Tried many times to download and run your CSC and gave up. Was looking for a document, opened hidden files and found your report. Says it was on my desktop but guarantee you, it was not…until I moved it.
Thought I had cut off hijacker but after reading your report, obviously still have a huge problem…since it starts off by saying I’m only a “limited user” without privileges. I’m the ONLY user of MY computer that paid for the privilege. Your report also said my system wasn’t updated. I force updates everyday!
Knew he/she was somehow connected to my all-in-one web printer and switched it out last week for an old printer. Can’t uninstall the web printer but have TRIED. Still hacker activity stopped, I thought, when I changed printers…for whatever reason I don’t know.
Anyway, I’m sending your report. Please see if you can track down my problem…still a hijacker? configurations? I have been dealing with this same intruder for over 4 years through 5 computers and have paid out so much its’ embarrassing. I just need a computer! I don’t network, use messenger, chat (except with Dell, Microsoft, etc.) and certainly don’t share my resources - on purpose.
This computer just went through 2 more complete wipe downs and a recovery on 2/29. I’m supposed to be the Administrator. Thank you for any help and information you can offer.
The psc-exam.txt file is very accurate, so it means that you are using a guest ( limited ) account, not the administrator one, so you have limited control over your system. There are a lot of reasons for this to happen…could be outside hacking, virus, incorrect windows installation setup regarding the user accounts etc. CSC just “saw” your account type, it has nothing to do with this, you must find a way to use an administrator account on that computer on your own.
My lack of privileges explains why I cannot download cleaners and run scans. There is a lot of history behind this one finding. I had a new XP in 2005 when I was first hijacked and lost all control of that computer to a VPN by a “Built-In Adminisrtrator” under Group Policy. The same hijacker has targeted me everyday since with the same method - through 4 more computers, 3 different ISP’s, several new dsl modems, numerous changes in passwords and IP addresses, countless wipedowns and recoveries and just about every firewall and anti-virus program available.
It always starts within 2 weeks after a recovery the same way on my Event Manager: “Attempted Logon with Explicit Credentials” and follows soon after with “Successful Secondary Logon with Explicit Credentials”. Since I am the only person sitting at my desktop Vista and was not logging on at the times reported, I can only assume someone has some type of credentials enabling a logon to my computer. I have wondered if it is a Smart Card (I don’t use one) because that folder is sometimes open but I know little about them. I also see items called “roaming or undocked profiles” and changes in my drivers.
From these first “events”, I lose control of my computer. This time, my recovery was on 2/29/09 and I noticed changes on 3/3. We did a second wipedown and recovery on 3/6 and put Comodo and avast back on; however, I believe their configurations have been altered. Your CSC Report includes numerous files or folders that your scanner could not open - and I have NOT encrypted anything. Avast found 594 temporary internet files that have been passcoded and archived - and cannot be removed. I cannot even submit them for analysis.
NOW, HOW DO I ‘FIND A WAY TO USE AN ADMINISTRATOR ACCOUNT’? I established my account as the Administrator during setup and my computer still identifies me as the Administrator… but I can still find evidence (in safe mode) there is a “Built-in Administrator” account. More recoveries are senseless unless I can determine HOW the takeovers occur. All that Dell, HP, Microsoft, etc., want to do is recoveries. I understand I’ll need to do another one but this time I want to know how NOT to get back into this situation before I do that.
Your report told you what I already know but can’t fix. I still need help and will gratefully accept all that you and your members can provide. Where do I start? What do I do?