Logs/Security Questions

[Emonroe]

My most recent paranoia is being hacked and having things dumped onto my hard drive that I do not know is there. I was misdirected to an illegal site and after reporting it to the authorities I did the standard virus checks and found my computer littered with trojans and keyloggers. I freaked, pulled the HDD (It had been making grinding sounds for months and I meant to replace it, figured this was as good a time as any) and stuck a new one in there.

Now, a month and a half later, I've calmed down a bit but am still deeply paranoid about hackers. I have a D-Link DGL-4100 wired router with the SPI/NAT firewalls up and running and UPnP disabled and all of that for my hardware firewall and Comodo v.3 for my software firewall. According to ShieldsUp! I am completely stealthed with Comodo turned on and turned off.

1.) Can a person hack a wired connection with both hardware and software firewalls up and running? I'm assuming the person who ran the site I was misdirected to has my MAC address, can they hack me based on that alone? I've changed IP Addresses many times since then due to DHCP.

Also, I am including a few logs. I followed Julio's 15 steps to spyware and virus removal and just want to have a HJT log read by an expert and see if anything shows up.

Thanks for the help!

 

[DelJo63]

1.) Can a person hack a wired connection with both hardware and software firewalls up and running? I'm assuming the person who ran the site I was misdirected to has my MAC address, can they hack me based on that alone? I've changed IP Addresses many times since then due to DHCP.

Good question.

First, security is a Layered proposition; no silver bullet here

Second, it is possible to breach a firewall and gain access to your LAN systems,
and MAC addresses are a partial key to doing this. It is uncommon and takes
a very knowledgeable programmer to make the attack. Your firewall will defend
against these as this is unsolicited inputs from the outside world.
An example of this would be in your firewall log as a port scan or new inbound traffic

Thrid, after all that is operational, the biggest backdoor into your system is - - - the USER!
Every email you open or URL you click invites data into your system.
Every click presents a risk *IF* you have enough security, most of the bad
stuff will get discarded -- but not 100% of it.

btw: get this host file:http://www.mvps.org/winhelp2002/hosts.htm

Read/research on email scams and phishing attacks.

Learn WHY P2P programs are dangerous (eg Limewire and *Torents).

 

[Emonroe]

I am a bit curious as to how a hacker might gain access to my computer when all of my ports are closed and stealthed. I mean even if they have my computer/modem's MAC address how would they know I even have that computer connected to the internet?

I will read up on this hostfile thing, it seems very helpful...

 

[DelJo63]

I am a bit curious as to how a hacker might gain access to my computer when all of my ports are closed and stealthed. I mean even if they have my computer/modem's MAC address how would they know I even have that computer connected to the internet?

I will read up on this hostfile thing, it seems very helpful...

These are separate issues. Hostfile (as built by the cited reference) is a blacklist
of IP addresses to NEVER allow access.

re Mac and stealth: true enough for a first time access. However, if I have
your MAC, it is possible to get packets thru the router to at least the firewall.

I'll not take this any further -- you seem to have a good grasp of the issues and tools
sufficient to protect you