Hacker controlling service accounts, DCOM, networking

JesseL · 2025-03-21T17:17:43+00:00

There was an error rendering this rich post.

I Recently came across a intruder in my system, They have taken over service accounts and I can't seem to figure out how to get them out. Is there anyone advanced at getting hackers out of their systyem?

Find more posts tagged with

Comments

Flexx

https://community.bitdefender.com/en/discussion/103600/hacker-controlling-service-accounts-dcom-networking

Kindly check the steps stated below to see if they help.

Disconnect from the internet (unplug Ethernet or disable Wi-Fi) to prevent unauthorized access.
Open Run (Win + R), type compmgmt.msc, and press Enter to open Computer Management. Navigate to Local Users and Groups → Users and remove any suspicious users.
Open Task Manager (Ctrl + Shift + Esc) and terminate any unknown or suspicious processes.
Reset DCOM permissions if needed (Use with caution): https://www.pdq.com/blog/remote-administration-quick-dcom-security-reset/
Scan for malware using:
- Bitdefender Rescue Environment: https://www.bitdefender.com/consumer/support/answer/29132/
- ESET Online Scanner: https://www.eset.com/in/home/online-scanner/
Change all passwords, including email, banking, and system logins.
Disable Remote Desktop Protocol (RDP): https://www.minitool.com/news/disable-remote-desktop.html
Monitor system activity in Event Viewer (Win + R), type eventvwr, and press Enter to open Event Viewer. Navigate to Windows Logs → Security and check for unusual activity.
Backup important data to an external drive or cloud storage.

These steps will help secure your system and prevent further threats.

Regards