Almost identical IP Address and Trusted Zone Computer IP, not written by me... Have I been Hacked?

I have been "fighting" a series of Adware and Trojan Programs for about a week.  I remove some (all) only to have more and new ones come on, that are installed without my action or consent when I go online.  I have been doing all the "right" things, clearing temp files, searching for and removing registry enty, etc, etc.  (And yes all the restore points are deleted).  THe strange thing is I get clear scans from my AntiVirus (with new definitions and the most recent iteration of the software), and multiple different and current Anti Spyware and Adware programs, then go online and then they reappear (or new ones appear).  Also I have had settings within My Internet Security Software (Program Access Rules) changed without any action or of course my permission.  I assumed this was by some malicious (and well written) Trojans, or coordinated threats to allow backdoors for these Trojans.

Now (and I genuinely am hoping that I am catastrophising and perhaps paranoid) I am afraid that my system may have been and is being Hacked, and this is why the Trojans and Adware keep reappearing.  I am the first to admit that I have a limited set of skills with respect to these topics, but I am learning Fast!

My suspecions are based around the following:  I used cmd > ipconfig to look at my ip address, I then looked at the only "Trusted Zone" IP address inside my Internet Security/Firewall/Anti-Virus Software.  They are almost identical, but not quite... just the final two digits transposed.  I do not recall entering any "Trusted Zone" IP address in configuration, perhaps these were auto configured by the installation wizards, etc, or could it have been done so by a Hacker?  I have also caught attempts to install Trojans on my own computer (via a port used by Torjans) from what appears to be my own computer's IP address, as well as the settings changes and Program Access Rule changes inside the Firewall software.

On the "Full Disclosure" Side:

I do War chalk and go up on unsecure WiFi networks from time to time, out of necessity and (yes as my neighbor's connection is faster than mine, so I guess impatience).  SO could this be a source of my problems?

Any advice on how I can determine if I have been or am currently being hacked?

If so how to end it?

And again if so how to track down the individuals address and "thank" him or her would be greatly appreciated?

Just kidding on the last one, but the first to in light of the info her would be great.

THis whole thing has been an education, and I have come to the conclusion that perhaps those of you here are more likely to help me than spending another 5 hours on hold to get "Technical Support" from the manufacturer of my Anti-Virus / Firewall.  Over the course of this week, I have learned enough that I usually have tried anything they think will work, and they are all asking what I do for a living, thinking that I am a skilled IT type... frustration may be the biggest motivator for education.  Thanks in advance for any and everyone's help, I just want to know what the  @#$%*& is going on and get this resolved.

Best, FG5
FlashGordon5Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tmehmetCommented:
>Internet Security Software (Program Access Rules) changed without any action or of course my permission.

If this is indeed true, you cannot trust your machine. A compromise of this level is pointless trying to fix it with spyware scanners and AV. Its almost certain you are beyond infection issues.

you could attempt sniffing the network to see what you machine is doing. eg where it is connecting and which protocls, also, you can see who is connecting to you and how..this should indicate if you are being hacked or remotely managed somehow.

would like to knw what services are running on your machine?

try this tool to interogate your machine;

http://winfingerprint.sourceforge.net/wininterrogate.php

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.