Rich

I took a look at the trailer and love the visuals of this game. Is it out now and if you are playing it how do you like it?

What about dare I suggest Google? They offer free web hosting :). If I had known that I would never have paid for it.

Oh I have washed my hands as of this as of now. I have given him both my laptop and Mac Mini to see about the Rootkit hidden malicious files. The remote login and detected system changes. Etc. I will just let him take it from here on it. I can honestly live without those two computers anyway. When I get them back and if I get them back this will finally get a resolution to all of this if not carry on.

I am also having a friend come in and take a look at my Neighbor's captures as well. I had him run Wireshark as well. He was able to run his uninterrupted though. The file is an insane 980 something megs almost a gig. That is being as obsessed as I am with this he was my best option. He knows a lot about computers too. He is nowhere near you though DigiP. I am just glad that he was willing to help me. He did it because it was that one day the Roku connected to his wireless network. He wants to know what's going on too now. He's a cop too so hopefully if he asks around he can find someone in law enforcement to check his stuff out. My main concern was I did want him to think it was me at all. He has photos of his kids and things so he's kind of upset. He really wants to know for sure. Thanks again DigiP.

Thanks very,very much. You have given me so many protocols to implement to fix my problem. I really appreciate it.

Here are some more Caps. I hope this shows some way to get rid of these issues. http://dl.dropbox.com/u/78931026/QWEhttp://dl.dropbox.com/u/78931026/QWE

Finally I found the latest version of Rootkit Hunter and it picked up remote logging enabled. I locked down the Actiontec router as best as that model allows. UPNP was turned off and then I disabled remote login for diagnostics or pings. Then Rootkit hunter picked up this. There are no Viruses detectable via Intego or this either. This also warns of hidden files but, how do I get to them and get rid of them? Do any of you guys know what type of Virus is this that it is able to go through both the Mac's firewall and Intego when I set it to no internet traffic at all? I am going to proceed as planned with the Wireshark captures. The UPNP is turned off and the other wireless traffic should be no apps running. Thanks so much for helping me Digip especially. This is turning into Sherlock Holmes Vs Moriarity on the MTIM attacks or something. This is like something out of a movie. Here is the link to the Mac screen selection. https://www.dropbox.com/sh/ji7hm4ijktw9hmm/WNCn3_KtrU/RemLoggingAllowed.tiff

Thanks so much DigiP. I really appreciate this. I am going to see what else completely no apps shows up.

Thanks here is a plain text capture I saw some encrypted requests. I tried to get this so much cleaner. I am sorry this is like this. I wish I knew how to make this so much easier to read. Thanks so very much Guys once again. http://dl.dropbox.com/u/78931026/Plain%20Text%20Capture

I have officially even contacted via e-mail a Mr. Miko Hypponen who has his e-mail address online. He runs F-Secure and I have tried all his products. I got Intego's Virus barrier and it was with that I saw something truly interesting. Intego's Virus barrier and Firewall shows you which ports and apps are open for noobs like me in an easy GUI. I caught mail opening on it's own,Firefox opening on it's own. They all would run in the background open up port 443 and when I would block that port with program another one would program would open trying again. Mr. Hypponen said there is no concrete help he can give me from there. He suggests that I take it to a local computer shop and try for their help. I am please asking if any of you guys know of a reputable place online that can do this because locally I know of no one that can handle something like this. Thank you once again in advance.

I found it also helps if you control the ISP. LOL Then you beat the second device authen by controlling the other device. All of which is illegal.

How did I miss your reply I am sorry. I tried this and it did not work. I appreciate it anyway.

My name is Rich and I am the Happiest when I am around technology. Unfortunately I can not get the best Tech anymore due to budget constraints but, I really appreciate all the help you guys have given me on the HAK5 forums. I look forward to things changing soon. I would love to attend a Hacker conference. Just to meet and greet people. I would really like that. I was wondering is their anything coming up soon this Summer in the NY area? I appreciate you guys helping anyway even if there is nothing coming up soon.

Yes, I do admin access and Verizon is refusing to help with any of my security concerns. Mine thank God is not an old Actiontec but, it just got a Firmware change mysteriously. Here is it's current revision E model running F firmware. Here some of the recent settings I captured. The best guys is that the Nintendo Wii,Playstation3 and my Roku Box are setup as Wi-Fi hot spots. How do I know? I have an Indian friend who came over and he told me that this how no matter how many times you clean your laptops or computers. The virus just will come back because they will always get out and connect to some else's router. Then I was told by the Verzon Rep. he can do nothing for me but, change my password. When I have WPA 2 protocol in place. Then I turned off UPNP. I am still amazed at what is going in here. Here are some captured settings on how a Revision E router just turned into a Revision F . I all of a sudden have WIRELESS N NOT G! WTF!mware Version: 20.19.8 Model Name: MI424WR-GEN2 Hardware Version: F Serial Number: CSJF0291202590 Physical Connection Type: Coax Broadband Connection Type: DHCP Broadband Connection Status: Connected Broadband IP Address: 173.77.161.176 Subnet Mask: 255.255.255.0 Broadband Mac Address: 00:26:62:70:14:C7 Default Gateway: 173.77.161.1 DNS Server: 68.237.161.12 71.250.0.12 ame Network (Home/Office) Ethernet Broadband Connection (Ethernet) Coax Broadband Connection (Coax) Wireless Access Point WAN PPPoE WAN PPPoE 2 Status Connected Connected Disabled Connected Connected Connected Disabled Disabled Network Network (Home/Office) Network (Home/Office) Broadband Connection Network (Home/Office) Broadband Connection Network (Home/Office) Broadband Connection Broadband Connection Underlying Device Ethernet Wireless Access Point Coax Coax Stats Broadband Connection (Ethernet) Broadband Connection (Coax) Connection Type Bridge Hardware Ethernet Switch Ethernet Coax Coax Wireless 802.11n Access Point PPPoE PPPoE MAC Address 00:26:62:70:14:c3 00:26:62:70:14:c4 00:26:62:70:14:c6 00:26:62:70:14:c5 00:26:62:70:14:c7 00:26:62:70:14:c8 IP Address 192.168.1.1 173.77.161.176 Subnet Mask 255.255.255.0 255.255.255.0 Default Gateway 173.77.161.1 DNS Server 68.237.161.12 71.250.0.12 IP Address Distribution DHCP Server Disabled Disabled Disabled Disabled Disabled Service Name User Name verizonfios verizonfios Received Packets 1753 1474 93 798 186 Sent Packets 1638 2645 609 833 249 Received Bytes 348951 295699 47356 210918 39654 Sent Bytes 1139895 1287337 134352 626824 70356 Receive Errors 0 0 0 0 0 Receive Drops 0 0 0 0 0 Time Span 0:06:25 0:06:25 0:06:25 0:06:25 0:02:25 Channel 1150 MHz 1000 MHz

Ok Guys when you guys asked me to draw a network diagram I only skipped that step out complete frustration and troubleshooting those past two nights. Here is how I have my network setup because it has to be this way as per Verizon's design. This router is the first device in the network. It is the Access Point,Router,Gateway and Wireless Access Point. That is the Actiontec model MI424-WR-Rev.E. I then after all those problems directly connected my laptop to Verizon AP. The connection is a direct Ethernet connection no switches or firewall in the way. In fact tomorrow I am downloading spice works just to see before I shut down wireless if anything ellse is on the Network. I am really curious if their is some freaking leeching. I really thank you guys for all the advice. I think the crucial and best advice is to shut off the wireless and lock it down I guess Mac address authentic is the best I can do. I do have the wiireless security set to WPA2 and that surprises me even more because that is the best security I can get. I like your idea of the NUKE cd and basically this falls back on Verizon. I will definitely follow your advice but, three direct ethernet connect laptops to Verizon's AP router and it's still slow it has to be them.

Thanks. Yes, unfortunately the Verizon POS router is a complete Wireless Acess Point Router MOCA Modem POS if you know what I mean. That's for the heads up. I am convinced something else here is going on too. I though as per my brother's suggestion I finally found a Mac route kit remover. I can never get the Mac system processes to open properly. This is what OS X Rootkit Hunter comes up with it that it will not let me see those back ground processes. No matter what. Performing malware checks Checking running processes for suspicious files [ None found ] Checking for hidden processes [ Skipped ] Checking for login backdoors [ None found ] Checking for suspicious directories [ None found ] Checking for sniffer log files [ None found ] Performing system configuration file checks Checking for SSH configuration file [ Found ] Checking if SSH root access is allowed [ OK ] Checking if SSH protocol v1 is allowed [ Warning ] The SSH configuration option 'Protocol' has not been set. Checking for running syslog daemon [ Found ] Checking for syslog configuration file [ Found ] Checking if syslog remote logging is allowed [ Warning ] Syslog configuration file allows remote logging: install.* @127.0.0.1:32376 Performing filesystem checks Checking /dev for suspicious file types [ Warning ] Suspicious file types found in /dev: /dev/fd/6: data /dev/fd/7: data /dev/fd/8: Mach-O bundle i386 Checking for hidden files and directories [ Warning ] Hidden file found: /usr/share/man/man5/.rhosts.5: troff or preprocessor input text The IP address does not match up either. I am sure you guys are right. Now, fixing this freaking mess. Thanks a million again. Finally no wonder why I was having so much trouble. Thanks.

Here's another weird thing. Have you heard of a virus like this. It seems to change content on the web on the fly. Turn wen cams and blue tooth on and off. The final on and off is my Neighbor told me that his router had me connected to him on two laptops now. It was really interesting because in the network profiles of the laptop. I had saved only one network and that is mine and my Neighbor has his passworded. I am going to talk to him more today but, still this is really weird guys. Just looking for any shots in the Dark.

Thanks Guys. Yeah, it's their connection not the Router. I have to Thank Them for a Router OverNight. Except their service still sucks. That Supervisor Ken his ass never called me back. You guys were better Tech Support than Verizon. Live Free Or Die From A Shitty Ass ISP!

Thanks for your reply and yes it does Radu. There is another interesting symptom that the Router sometimes maintains it's settings after it is reset with the reset button. It also is unresponsive when Verizon tried to reset it from their end this is after they have replaced the ONT. I asked for a SECOND replacement router. iF THE PROBLEM STILL IS THE SAME IT'S TIME TO LEAVE VERIZON.

I just called and demanded to speak to a Verizon Supervisor OMFG they are like freaking Nazis. I can not see your Devices do you have one on your network now? Then it goes none of your devices are pingable is it a wireless problem? Then I told him the whole thing was both wired and wireless. I think it's time to leave Verizon. He told me that Verizon is the Superior Premium product. I told him what's the point of paying a premium price for a premium product that does not work!

I tried everything and nothing came up. This is what I am talking about when I talk about unusual behavior. I am going to burn Blacklight to CD since as I mention in this Video the USB stick did not take. My brother has an A plus certification from a long time ago. He was just like do a clean install make sure your Anti-Virus is up to date and do a comprehensive scan. He told me to get CLAM X AV. I love my Brother but, I do not know. I do not know anymore. This problem is pretty recent. This is what I am talking about with the two firewalls/VPN devices. I am sorry the Video is so long and of such poor quality. Here is the link from YouTube http://youtu.be/M8F1VyZRcrQ Thank You All So Very Much in Advance. I really appreciate any feedback you can give me. :)

One of the machines has Avast on it. I am doing this now. Once again Thank You for all your advice. I will post my results of your advice. I hope this works out.

Thanks Mr.Protocol I have been able to get a negative on the Mac for the Flashback and the Easyclean comes up clean. The weirdest thing is the Blacklight comes up as permissions issue in Windows? It says this needs to be installed as Admin in Windows. I have installed windows clean and the only account I have on each laptop is an Admin account. Just curious if you know of a work around if there are permissions issues for an install on windows 7 premium accounts?

Thanks so much for your replies in the detail and all the great suggestions. I will try them all and report back on how effective they were. I really hope they fix something. In the questions further well the Verizon Actiontec router despite hard resets with the button in the back. The router becomes unresponsive at times. Even now that I have called Verizon. I have gotten up to the point of starting a tech support case with Verizon. I suspect that the infection is the router because no matter how many resets or how long with out power. The Routers logs stay intact all the way till April. It has never been like this before. When ever I used to reset those routers it would always be a clean reset. Thanks once again for all the suggestions. I am trying them today and I will report back :). You guys are the best.

I never said I got the virus from Hak 5 . I have done 35 pass erase on both Macintosh Hard Drives. I have reinstalled their OS twice it seems as soon as they reconnect to the internet they immediately change behavior. The laptop is slower. The other indication is when running Applejack. Applejack is a single user command line interface utility for macs. When I would run it in the past the VRAM and all the Cache. Files would need to rebuilt. In addition all network settings would have to be reconfigured. This is not the case. All the networks are in the computers memory despite running Applejack and resetting the PRAM for you MAC users out there. This is brand new highly erratic behavior and I have had Macs for over 14 years. The same occurs on my G4 tower. In addition despite a perfectly clean install of windows the laptop within turning back on goes right back into it's unusual opening programs. Freezing and these are two brand new toshibas. This is impossible for all five machines to have the same problem. That is why I am please asking for help in recommendations for a network root kit for the Verizon FIOS modem. Please help me with a suggestion.