access points and some sort of admin gateway like i said / domain over sees them. i've never seen anything like this, but it doesn't matter what I do I am not master of my domain persay haha. I have formatted and changed wi fi settings i dont even know what mean and done everything under the book, i have tried and tried and it never goes away, regardless its not at the point where im hitting wrong buttons and screwing things up im saying i have done that before and had to format n what not, everything is defaulted, but for some reason every device has a static ip address and they are all the exact same static ip address and that host proxy address appears and out privledges me on everything. 



#34 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:45 PM

Posted 06 September 2017 - 07:12 AM

Hi,

Networking and Proxy is not my forte.

I suggest you start a new topic in the Networking Forum.

https://www.bleepingcomputer.com/forums/f/21/networking/

Before you do please run this MikniToolBox program

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (MTB.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • [/LIST

    Post the log in the new topic and explain you current problem.

    An expert should be able to help you better than I can.

    I will leave this topic open for 6 days. If you need to return please do.


#35 dfred2300

dfred2300
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 06 September 2017 - 05:31 PM

So my system file is fat32 which would explain the Mac privledges, it's not ntfs. How do I format my system 100mb file to ntfs that's the entire problem, it's allowing outside sources to control everything.
Everything else is ntfs that's windows main system files, there shouldn't be any other file systems
Everything else is ntfs that's windows main system files, there shouldn't be any other file systems
Everything else is ntfs that's windows main system files, there shouldn't be any other file systems

#36 dfred2300

dfred2300
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 07 September 2017 - 12:03 AM

Here is that, now I have about 100 ports blocked, including 3389 aka remote desktop. and 1433/1434 or 1443/1444 sql servers, and 135-140 which are dcomm ports. but this doesn't look correct to me

Attached Files

  • Attached File  MTB.txt   52.68KB   1 downloads


#37 nasdaq

nasdaq

  • Malware Response Team
  • 39,543 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:45 PM

Posted 07 September 2017 - 09:19 AM

See my post no. 34.

Start a new topic in the Networking forum.

Not my forte.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users