Hallelujah solved everything

mrbell1984 said:
You probably have a hardware firewall. It's called a router, which blocks incoming traffic. Unless you allow it.
Click to expand...

Yes the fritzbox 7530 does have firewall, but i think the bit defender box will do a better job unless i am mistaken, i just need something external when my computer is acting strangely.

I believe you need to be a windows expert to stop what i have, but i am scared to even turn my pc on because it connects automatically to a mac code address and a ip starting as 10 along with my pcs hostname and when i blocked that ip address it didn't block my pc because i know it is fake which is a typical spoof attack, regarding the hostname or name of the pc which is my pc.

There are ways to combat this but i am no windows expert so go easy on me.

Dan.
 
Last edited:
There is a way to combat it, format your system with fresh windows on it and don't install any dodgy software. Format, Update Windows/Anti-Virus and have done with it. I have a frtibox 7530 so I know what it can and can't do. :)

all you have to do is use command prompt > ipconfig /all and check the mac on devices. Reload the config on the router and make sure it's been reset.
 
I agree with @mrbell1984, adding another hardware box won’t solve any problems you’re having. You might even make it worse.

You need to wipe your PC and reinstall your operating system. By all means then, and only then, add an additional firewall device to your system, but remember that they hacked the Pentagon, and Apple, and pretty much anyone else they wanted so bottom line, if they want to hack you, you have F-all hope.

Oh, and unless you have a guaranteed clean backup, be VERY careful about anything you reload onto your clean PC.
 
I now have more faith after installing the bit defender box 2.

What i have noticed my Pc is no longer giving me alerts about windows system applications wanting access to the internet, also the cpu processor fan is no longer going bonkers as if the pc was loading something.

67752898_10157449913922375_3304664793796837376_o.jpg


67906349_10157449915647375_1245347701873180672_o.jpg


I'll let you know what i think about this bit defender box 2 in a weeks time.

Dan.
 
I’m sorry but this doesn’t add up. All the indications were that you were having a problem that the bitdefender box wouldn’t solve. ie. that your machine had a Trojan/virus on it that was enabling access from outside.

I’m glad you’re happy. But all you really needed to do was clean your PC and then not open up anything dodgy on the internet.
 
WJA96 said:
I’m sorry but this doesn’t add up. All the indications were that you were having a problem that the bitdefender box wouldn’t solve. ie. that your machine had a Trojan/virus on it that was enabling access from outside.

I’m glad you’re happy. But all you really needed to do was clean your PC and then not open up anything dodgy on the internet.
Click to expand...

I know the route cause of it and that is what Bit defender is protecting me against so am happy about that.

Lots of suspicious http ports were open in the past before i used this protection, i am beginning to think outside of the box and agree that i was over paranoid.

If you do not have protection i would avoid these websites like the plague trust me after what i experienced.

Dan.
 
I don’t consider anywhere too dangerous. If I need to access that sort of website I’ll either use a standalone burner install or a VM.

If you had ports open then you just close them. There are ports you must have open to use the internet (TCP port 80 or 8080 or UDP ports 561/562 for example) but anything non-essential would be closed by default on a clean install of Windows firewall.

As I say, from what you’ve posted you haven’t got to the root cause and if you do indeed have something on your PC it’s still there.
 
The ports have to be open on all devices to route the traffic. So you can block 80 on your router you won’t get any http traffic onto your network. If you block port 80 on your PC then everyone else on the network will still get the internet but you won’t. Even then, you’ll still be able to see https traffic unless you block port 443.

Bitdefender just blocks the ports on the Bitdefender box. But you could just as easily have done it on your ISP router or your PC firewall.
 
Okay this is my last attempt to explain why i do not feel safe with this null value attacks that i get,

These null values are clear in the log below, there is no ip address which i think is odd, unless you think other wise.

I have typical malware behaviour and so far i have tried many firewalls but so far bull guard is fairing better,

If you disagree then well i find it odd to be in a firewall network log where it shows a null value which is - as can be seen below.

67739958_10157455359972375_1129824360194899968_n.jpg


Yes am paranoid but please convince me if these - null value ip addresses that are - and are normal and safe and or why is it null value to begin with which i do not understand.

Dan.

edit,

Anyways this bullguard firewall is doing a much better job at tackling this malware behaviour occuring on my internet, because it does not allow the connection where it would be classed as safe internet by other firewalls i have used.

This log below is from a typical http 443 port doing something with my system.

68741808_10157455395177375_9006506193048305664_n.jpg


But the best thing is, the connection ends up being rejected by bullguard firewall which is a plus.
 
Last edited:
At first glance that looks pretty normal.

Port 443 is the port used for the https service, so anything that the address starts off with https://www. will use port 443. That's totally OK and normal.

In the first picture the "-" values are services starting and stopping. Again, completely normal.

The IP address 127.0.0.1 is your PC (localhost) and Bullguard is working. Seems OK.

The IP address 91.231.212.222 is Bullguard phoning home. I'm guessing 172.24.1.x is your private IP address range on your PC and 172.24.1.1 is the IP address of your router/gateway and Bullguard is passing data to your PC.

[Edit]And the last one that gets disconnected - WHOIS appears to show that as Overclockers, so I suspect this is a windup[/Edit]

But how many firewalls are you running? So far I've seen Norton, Bullguard and Bitdefender hardware. All that will slow your machine down.
 
WJA96 said:
At first glance that looks pretty normal.

Port 443 is the port used for the https service, so anything that the address starts off with https://www. will use port 443. That's totally OK and normal.

In the first picture the "-" values are services starting and stopping. Again, completely normal.

The IP address 127.0.0.1 is your PC (localhost) and Bullguard is working. Seems OK.

The IP address 91.231.212.222 is Bullguard phoning home. I'm guessing 172.24.1.x is your private IP address range on your PC and 172.24.1.1 is the IP address of your router/gateway and Bullguard is passing data to your PC.

[Edit]And the last one that gets disconnected - WHOIS appears to show that as Overclockers, so I suspect this is a windup[/Edit]

But how many firewalls are you running? So far I've seen Norton, Bullguard and Bitdefender hardware. All that will slow your machine down.
Click to expand...

I have tried norton bit defender and several others,

67735427_10157455583277375_1994145305418792960_n.jpg
 
O dear, i thought i was safe on my chrome book.

67605143_10157455626092375_6734220175635120128_n.jpg
67612385_10157455627337375_5140820014995079168_n.jpg


Well the above alerts have confirmed my suspicion right from the beginning, which is why i questioned all of these http ports and what they do.

The hacker knows what website i am on heh.

Dan.
 
Last edited:
Have you tried installing malwarebytes? They have a free edition. Do the deepest scan it can do and see if it finds anything. It should pick up any suspect programs. They also have a forum that will talk you through how to clean it from your system.
 
lltfdaniel said:
Okay this is my last attempt to explain why i do not feel safe with this null value attacks that i get,

These null values are clear in the log below, there is no ip address which i think is odd, unless you think other wise.

I have typical malware behaviour and so far i have tried many firewalls but so far bull guard is fairing better,

If you disagree then well i find it odd to be in a firewall network log where it shows a null value which is - as can be seen below.

67739958_10157455359972375_1129824360194899968_n.jpg


Yes am paranoid but please convince me if these - null value ip addresses that are - and are normal and safe and or why is it null value to begin with which i do not understand.

Dan.

edit,

Anyways this bullguard firewall is doing a much better job at tackling this malware behaviour occuring on my internet, because it does not allow the connection where it would be classed as safe internet by other firewalls i have used.

This log below is from a typical http 443 port doing something with my system.

68741808_10157455395177375_9006506193048305664_n.jpg


But the best thing is, the connection ends up being rejected by bullguard firewall which is a plus.
Click to expand...

Hi Dan,

I recommend you download a malware scanner like malwarebytes (free to use) and you run a full scan daily to get rid of any malware. It massively helps in a situation like this and I think it will solve your problem.

Also not sure if its wise to have several different programs like Norton/Bullguard running at once, your PC will be extremely slow
 
I have tried malwarebytes so thank you for the advice.

I did a long deep scan and found nothing,

I only have bullguard firewall and malwarebytes running so it should not slow my pc down so much.

But i feel something is being missed because of those url alerts i got must have happened by either someone online or a program did it because i didn't.

Most likely someone online, because it happened to my chrome book as well as my pc.

Dan.
 
Last edited:
lltfdaniel said:
I have tried malwarebytes so thank you for the advice.

I did a long deep scan and found nothing,

I only have bullguard firewall and malwarebytes running so it should not slow my pc down so much.

But i feel something is being missed because of those url alerts i got must have happened by either someone online or a program did it because i didn't.

Most likely someone online, because it happened to my chrome book as well as my pc.

Dan.
Click to expand...

If malwarebyes hasnt found anything, then I think you're pretty safe. But just to make sure I would run the scan daily for the next week or so, and if it still doesnt find anything im sure you're good!
 
lltfdaniel said:
But i feel something is being missed because of those url alerts i got must have happened by either someone online or a program did it because i didn't.
Click to expand...

I'm going to repeat myself again because I don't think you are learning anything from this thread. If you 'feel' or 'think' there is something up one of the best ways is to get all of your data OFF the PC onto an external hard drive and format the pc.

This is the only 100% legit and safest way to recover from situations. You will need to re-install everything and update the system again but this once learnt how to do things can be done in under an hour if that.
 
You must log in or register to reply here.
Back
Top Bottom