Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hacked?


  • This topic is locked This topic is locked

#31
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
SweetHeart161

I apologise if I have misunderstood you.

1. We know, of course, that the malware topic was closed when our expert in that forum, pronounced the system clean and referred you back to the general forums.

2. We know that this topic is primarily related to your concerns regarding the suspected hack and the use of Linux to explore the possibility that ports are being opened, without your permission.

3. We know that the other topic where Ztruker and Amlak are assisting is concerned with your worries regarding the logs on the reinstall of the O/S

WHAT we are asking, is does THIS topic here AND the topic where Ztruker and Amlak are replying relate to the SAME computer.

There is no hidden meaning to this question, we simply wish to ensure between oursleves that assistance is NOT being duplicated by different staff members on two topics.

A straightforward YES they relate to the Same computer or NO it is two different computers would be greatly appreciated.
  • 0

Advertisements


#32
SweetHeart161

SweetHeart161

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Yes one pc..

Edited by SweetHeart161, 19 May 2012 - 03:25 PM.

  • 0

#33
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
Thank you

When they return, one of my senior colleagues, rshaffer61 or Artellos, will decide the best way to continue, from both our point of view and of course fully considering YOU, the most important person in this matter.
  • 0

#34
SweetHeart161

SweetHeart161

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
I was gonna ask how to do an external port scan to see if the same ports where open? do I just get my external ip and login from an external network and portscan that ip?

Edited by SweetHeart161, 19 May 2012 - 04:15 PM.

  • 0

#35
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
My knowledge on these matters is not great enough to assist you.

Please wait for Artellos
  • 0

#36
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts

constant lag while gaming

Lag while gaming is NOT an indication you are being hacked. Merely a conclusion that your network is not fast enough to relay the information between your computer and the gaming server.

unable to change workgroup name

Why would you want to change the workgroup name? :blink:

antivirus won't update

This could simply be that your network connection completely failed and thus is unable to retrieve the updates. On the other side, the only thing I can think of that will prevent AV updates from being installed is malware, which has already been ruled out by the malware staff.

game lounges are to a minimum

Again, not an indication you are being hacked, but merely a result from a bad network connection to the server.

processes starting on their own

Now this one is interesting. What processes are starting on their own? Please list their names.

Also files are unhidden in folder options...

The anti-malware programs you used probably turned them on. Just hide them again and you should be fine.

I am getting a bsod caused by tcpip.sys when trying start a game.. crash address is tcpip.sys+12e4e9 bug check code 0x1000007e System thread exception not handled
perameter 1 fffffff'c0000005
perameter2 fffff880'01b364e9
perameter 3 fffff880'0653e6c8
perameter4 fffff880'0653df20
major version 15

Sounds like an issue we can address. My first thought would be that this might be some damaged files. Do you still have your installation disk?


I was gonna ask how to do an external port scan to see if the same ports where open? do I just get my external ip and login from an external network and portscan that ip?

Forget Wireshark. Forget portscans. If you installed a firewall on your computer, or use the standard windows firewall, you won't have any open ports that you should be afraid of. And on top of that; You are behind a router which will probably bounce the majority of the unauthorized attempts on the network.

Regards,
Olrik

Edited by Artellos, 19 May 2012 - 05:14 PM.
Forgot to add some stuff.

  • 0

#37
SweetHeart161

SweetHeart161

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Well I would like to change the workgroup to attempt to keep it safer.. but once I go online there is no way to change it again..it locks me out..as if someone has become the network admin over my pc and supersedes my admin account.. when I go into process explorer and check security parameters of each svchost I see an unknown SID like s-5-1-5 and so forth.. and this account only appears on my network processes.. other processes also..
The services that start on their own are workstation, http web proxy, secondary logon, sometimes netlogon, iphelper, computer browser, distributed transaction coordinator, ike and authip ipsec keyring modules, innternet connection sharing, Iviregmgr (I have never seen this process before it is new just recently as far as I know I have never seen it before), net tcp port sharing, print spooler, tcpip netbios, termservice.. All are disabled before going on the web. Not to mention the name of the connection was workgroup showing at connection. I also have multiple isatap ports afeter disabling 2 I get to more installed. Just the otherday I dat 138 6 to 4 tunnle adaptor (similar name). pseudo adaptors install on there own.
I get harrassed in games by people who mention things as if they know me... and playing the most popular online games and only getting 1 room is a hint as well.. so I suspect that someone is using hacks that limit my pc to a domain pc..and only to a local network.

My fortigate firewall in an external firewall.. and this has been an on going thing for like a month...and yes I still have the factory discs and regular windows discs..

Edited by SweetHeart161, 19 May 2012 - 05:44 PM.

  • 0

#38
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hello SweetHeart161...

I'm afraid that the problems you are having are not the kinds of problems we're going to be able to help you with in an online environment. My best advice to you would be to seek out a professional in your area for some hands on troubleshooting.

The techs here have been all over the machine in question with you, but some problems simply need to be addressed with the machine in front of you.

Sorry...and I hope you understand.

wannabe1
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP