[kazlett]

I have four computers; three running vista ultimate w/ 4gb ram, and the other, a crappy old windows millenium from 2k. I have noticed about 7 years ago that someone was constantly trying to access my millenium pc, and created a new user account. My virus scanner found nothing (CA eTrust), but I did. There was some sort of AOLservice dialer installed, even though my pc was not connected to a phone modem. I just thought it was a trojan, deleted it, scanned, found the viruses, and forgot about the whole incident, except for the fact that a person was trying to access my pc every 5 minutes with upd floods and many other techniques. About 4 years ago, I got a XP MCE 2005 (in 2004) HP m7160n PC, and had no issues for about a week. I kept finding remote access protocols trying to be broken and upd and ping floods about every 5 seconds. It eventually led to the destruction of my hard drive and all my files, which had to be sent back to HP and Seagate to be fixed. I was really p'd off when they told me they couldn't recover my data, even though I was using an experimental version of Windows Shadow Copy and DPE services. 500gb down the drain. I got it back and it happened again, of course. When I got my Toshiba Qosmio Laptop, I recieved absolutely no problems. Then we switched to Verizon FiOS. (Not to say FiOS is bad, because it rocks) The day we switched, I noticed 5000 attempts to connect to my router per second for the nearly 10 minutes we had it. Literaly! Of course, there was one good attempt, in which the hacker switched all the passwords and disabled wireless access, and even activated a downlink to my home network that caused the problem I have today. The "hidden" user account was there. 3 weeks ago, I bought a new HP Media Center PC w/ Vista Ultimate. I noticed that same account being made. The name of all the accounts were the same. Could it be that the same person or "thing" has been trying to hack my pcs for 7 years, destroying 1 hard drive at a time? The account was "Mcx1" (without the quotes). They all have been only edited once; when they were created. Thay contain nothing, have no attributes, and even don't show up unless i'm diwnloading something from the web. Anybody know what this could mean? Any help would be greatly appreciated!
-Update: My laptop lost it's ability to connect to wireless networks. It has an Intel Pro Wireless A/B/G/N card.

[Krlll]

Wow!
I dont know what to tell you.It does sound like someone really has it in for you,or possibly you are transferring infected files from one PC to another?
Maybe it would help if you spent extra money on a router with a strong hardware firewall?

[kazlett]

I have an Actiontec MI424WR, Dlink DI624+, and Dlink Wireless G+ Router that are all connected over the home power supply with a Dlink DHP-301. I firewalled them all using their built in firewalls, changed the passwords and usernames after resetting them, and disabled DHCP and router access (both wired and wireless) unless you are logged on to the correct router. Yet, the hacker still seems to gain access. I tried removing the remote access backdoors in Vista, tried BitLocking all my drives with a usb key, even tried complete inbound lockdown on all pcs, but all fails, and i'm tired and angry at those b-tards who keep trying to f-ing access my pc. Thanks for posting though. I swear, once I find them, I'm going to hunt them down and kill them. (sorry for the language and threats) (not sure of the posting rules) As always all help is, and would be greatly appreciated.

[kazlett]

Well, well what do we have here? Mmmmmmmmmmmmmm... I wonder what this is? OMG WTH is Viewpoint???????? Interesting... check my reply at http://www.thecomputerforums.co.uk/f...41/index2.html and don't go to s1.bitefight.org ever! Just trust me.

[evilfantasy]

Do you have an Xbox hooked into the computer(s)?

Download and rename HijackThis (HJT)

• Double-click on HJTInstall.
• Click on the Install button.
• It will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe.
• Upon install, HijackThis should open for you.
  • Close HijackThis and rename it.
  • Go to C:\Program Files\Trend Micro\HijackThis.exe
  • Right click on HijackThis.exe and select Rename.
  • Type in sniper.exe and press Enter.
  • Right-click on sniper.exe and select Send To > Desktop (create shortcut)
• From the desktop open HiackThis.
• If using Windows Vista, be sure to Run As Administrator
• Click on the Do a system scan and save a log file button
• HijackThis will scan and then a log will open in notepad.
• Copy and then paste the log in your post.
  • Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Even though we have renamed HijackThis to sniper, we will still refer to it as HijackThis or HJT.

Post the Hijackthis log and I will have a look.