My network has been hacked and i dont know what to do??????
This is my first post ever, i've been reading them for years and they have helped me figure out many problems i've had, but this time i really do need help.
Basically my problem is that my network is being hacked into, i know this because my network meter was showing an abnormally large amount of data being uploaded, so i turned of all my file sharing options that i was using between my computers i applied the changes and then went back to look and they had been turned on again so i did it again and again and it kept turning its self on again so i ran "netstat -a" in command prompt and found two IP addresses that i did not recognize (one was registered from Cyprus and the other from India) so i blocked these in my firewall (kaspersky internet security 2011) this seemed to work as the uploading looked normal again but later on that day i had restarted my computer and when it booted up again i could not connect to my network, eventually it connected and said that the network was unsecured. I deleted the network profile when i set it up again and did not need to put my 26 character WPA TKIP key in, so i did a bit of research and ended up changing my key to a 63 character WPA 2 AES key i assumed this would make the task of hacking my network a lot more difficult and it did seem to work for about 24 hours then it was all happening again, i blocked another new IP (this time from the U.S.A.) and changed my key again to buy myself some time to post this and hopefully find an answer.
Now i have used certain P2P Programs (all uninstalled now) on my computer and am normally pretty careful but a laps in judgment and a bit of curiosity lead me to get an OS buy DARECKIBMW and even more foolish of me to think that because it "looked" right and worked that it was ok, so i connected it to the network and so it all began... I realized what it might be so i scanned the OS with kaspersky and malwarebytes, and they removed quite a lot. but after some digging i found a file called "VISTA DRIVE.exe" (neither of the programs found it) after googling this i still don't know exactly what it does but i know its not good. I reformatted this computer its running ok now but is not connected to any network. However my windows 7 and my mum's Vista computer were both on the network at the time.
So my questions would be, What can i do? Can i change my IP? Is there likely to be some sort of file hiding on one or both of the computers that would help someone get in?(I don't mind reformatting them if i have to but would like to know that this would actually help) or is this something else entirely and is there something better than "netstat" to monitor devices on my network?
I would say that i have a pretty good understanding of windows but am really not so good with the more complex parts of networking and internet security so any help or advice that anyone could offer would be greatly appreciated and thank-you for taking the time to read this.
My ISP is Orange Fr (i am living in France)
My router is a sagem mini 2 livebox
It seems you don't have a problem with hacking your router from wireless side. If you are using WPA 2 AES it is very safe security method especially if you are using 63 characters password that is combination of random characters that include at least 2 special symbols.
It seems your problem is attacks from the internet from the wire (DSL or cable). The answer for your problem is to disable all the traffic from the internet to your wireless network on TCP ports you have notice attacks “netstat -a” pn your Sagem router. I guess this ports are not standard (they are bigger than 1024).