I have been hacked and tracked and logged and display duplicated and watched and such

Deb_14

Commendable
Jan 27, 2017
2
0
1,510
0
\Device\KsecDD
is just one of the many odd processes I came across trying to end task's and remove the programs and software that keeps getting remotely installed and controlled without my knowledge or permission. I have disabled all remote access I can find and I know there are still open ports listening and connecting and causing havoc galore I have manually worked for weeks trying to stop each process, task, file, net connection, open port I don't use, looked closely at every process and thing running turning things off and making firewall rules and I am still not safe or secure. I have attempted to disable/stop all upd ports and so much more it would take days to type. what can I do to make this stop.
Few more examples:

C:\Windows\System32\en-US\svchost.exe.mui

\BaseNamedObjects\FontCachePort
 

Shaun o

Distinguished
For most files that are set to run or duplicate a process or exe every time the system is started or loaded.
They will be hidden in a folder called C:\Users\Default\AppData\Roaming.

This folder by default is hidden or set not to show.

So you must select within windows the option to show all files and folder.
first of all.

Once you have done this.
You will need to restart your system and choose the option to load windows in safe mode.
Once windows has loaded into safe mode.

You will then need to click on your search bar and Type: MSconfig.

When the new window opens. click on the startup tab.

Now comes the bit to look for, any program set to run that has a odd looking name, or does not have a company name listed such as Microsoft, Asus, Apple ect, and so on is likely to be either a bit of malicious software, or one that executes at start up clones it`s self, then changes the name of the exe file slightly. in case the main exe is deleted as a back to run it again.

Looking to the right will tell you the destination of the exe file being executed.
Simply follow that path,most of all if it resides in the path location, or once of the sub folders of Roaming.
It will be the rouge file that keeps running no matter how many times you try to delete it in windows while running in normal windows mode, other than safe mode Deb_14.

Before you follow the instructions above you should download mall-ware bytes, and any anti virus software.
And install it while in normal windows mode for both programs.

Then running both of the programs only when windows is loaded into safe mode.
This prevents the malicious file from loading and producing a backup or a copy of the infection.
Since the exe file is not run in safe mode of windows, ornly in normal loading of windows.

And how you eradicate programs that always seen to come back even though you though you have deleted the main file or infection causing it to still be there the next time you start windows.
 

Deb_14

Commendable
Jan 27, 2017
2
0
1,510
0
I know ultimately that is the only answer or final one anyway, but I just hate the thought of the fight trying to back up the things I need saved to an external of some sort because thats what is stopping me from formatting and reinstalling I have had three i7 laptops ruined by this. i have been attempting to back up the hard drives since I noticed this problem and now one ssd hd is completely dead( the most important drive of course) and the laptop I use at wok with all my programs I need to use at work has been wiped and now I am limping along on a core 2 all in one desktop which has already been hacked and destroyed three times in the last two weeks but somehow I keep being able to check every so often and as soon as I see anything happening I am not doing I shut down so this one has been able to still work but half the time no internet. the router is where the weak spot is and when I take that one down and put up another one it takes longer for them to find me but the second the first router ever gets power bam there they are again clicking their way to destruction.

Oh yeah how could I forget they also got a cell phone all hacked up and a tablet pc from motion computing company that now wont turn on at all, not with power cord or battery. so total loss is 5 hard drives three laptops, three routers, and a 1tb external, galaxy note 3, and two other android phones as well as 4 tablets. and the real kicker is that my other half has been yelling at me saying I broke them all and must have messed up and that I am silly for thinking someone wants to hack me well come to find out I was working on his pc and the problems he has been having are the same he just doesn't have photos or documents or anything that even matters. by the way I have not told him yet I am saving that one for a rainy day.call me crazy will ya.
 

Phillip Corcoran

Splendid
Moderator
Well you're doing something wrong, perhaps you installed a rubbish firewall or just relied on the inadequate one built in to Windows.

I have never been hacked in 15 years, but tracking is a fact of life, you leave tracks all over the web.
 

Shaun o

Distinguished
For most files that are set to run or duplicate a process or exe every time the system is started or loaded.
They will be hidden in a folder called C:\Users\Default\AppData\Roaming.

This folder by default is hidden or set not to show.

So you must select within windows the option to show all files and folder.
first of all.

Once you have done this.
You will need to restart your system and choose the option to load windows in safe mode.
Once windows has loaded into safe mode.

You will then need to click on your search bar and Type: MSconfig.

When the new window opens. click on the startup tab.

Now comes the bit to look for, any program set to run that has a odd looking name, or does not have a company name listed such as Microsoft, Asus, Apple ect, and so on is likely to be either a bit of malicious software, or one that executes at start up clones it`s self, then changes the name of the exe file slightly. in case the main exe is deleted as a back to run it again.

Looking to the right will tell you the destination of the exe file being executed.
Simply follow that path,most of all if it resides in the path location, or once of the sub folders of Roaming.
It will be the rouge file that keeps running no matter how many times you try to delete it in windows while running in normal windows mode, other than safe mode Deb_14.

Before you follow the instructions above you should download mall-ware bytes, and any anti virus software.
And install it while in normal windows mode for both programs.

Then running both of the programs only when windows is loaded into safe mode.
This prevents the malicious file from loading and producing a backup or a copy of the infection.
Since the exe file is not run in safe mode of windows, ornly in normal loading of windows.

And how you eradicate programs that always seen to come back even though you though you have deleted the main file or infection causing it to still be there the next time you start windows.
 
Thread starter Similar threads Forum Replies Date
M Antivirus / Security / Privacy 0
Mike Mason Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 1
H Antivirus / Security / Privacy 10
N Antivirus / Security / Privacy 19
1 Antivirus / Security / Privacy 1
T Antivirus / Security / Privacy 2
D Antivirus / Security / Privacy 2
D Antivirus / Security / Privacy 3
F Antivirus / Security / Privacy 4
verndewd Antivirus / Security / Privacy 7
eman2002826 Antivirus / Security / Privacy 5
T Antivirus / Security / Privacy 4
K Antivirus / Security / Privacy 5
B Antivirus / Security / Privacy 8
M Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 1
V Antivirus / Security / Privacy 6
K Antivirus / Security / Privacy 1
X Antivirus / Security / Privacy 3

ASK THE COMMUNITY