Security of the PC

Jegajothy vythilingam
Jegajothy vythilingam used Ask the Experts™
on
My OS is win 10 pro 64 bit.  My pc is a lennovo m72e.   I use Verizon DSL and the pc is connected via a modem, which has about 5 ports, allowing for ethernet connection.  Last week a hacker managed to hack into my pc.  My question is if I were to change the port which the ethernet cable is connected, can the hacker get into my pc again?  I have Avast security protection and the OS' own.  thank u
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior System Engineer
Commented:
Yes the "hacker" will still be able to get to your machine, the physical port will not change the security of your machine.   I would ensure that you have updated, and run scans on your machine to make sure you are secure.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
pc is connected via a modem, which has about 5 ports, allowing for Ethernet connection

That is a standard router which does NAT translation (giving you a 192.168.x.x address). It is an elementary firewall.

Rather than a different port (no that won't do much), consider using a less common internal subnet (say 192.168.26.x).  You would have to ask Verizon how to access your modem to do this.  Consider your own router if they will not help.

Windows Defender on Windows 10 V1709 is excellent and has a good firewall preventing external access. Consider this instead of Avast.

Finally, be very careful where you go and what you hover over. That is a typical way in and since you "asked" there is not a lot of prevention about the method. Windows Defender Smart Screen can help here.

These are some initial thoughts for you to chew on.
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.
Commented:
The question is really  How did the hacker get into your PC?

It is a bit unusual for a hacker to access the port of your modem and thus get into your PC.  It is more likely that you picked up a virus by either going to an infected site or opening an infected mail.  Can you confirm what actually happened?
Announcing the Winners!

The results are in for the 15th Annual Expert Awards! Congratulations to the winners, and thank you to everyone who participated in the nominations. We are so grateful for the valuable contributions experts make on a daily basis. Click to read more about this year’s recipients!

Distinguished Expert 2018

Commented:
I would also be asking whether you've been working with questionable software or tools from the internet. So it might be things you downloaded and installed, rather than anything from an email.

Author

Commented:
In response to Masnrock, I am afraid yes.  Short of trashing my present pc, God forbid as I do not have a budget, thus seeing if I can resolve this issue.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Did you try the suggestions earlier?
Distinguished Expert 2018
Commented:
So the likely cause is that you've been using hacked software that has all sorts of nasty surprises in it. This would be the biggest red flag, and I wouldn't be surprised if you're not running good AV because of the software and tools in use.

Unfortunately, the only real solution to your problem would be the wipe out the computer and load everything fresh. Since we know you're going to want data from the current drive, I recommend doing a really good backup and also scanning the heck out of any data you're moving over. In the process, get legitimate software from legitimate sources, and have proper AV and malware protection.
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.

Commented:
Is the system at present still infected?
Changing the port or the internal IP address does nothing to prevent an attacker from getting on your system.  They don't generally get on your system that way.  On a modern OS, you have to run a program to basically open the door and let them in.  This generally happens when you run a program that you shouldn't have run, usually through something you downloaded or something you clicked on.

Increasingly frequently, it's also coming from ad-laden sites that are also serving Malware.  Install an Adblocker on your browser as a first line of defense.

If you'r system is still infeceted, then you should run scanners to remove the infection.  If none of the scanners you've used detected anything, then it's time for you to reinstall your system and recover data from backup.  Hopefully, you back up your data on a regular basis and keep a copy disconnected from the internet.

Author

Commented:
In response to dbrunton.  The hackers advertised in google as the support for a software, and I called them.  And they requested to connect to my pc, and by the time I realized they were scammers, it was too late, and I cut them off and shut down the pc.  Now I do not know if they still can connect to my pc when I boot up and have control over my pc?
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
And they requested to connect to my pc, and by the time I realized they were scammers, it was too late

I suggest (as others have here) and, like it or not, the only practical remedy here is to back up your PC, format it and reinstall Windows.

Then (since Windows 10) use Windows Defender including Smart Screen and put a good router firewall in. Practice safe computing.
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.
Commented:
>>  And they requested to connect to my pc, and by the time I realized they were scammers, it was too late.

If they installed software then remove it.  One possible application they installed was TeamViewer.  Uninstall instructions are here  https://community.teamviewer.com/t5/Knowledge-Base/How-to-uninstall-TeamViewer-on-PC/ta-p/16835

Run the following application on your computer  https://www.malwarebytes.com/mwb-download/  Get the free version of MalwareBytes and run it and see what if finds.

Author

Commented:
in response to the questions, I ran Avast security scan and malware bytes but I think it is still infected, see attached snapshot of the rogue screen.  I will install the windows defender, thank u all
dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.

Commented:
Snapshot of rogue screen please.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial