Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Was hacked. Am I safe now? Are these warning signs?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Was hacked. Am I safe now? Are these warning signs?

Unread postby Bluexanadu » November 12th, 2018, 9:22 am

Hello, lately I think Ive been having some issues with my internet security. I was wondering what people here thought. Any help into if there still seems to be an issue or insight as to what could have happened is appreciated.

Recently,

-An email I made for my younger sister to play Elder scrolls online that didnt get any use outside of that and has been stagnant since, I was made aware got hacked and was apparently banned and used to spam. (Says when I logged into it) I wasnt even going to log into it, however, when I went to enter my email on my iPhone, it came up in the auto suggest and I was surprised because its usually my two main that I frequently use and I never have used it since I made it to my acknowledgement. Im not even sure that I ever even saved the password to my phone or even logged in on my phone. The email DOESNT appear on haveibeenpwned. This tipped me off into looking into my security more.

-As I was changing some email things like passwords etc for safety, juggling my iPhone and iMac for ease, I got an email pretending to be apple to an email that doesnt even have an iCloud account attached to it with poor syntax and definitely not apple and no virus-ey link to click, just asking that I go and update my information as there was (I forget exactly) an unknown log in attempt or something. I only cared really because usually it goes right to spam and I dont click but it went to my main inbox. Which makes me think, that someone can see what Im entering to some degree then since they didnt try to direct me anywhere? Or maybe it is literally just purely coincidence. Also the account they said had an Apple ID does not.

-I noticed that my main email had lots of unsuccessful syncs from various IPs around the world.
(At this point I factory reset all of my devices except ones that arent mine)

-Before, there were more unknown devices (Unknown-XX-XX-XX-XX-XX-XX). There is one that keeps coming up even if I delete it.

IP address looks the same as the rest of the recognized devices except for the last number. I dont know what I have thats creating it as everything is accounted for.

-On my router homepage under protected intrusions, I see these

tcp_port_scan 9
tcp_syn_scan 1
tcp_data_on_syn_segment 42
ping_sweep_scan 1
tcp_syn_flood 1
udp_port_scan 2

Previously, despite being told that everything is constantly under attack, and that this is normal everything read 0s and Ive never intentionally reset my statistics. The number is of course only going up by the day.

-On my router homepage, I get many of these notifications

1. IDS proto parser : tcp data on syn segment

2. IDS scan parser : udp port scan: [NOT MY IP] scanned at least 20 ports at [ROUTER IP] . (1 of 1) : [NOT MY IP] [ROUTER IP] XXXX UDP XXXX->XXXXX

3. FIREWALL replay check (1 of 17): Protocol: ICMP Src ip: [MY IP] Dst ip: [NOT MY IP] Type: Destination Unreachable Code: Port Unreacheable

4. FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: [NOT MY IP] Dst ip: [ROUTER IP] Type: Time Exceeded Code: Time to Live exceeded in Transit

And more.

The times that these events happen often will be very close together. (Within about 20 minutes or less and then cut off for a bit)

Most of these IPs say they belong to apple, google, amazon or companies. Is this normal? Is this safe? I ask because is it possible to spoof an IP to make it easier to try and enter a network or something?

-My Wireless mouse and keyboard are not working correctly/ the keyboard even with batteries replaced will often not type correctly. This has only started happening within the last few days.

-Sometimes webpages will not load fully or will just not let me access them to a more frequent than usual degree.
My internet across all devices is extremely slowed down pretty suddenly. 4.32 DL speed, 0.83 upload speed, 15 pings.

-Unsure if related but: I have gotten 2 spam phone calls when really over this entire year Ive maybe gotten 4ish, then now I get two in two days. I realize thats not a lot but its still odd to me considering the time this happening.

Heres what Ive done so far:
-Added authenticators to things that I could
-Changed any passwords I care about
-Deleted my paypal just to be safe
-Changed my internet passwords that care about
-System reset all of my devices and only loaded back on some things from iCloud.
-Cleared out my iCloud almost entirely
-Upgraded my iOS (my computer wouldnt let me before without system resetting apparently)

Maybe it was too much, maybe it wasnt? Honestly, Im not sure. I just wanted to be safe. Id just like to know what you all think if given the things that are still happening if its normal and safe? Thanks so much for reading and maybe helping out. Have a great day.
Bluexanadu
Active Member
 
Posts: 2
Joined: November 12th, 2018, 9:19 am
Advertisement
Register to Remove

Re: Was hacked. Am I safe now? Are these warning signs?

Unread postby Bluexanadu » November 12th, 2018, 9:25 am

*****By “iOS” near the bottom, I meant my iMac OS. My mistake.
Bluexanadu
Active Member
 
Posts: 2
Joined: November 12th, 2018, 9:19 am

Re: Was hacked. Am I safe now? Are these warning signs?

Unread postby pgmigg » November 12th, 2018, 12:24 pm

Unfortunately, as you have replayed to your own topic, the topic must be closed as it would likely go unnoticed by helpers who are looking for topics that have only a single post.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to your topic before a helper replies.

Please start a new topic with just a single post, and this time attach your logs, then wait for a helper to reply. Thank you for your understanding.

By posting just a description of your problems it is likely that your topic will be passed by and you will not receive the help you're looking for.

We need to know what's running on your computer so we can give you appropriate instructions.

If you still need help, please start a new thread with:
  • FRST.txt
  • Addition.txt
  • Details of your problems.

If for any reason you can't run FRST, please let us know in your post.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 288 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware