Hacker controlling service accounts, DCOM, networking

JesseL

I Recently came across a intruder in my system, They have taken over service accounts and I can't seem to figure out how to get them out. Is there anyone advanced at getting hackers out of their systyem?

Flexx

https://community.bitdefender.com/en/discussion/103600/hacker-controlling-service-accounts-dcom-networking

Kindly check the steps stated below to see if they help.

• Disconnect from the internet (unplug Ethernet or disable Wi-Fi) to prevent unauthorized access.
• Open Run (Win + R), type compmgmt.msc, and press Enter to open Computer Management. Navigate to Local Users and Groups → Users and remove any suspicious users.
• Open Task Manager (Ctrl + Shift + Esc) and terminate any unknown or suspicious processes.
• Reset DCOM permissions if needed (Use with caution): https://www.pdq.com/blog/remote-administration-quick-dcom-security-reset/
• Scan for malware using:
  • Bitdefender Rescue Environment: https://www.bitdefender.com/consumer/support/answer/29132/
  • ESET Online Scanner: https://www.eset.com/in/home/online-scanner/
• Change all passwords, including email, banking, and system logins.
• Disable Remote Desktop Protocol (RDP): https://www.minitool.com/news/disable-remote-desktop.html
• Monitor system activity in Event Viewer (Win + R), type eventvwr, and press Enter to open Event Viewer. Navigate to Windows Logs → Security and check for unusual activity.
• Backup important data to an external drive or cloud storage.

These steps will help secure your system and prevent further threats.

Regards