Modem, Router, Vpn, Proxy?

This is a hardware, software, malware question, but belongs more in hardware, so don't move it, please.

It is very important that I thwart people who follow me by my IP address. Therefore, I want to know what can be done to stop it.

1, Is it true that changing to another, identical, modem will automatically change your IP address?
2. If so, is that true for changing the plug that looks like a big telephone jack, to one of the other sockets?
3. There are programs that will continually change your IP address at random. How do I find one?
4. Which is best to avoid having your PC traced by its IP address: a router, a proxy or a VPN? Or more than one of them?

I've been severely hacked by a sophisticated mechanism that went all through my PC. I reinstalled W7. It's back, of course. But before I reinstalled, I was able to save all my important stuff, so there's nothing they can do to me now except be a nuisance. I don't need help with the hack itself anymore.

But I don't want to have to reformat C every two months. The hacker found me through my IP address. So I want mine to become invisible.

I'm hoping someone over there can advise me.

 

1. No. Your assigned IP address is set by your ISP, based on your account. So it is up to your ISP. That means they may assign a new IP with your new modem, or they may not. And it has nothing to do with whether the new modem is identical or a totally different brand. IP addresses are assigned based on the MAC address of the modem and every networked device has a unique MAC address. So if you get a new modem, you will need to inform your ISP of its MAC address. At that point, they may just reassign your old IP to the new modem. And typically, that is not a problem at all.

That said, you typically can call your ISP and ask for a new IP address.

2. Changing the plug/socket does nothing to the IP.

3. Use google.

4. I think there might be some confusion here. Are you using a router? If not, get one. Your router will assume the IP address assigned to the modem. But then, the router will assign all your connected devices new and different IP addresses. It is extremely difficult for most hackers to see your computer's actual IP address through a router.

What are you using for security?

How do you know you were hacked by a "sophisticated mechanism"?

How do you know the hacker found you through your IP address?

Understand the easiest way to be hacked is through you, the user, and always weakest link in security. The vast majority of bad guys are lazy opportunists. When they encounter any resistance, most move on to easier pickings. Your goal is to not be low hanging fruit. It is very VERY rare for a bad guy to specifically target you. This is particularly true if you don't have lots of data that is of real value to him/her on your computer - for example, the personal information for 100s of customers if this was a business computer.

Most hackers today want to take over our computers to use them to attack other computers, or to distribute spam or malware. This is really pretty easy to prevent.

Use a decent router even if you only have one computer. There are plenty nice ones for around $100 - $150 that have excellent security features. Spending more might get you faster wireless speeds if you have multiple devices that will be in use at the same time. Dual band will support both 2.4GHz and 5GHz wireless devices.

Connecting your computer via Ethernet (wired) avoids all the security issues with wireless. That does not mean wireless is insecure, but it does take more to make wireless secure. Still, if you can connect via Ethernet, I recommend it.

Keep Windows fully updated. This cannot be over stated. Consider updating to Windows 10. Windows 7 is already 9 years old and mainstream support ended 3 years ago! And don't confuse privacy and security. They are NOT the same thing.

Use a decent antimalware solution and use a secondary scanner for verification. I use Windows Defender on all my systems, and I use Malwarebytes as a secondary scanner just to make sure Windows Defender or me, didn't let something through. Remember, the best security in the world is easily bypassed if the user opens the door and lets the bad guy in. For Windows 7, there's Microsoft Security Essentials or any number of other alternatives. Avast is popular.

Don't be "click-happy" on unsolicited downloads, links, attachments and popups. Stay away from sites and activities where badguys wallow. These include participating in illegal filesharing via Torrents and P2P sites, visiting illegal pornography and gambling sites, etc.

Use strong passwords and passphrases.

Use a Standard user account (not admin) - this is especially true if multiple users use that computer and the others are less security aware and disciplined.

If you keep getting infected, it is most likely because you (or another user of your computer) are letting the bad guy in. Not because some bad guy knows your IP address.

 

@Digerati, excellent post.

 

Thanks.

 

You're wonderful!

This is long, but you asked for explanations, and I think it's important for people to know about this hack. It's no longer able to give me any real grief.

What you said about a router is what I was hoping for. I don't have one, but I'm going to get one now.

In addition, I just bought W10, and a new computer. I will avoid using it on the internet like the plague. My important files are on a memory stick.

They're still silencing me, but that's all they can do.

I haven't used my POP3 mail server for 6 months, because there's a BAD piece of malware in red letters on it that won't even let me SEE my other mail until I click it. Delete it, it comes back. I'll click it just before I reformat C next time. But POP3 couldn't have been the original source of the hack. I'm usually very careful - I use ZERO social media, zero wireless, never buy anything online, and never open email that's remotely suspicious.

Antimalware isn't worth much any more. I downloaded Avast (while hacked), from its own site, and installed it. Then I grew suspicious, and I couldn't get rid of it. I'm sure the hacker tainted the download. Can't believe it was done by Avast. The hack made "access denied" on many folders. It also made the registry REFUSE to delete items that I knew were foul. There's a large registry folder called Kaspersky, which I find suspicious, and which I cannot delete. Even in the command line, I'm denied making certain changes, like attributes, on suspicious files. The only antimalware that has EVER helped is ClamWin.

It's possible that nothing can stop this hacker. And also possible I am somehow "letting it in." That's why I got the new PC.

I'm aware that the user is often his own worst enemy. I use NoScript, which is good, but I end up permitting scripts, hoping it will control a video that I'm unable to load - and junk can get in that way, alone. I need to KNOW what the script will do or says. No luck.

No other users on my PC; just me.

I don't know if my Windows logon is as an administrator, and don't know how to find out. I use "open as administrator" when I want a program to make available all options.

I don't have proof they followed my IP address. Do you know of some other way they could have found me twice? I think they've tracked me down because of online comments I made, perhaps using logon information I gave to the site. I'm no pro on such matters. But these people are high-level pros.

I'm not casting myself as someone of any importance here, because I'm not. But this hack was not the work of some idiot seeking to get money from me somehow, or just to do damage at random. Those don't have a whole bunch of foci. They usually do one or two things.

The hack was extremely sophisticated. It hijacked ZoneAlarm, got me to approve of programs I had used, but it wasn't those programs making the request. Sometimes a site is opened, even when ZA is locked. When I want to be SURE the ZA lock is working, I unplug the modem. The infection had almost more control of my system than I did, and could change what was offered in context menus, and it sent messages to itself, partly readable but most in code, through the Destinations folders. I only learned of it because I have NO wifi, and the appearances of those messages were obvious to me. I will NEVER use anything wireless now - when my expert found the card and antenna, I gave it to him. I can open the messages in WordPad. It could easily be government or a foreign agent, because the main goal is to silence me - and maybe spy on me (for what that'd be worth! Grandmas in wheelchairs don't have much dirt to find). Just can't get myself into porn...

Two sites where I could log on and make comments were compromised. I couldn't access the site owners to ask what was wrong. I could read but not comment or reach the administrators. Result, I've been silenced. Still am, maybe through poisoning my browsers. They must be doing this to hundreds of people, but they ARE able to pinpoint their target. Those messages give full information about me, my file system, what sites I've visited, what programs I use, etc., in addition to a lot of code. These messages are reports AIMED at someone. I'd saved a bunch of those messages to give to experts who might be able to track the hackers. Nobody was interested. Go figure. Wireless users would probably never find those messages in Destination folders. I'm still getting these messages. I just delete them, but could save them, in case someone really does have some interest.

I just noticed this - ZA is locked, but is still downloading an update. My Clamwin just gave at least 5 popups about suspicious files it was quarantining. Could a hacker attach itself to the ZA update mechanism, when I think the lock is on? Nothing would surprise me now. I'm beginning to wonder if ANYONE is safe online any more. Just being paranoid...

To silence people, they HAVE to target the writer specifically. I wish I knew how to find out how many other people are in the same boat as me.

For months I had to use Safe Mode with Internet Access only. Finally, I gave up and reinstalled W7. It was good for a short time, but the hack is now back. But they won because I'm still silenced.

I was sure they would return, and saved all my important stuff away from my PC. So I'm being hacked yet again, but it's just a nuisance now.

I think it is important for experts like you to know what this hacker does. I could be somehow letting this in, but I also know this hack is MOST unusual. It isn't a simple virus. It is highly complex. I'd ask that you try to inform other experts about this hack.

Next time I reinstall the OS, I'll have a router, thanks to your kind advice.

Ya did good, kid!

 

Kaspersky, Avast, ZoneAlarm, Clamwin... they all need careful removal routines or they can act like malware/corrupted Windows.

 

That makes no sense. W10 is the safest Windows version yet.

Not the best place - I certainly hope you have copies on other media. Except for floppy disks, memory sticks are probably the least robust in terms of reliable storage. They rely on the unreliable USB interface. They are subject to ESD damage just by sliding into and out of pockets. They can very easily be lost, stepped on, or washed and dried with the laundry.

Ummm, kid? Tell my great-grand son that!

My big problem here is that you said you re-installed Windows and all these same issues are back. Are you sure your copy of Windows is authentic? How did you restore your data after the Windows re-install?

How did you get Kaspersky, Avast, ZoneAlarm and Clamwin on your system? Generally, you should not have more than one real-time anti-malware solution at a time. While actual conflicts are not the problem they used to be, it can still happen. I like to say it is like two dogs guarding the same bone, each wondering what the other is up to. The only real exception I've seen that consistently does not cause problems is running Malwarebytes with another solution. As I noted above, I run Windows Defender on all my systems. I run Malwarebytes Premium on my two main systems and have never had a problem with conflicts, or excessive resource hogging. And I have never had any malware problems either. On the other 4 systems here, they too run Windows Defender, but with the Malwarebytes Free program - which is on-demand only. And again, no problems with infections.

Why do you think the Kaspersky folder is suspicious? Did you install Kaspersky?

My point is, you should pick one solution and use only that. If you don't want to use MSE with W7 or Windows Defender with W10, that's fine. But pick one good alternative and again, I generally like Avast. But regardless what your primary scanner of choice is, you should always have a secondary scanner just to make sure you, the weakest link, didn't let something slip by. And I like Malwarebytes for that.

What do you mean by this? It is highly unlikely you have a mail server.

I don't think you were "hacked". I think your system was "compromised" - that is, I think a file was downloaded or a link was clicked that let malware in.

 

When I reformat, I will install W10, just like I've done on the new computer. I'm glad to learn that W10 is the safest.

I'll take your word for it about the memory stick. It feels good to hold ALL my important files in the palm of my hand, AWAY from my PC, so if the data on the PC gets kicked, no big deal. Still, since my new PC has 1 terabyte, I'll move the data there, too. I'll have to access the internet a wee bit, like registering W10 and downloading updates. I'd bet those can be dangerous, too, since people will trust them, so the bad people will find a way to download their filth along with the updates. I've learned that there's NOTHING on the internet that is ever completely safe. Everything can be compromised. Like the cold war, one side comes up with a new weapon and the other side develops a bigger one...on and on. My stick is a big one, with a protective cap, but your advice is still good.

Okay, I'm a bigot! I presumed most people at MajorGeeks were fairly young. I'm 73, so you still might be a kid to me, but either way, I intended it as a compliment. But I'm too old to call you "Gramps"!

The issues came back gradually. But some files remained on the HD when I reinstalled W7, and they could have had the infection, too, but there are aspects that speak of a new installation of the hack. Not too important. When I install W10 on this, the original PC, I'll format first. Then see if it helps.

ZoneAlarm has always been excellent - till now. It is now owned by the hacker. Avast was also fairly good, but my download carried malware - not their fault. Kaspersky is another matter. I have NEVER had any Kaspersky programs, yet I can't get rid of its registry entries. Clamwin - now that's a program that makes me want to hug people who make free source software.

Much as I love ZA, I'd never rely on it to catch all infections. For that I use Clamwin. It works, but nothing is good enough any more. I also have WinPatrol, which isn't antimalware, but helps a lot. I used the free Malwarebytes, and found it disappointing. All it ever found were PUPs.

Did I use the wrong word, "server"? My ignorant bloop. I meant the email address that is tied to my computer by my ISP.

It's entirely possible something I clicked could have let the malware in. By means of fraudulent requests from ZA, I could have been lured into clicking, since it was asking for a program I'd used. After I caught on to that, I began unplugging the modem when I wanted to be SURE nothing online could reach me. But there's no way anyone could silence me online without targeting me directly. It got into my browsers to block me from using my logon to make comments on several sites. It's still doing so.

Thanks for the advice on my stick. I'll double-guard my data on the new PC. I have a new switch that lets me switch from one PC to another. I'll never let both be active at the same time. I'm trying to protect the new PC, so I won't have to worry much about what the malware tries to do to the original one.

I'll move my data from the stick to the new PC. I'll use it a while, and if the problem comes back, it means it was on one of the files on the stick - that'd be bad. No antimalware seems able to find the source of this hack. It can adapt to things I do. It's the only thing I disagree with you on. Surely you're not saying that a simple virus can deprive me of commenting at several sites, alter context menus, infect the registry and command line, send itself messages - all the things I told you it does, and there's still stuff I didn't remember to mention. To do all that would take a big program.

But you're still terrific. Thanks a bunch.

 

And that's fine AS LONG AS that is not the only copy of your important files. A good, robust backup plan involve multiple backups on different media - including one stored at an off-site location.

Very unlikely. Microsoft has gone to very great lengths to ensure their updates do not get compromised by the bad guys. And since Windows Update has been around in one form or another since Windows 95 days, I am not aware of any incident - EVER - where that happened.

Is it possible? Well, never say never. But for it to happen, a bad guy would have to hack into Microsoft's network, modify the files, then sneak back out totally undetected. That is highly unlikely. But if it did happen, you would be in the same boat as 100s of millions of other users. So IMO no worries there.

Make sure you do a "Full" format, not a "Quick" format. A Quick just marks all the file locations the file tables as available. A Full format forces the system to actually re-format every storage location, ensuring each sector is free for new data.

I use WinPatrol too, but that really is best to monitor and control startup processes. I used ZoneAlarm for many years, many years ago. Then they got too aggressive pushing their "suite".

If it were true the download was infected, it sure would be their fault - assuming you downloaded it from their official download site.

Then that would be odd. Did it maybe come with the computer? Many computer makers install trial versions of programs on systems.

Your email account provided by your ISP is likely more secure than a Gmail or Yahoo or similar account.

I don't know what you mean by fraudulent requests from ZA but that is not likely. What is likely is you clicked on something and let the malware in. Tricking unsuspecting users into clicking on something is the most successful, by far, method used by bad guys to distribute their malicious code. This is what "social engineering" is all about.

The solution is, don't click on it! If you get an unsolicited email from your bank, don't click on any links in that email. Instead, visit your bank's website directly by entering their address into your browser. If you get an unsolicited popup, just close it. If someone sends you an unsolicited attachment, don't open it. If you think it might be legitimate, Save it to your desktop and scan it first. If clean, then open it.

I use Windows Defender and Malwarebytes on all my systems and don't get infected. Yes, Malwarebytes might report some PUPs, but they are worth checking out because many are unwanted.