I have AT&T UVerse in the Chicagoland area.
Taking a look at my router logs, there's some strange entries that seem out of place, but not really sure. Here's a sample from the Event Log, with 75.XX.XXX.XX as my modem:
INF 2014-01-11T23:43:45-06:00 fw,fwmon src=XX.XX.XXX.XX dst=212.83.152.146 ipprot=1 icmp_type=3 icmp_code=3 ICMP Dest Unreachable, session terminated
INF 2014-01-11T23:43:55-06:00 fw,fwmon src=183.83.124.105 dst=75.XX.XXX.XX ipprot=6 sport=2725 dport=445 MS DS Dropped
INF 2014-01-11T23:43:58-06:00 Previous log entry repeated 1 times
INF 2014-01-11T23:49:43-06:00 fw,fwmon src=190.128.49.86 dst=75.XX.XXX.XX ipprot=6 sport=4173 dport=445 MS DS Dropped
INF 2014-01-11T23:49:46-06:00 Previous log entry repeated 1 times
INF 2014-01-12T00:10:29-06:00 fw,fwmon src=201.46.147.204 dst=75.XX.XXX.xx ipprot=6 sport=3627 dport=445 MS DS Dropped
INF 2014-01-12T00:10:32-06:00 Previous log entry repeated 1 times
INF 2014-01-12T00:20:14-06:00 fw,fwmon src=200.113.108.251 dst=75.XX.XXX.XX ipprot=6 sport=4445 dport=445 MS DS Dropped
INF 2014-01-12T00:20:17-06:00 Previous log entry repeated 1 times
INF 2014-01-12T00:27:56-06:00 fw,fwmon src=95.46.68.227 dst=75.XX.XXX.XX ipprot=6 sport=2105 dport=445 MS DS Dropped
INF 2014-01-12T01:04:41-06:00 fw,fwmon src=75.XX.XXX.XX dst=202.73.37.36 ipprot=1 icmp_type=3 icmp_code=3 ICMP Dest Unreachable, session terminated
I'm concerned about those IPs from Columbia, Chile, etc. For a two day time period, there's pages of this. I guess I don't know how to tell if I've been compromised.
Seems like the modem firewall is up, and machines are running Windows Defender.
Posts
All the rest looks like someone's trying to get access to some vulnerability in your router. For the most part everyone who's connected to the internet ever gets hit with these scans daily.
This is after several fresh wipes, both in keeping the stock OEM install and removing unwatned programs. So just completely at a loss as to how I infected/broke this new machine. Will be calling IBM, but wanted to have some idea what was going on.