Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Should I be concerned ,am I infected/hacked?


  • Please log in to reply
No replies to this topic

#1 Orexon

Orexon

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:06 AM

Posted 06 December 2017 - 10:07 AM

Backstory(important,but depends): 
The problems began when I changed flats and now live with other people at the house. One of my housemates had told me, he wants to be a hacker and is learning how to. We have shared Wi-Fi at the house and sometime after moving in, my internet connection always dropped or the page didn't load. I figured someone is downloading something, but as the problem became constant it led to changing of the internet service provider. After receiving new router and new internet, I got control of the router(I'm the who has the password) and in the router system logs I noticed DDOS attacks, ISP ignored me, and after telling this to the person, he said maybe its the chinese as a joke) but went to reinstall all his devices.

 

My problems didn't stop here, as I've started digging and found event viewer was filled with various suspicious errors, then ESET internet security detected and blocked port scanning attack(Blocked IP for 10minutes), but the port scanning attacks didn't stop. Received more than 8000+ connections from various unknown devices in 10 or so minutes which crashed ESET internet security every time I checked. Port scanning repeated every 10 minutes from the same IP address, which was my housemates IP and (I checked the logs in the router) until I blocked the internet to that device via Router. I kept if off for another day, but after removed the firewall rule from the router.(I'm no specialist to say it was attack from him etc...) .
Now, after removing the rule my internet went bad again, couldn't connect to router for 2 weeks, as the login screen just didn't load(resolving host..etc).

 

This week my windows got updated to Windows 10 Home(1709). I've google most of the event viewer logs (Did my research before writing a post) ,but there are a lot ID 0 events and some events that have "hacked" tag to them when googling, as someone who doesn't have a lot of experience with these kind of problems I don't understand everything which leads to a worrying situation and I reached a point where I need to know, whether my computer is safe or not. 
Problems right now :
Lag spikes on certain programs;
Power and battery settings reset;
Suspicious logs in event viewer;
Get a lot of "The access history in hive \??\C:\ProgramData\ ......    was cleared updating 0 keys and creating 0 modified pages. " ; 
Fault bucket 129578632112, type 5, Event Name: RADAR_PRE_LEAK_64,Response: Not available, Cab Id: 0 ; 

Strange user logon notifications in event viewer security tab ; 
Internet pages sometimes load with no problems , sometimes resolving host problem, or lag spike. 

I have scanned my pc with MalwareBytes, Eset Internet security, Eset antivirus security, Adwcleaner, roguekiller, ccleaner and etc.. 
I've removed what they found, but I want to make sure, that neither anyone has installed any spyware on my computer or router or whatever the possibility and would need the help of someone who actually understands the logs and files, thus my question Should I be concerned ,am I infected/hacked? I can provide all the logs needed(I have screenshots of the port attack, and other logs of from event viewer pre-Windows update) 
 


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users