MP!
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Hacker
in Malwarebytes for Windows Support Forum
Posted
He guys,
Since a week now i have been struggling with a root kit. I have done multiple scans with nod32 and malwarebytes.
In these past few days i have removed over 100 threats, but it doesn't resolve my problem. If i would scan right now, malwarebytes nor nod32 would find anything.
I have 2 ip addresses from the guy that attack me:
212.117.177.13 (svchost.exe, port: 53731, Type: outgoing)
91.193.194.138 (firefox.exe, port: 53721, Type: outgoing)
I get these from malwarebytes.
Yesterday i looked with 'net user' and found out that there was a user called 'elephant' i deleted his account.
I think it is completely gone. But when i looked in event viewer i found these users:
ANONYMOUS LOGON
Authenticated users
BATCH
CONSOLE LOGON
CREATOR GROUP
CREATOR OWNER
DIALUP
There are a few more!
But for example, when i look at the users who have right on mine WINDOWS map i see this:
CREATOR OWNER: special permissions
SYSTEM: special permissions
TrustedInstaller: List folders contents and special permissions
I can't delete these users nor change there rights.
A few days ago, i wanted to re-install windows 7. But even that doesn't work, my cd drive doesn't recognized the cd.
I really appreciate if you guys want to help me, please ask me if you want more information.
Thanks.
Kind regards,
Mitchell