neodrago1324
-
Posts
16 -
Joined
-
Last visited
Posts posted by neodrago1324
-
-
13 minutes ago, neodrago1324 said:
I don't have Hyper-V either, as i said I haven't installed any virtual network software
Managed to uninstall it from device manger. Virtual network is gone for now.
-
2 hours ago, itman said:
I don't have Hyper-V either, as i said I haven't installed any virtual network software
-
47 minutes ago, itman said:
I don't have a wireless display adapter or a WiFi TV
-
On the connected home page, for the information on my laptop, it states that it's connected in a virtual network. I don't have any virtual machines, and I don't have any virtual network software installed, no VPNs either. Is this normal?
-
44 minutes ago, itman said:
Here's what I suspect is going on in regards to your router since this happened to me a while back.
Routers support both wired and wireless networks. The admin interface to the router is via the wired connection gateway IPv4 address.
When AT&T installed my router originally, they set up a secondary wireless gateway connection to allow a USB wireless dongle attached to my PC to connect to my router.
Subsequent to the above, I stopped using the above wireless connection and connect to the router via a wired Ethernet connection.
A few months back, I was having network issues with symptoms my network was hacked. I tired to access my router's admin interface via browser using my assigned wired IPv4 gateway address which is 192.168.1.254. Like you, I was receiving the same messages from Firefox that connection could not be established. When I performed ipconfig /all, the IPv4 gateway address shown was surprisingly the same you posted - 192.168.0.1. What the *!#&? At least this explains why I couldn't connect to the router via browser using its preset IPv4 gateway address.
The only way to straighten out this mess was to perform a hard reset of the router which restored the ISP factory IPv4 gateway address of 192.168.1.254. Then I could access the router's admin interface via a browser. What I found then is the following.
Appears someone had accessed the router and set the dormant wireless USB dongle connection as the router's only connection method. I then again deactivated that connection. The "someone" I suspect, as in your case, was my next door neighbor. How he was able to access my router is still unclear. But since this router also supports wireless TV desktop boxes, it may have been by hacking its WAP connection.
I managed to get into the interface without resetting, i don't know why, but now it worked - i entered hxxp://192.168.0.1/
I reset the password, but how can i see the connected devices?
*EDIT - i found the page, it seems ok for now, it only shows my laptop and my phone. So it shows only the currently connected devices. But i can't see where to remove a connected device
-
4 minutes ago, itman said:
Verify that the IPv4 gateway address shown on the router label is the same as shown above.
There is no IPv4 address on the router label. My router was installed by my ISP btw.
-
5 minutes ago, itman said:
This is somewhat of a mystery why you can't access the router.
Post a screen shot of what ipconfig Default Gateway shows. You can just crop that section using MS Paint or whatever you are using for screen shots and save the output to your desktop. Then attach the screen shot to your next reply posting.
-
2 minutes ago, itman said:
As far as your Eset Connected Home screen goes, the main problem I see is your neighbor's cell phone is connected to your router.
Rather than fooling around with router settings to corrected this, I would just reset the router. Then either assign a strong admin password for router admin login screen or change the existing one.
OK, but what happens after i reset it? How will i be able to set the network name and password if i still can't access the router options page?
-
4 minutes ago, itman said:
Did you enter the your router's IPv4 address as show in the below screen shot?
Yes, exactly like that. I just get the message Unable to connect
-
Just now, itman said:
Did you perform the ipconfig command as I requested and obtain your Ipv4 gateway from its output?
Yes, i tried with the Ipv4 and with the Default Gateway
-
1 minute ago, itman said:
Enter the router's IP address as hxxp://192.168.1.254 using whatever your router's IP address is instead of 192.168.1.254 .
Doesn't work, even when i type the link which is from the router sticker, nothing loads
-
1 minute ago, itman said:
You need to enter the IP address for your router in a browser window. In many cases it is one of the following 192.168.1.254, 192.169.1.1, or 192.168.0.1.
Open a command prompt window and type:
ipconfig /all
Your router IP address is listed next to "Default Gateway." There will be one IPv4 address listed and one for IPv6 if you have that enabled for your network adapter. Use the IPv4 address listed as your router's IP address.
I get the message: Unable to connect, with these options below:
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. -
27 minutes ago, Nightowl said:
If you feel that your router has been compromised it's better to reset it and change the Wireless password and if there is a firmware update , update it to the latest version
As for the unknown devices one seems to be a Windows computer that is trying to communicate with your PC and the other I can't know because the title is blurred
Normally Windows systems communicate with eachother like for Update sharing from PC to PC
Port 137 looks like to be used by NETBIOS
I wonder if the other PC is infected and is trying to spread again through Port 137 , Port 445 , to infect you again with some ransomware again as you've saidFor MalwareBytes if it's running in realtime it's better to disable the real-time scanning as it would conflict with ESET real-time scanning as they would fight eachother to claim files , then they will start bringing up false positives and then protection would be useless from both , as both cannot do what they are designed to do.
----
As for the Ransomware you should have taken it from some place , whether it was downloaded from the internet , or the PC was exploited through another PC from the LAN
It's better to clean off unknown devices from the network by securing your router again, then you will be sure only your devices remaining in the LAN, and then you can start by working to isolate and fix the troubled computer
How can i remove this unknown device? I'm trying to access my router settings, but when i type my IP address in the browser, it doesn't load.
-
Recently my laptop was infected by a really bad virus, which encrypted all my files. However since i had backed up all my important data, i just used the Windows Media creation tool on another PC, made a bootable USB drive and re-installed Windows(i deleted all drive partitions and formatted my drives during the installation). Now everything seems as if its normal. Windows Defender didn't detect anything, i ran a full offline scan - still nothing, i ran the command "sfc /scannow" - again nothing found. But i decided to install ESET to be more confident that there are no threats to my laptop. When i scanned the PC, no threats were found, but there are strange(for me at least) things in the network tab in ESET. There are some unknown devices(one of them disappeared before i managed to take screenshots of the network configuration), and there was some blocked traffic from my laptop. Here are some screenshots:
Network configuration: https://ibb.co/WsfXTs0
The unknown device: https://ibb.co/5hGZPJy , https://ibb.co/GMs8b40
Blocked traffic: https://ibb.co/nncMcp0
And the blocked items : https://ibb.co/n6H84dR , https://ibb.co/fQKkq14 , https://ibb.co/2kNkNhL , https://ibb.co/9nfbzzv , https://ibb.co/1Z7cdr4 , https://ibb.co/SVFT36b
From what i can see, these are just Windows processes, but it seems strange that they are blocked. Also something i should mention - every time i boot my laptop, the windows command line console pops up 2-3 times for a split second, i don't know if this is normal or not, but I'm pointing it out because it may have something to do with these processes(maybe it conflicts with Malware bytes, since i have it installed as well?). So my question is - is this blocked traffic normal or not, and is that unknown device something that is normally generated from the network or something suspicious?
Blocked traffic and unknown device in network
in ESET Internet Security & ESET Smart Security Premium
Posted
Hey, its been a while, i thought of making a new thread, but since this isn't closed I'll try to write here.
So basically the original problem with blocked traffic form svchost.exe still occurs, and this time more seriously, before it would just block 50-100 times, but now the count racks up every couple of seconds(see screenshots). i updated my router's firmware and reset it, also changed the WiFi password, anti-virus scans find nothing. What could the problem be?