Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RE: User that doesn't belong here


  • Please log in to reply
3 replies to this topic

#1 Katnea

Katnea

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:05 PM

Posted 25 July 2016 - 01:30 PM

Hey guys,

 

I ran across an older article that's called, "User that doesn't belong here".  And I actually thought I had found the answer I needed. For I too was seeing the same 'Unknown User (S-1-5-32-551) account that was listed under 'Security' tab within my repository file. Yup, not only did I find the so-called 'normal' SID code, but I also found an 'Unknown User (S-1-5-332-551) account that had an extra number 3 added into the mix? However, when I went back to the repository file to take a screen-shot of the extra number '3' - POOF it was gone?! I can also tell you that my PC is not acting as it should.  It's sluggish and takes forever to reboot.  (Btw-  My 1.5 TB of HD memory is only half full  and I also have 12 GB of RAM) Truly, any help with this weird extra number (that has since disappeared) would be very much appreciated.   = / 


Edited by Chris Cosgrove, 28 July 2016 - 04:50 PM.
Moved from Win 7 to 'Am I infected?'


BC AdBot (Login to Remove)

 


#2 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:04:05 AM

Posted 25 July 2016 - 05:41 PM

First of all - welcome to BC !

 

Make and model of computer and OS version ?  If it's a self-built then mobo, RAM and CPU and OS version. Or else everybody is whistling in the dark !

 

Chris Cosgrove



#3 Katnea

Katnea
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:05 PM

Posted 28 July 2016 - 06:33 AM

Chris, Thank-you for getting back with me insofar as telling me what steps I needed to take before you are able to help. Btw- I have to tell you (much to my chagrin) that I had a somewhat difficult time insofar as filling in the computer parts questioner. (Especially the 'motherboard' and 'case' info.) And yes, I've also decided to go ahead and supply you with all of my computer info as well. It's my way of vagueness prevention on my part. (Grin)

 

Anyway, with regards to the 'weird code number disappearance' I found, I also decided to run the disappearance event by 'Bitdefender' as well. Bitdefender ran a malware check (begrudgingly) which did turn out negative. But here's the thing, ever since I had Bitdefender perform a yearly PC optimization on my PC, (05/25/16) my computer has not acted right. (As in being sluggish and taking forever to boot.)  I can also tell you that a few days after the optimization, the 'TeamViewer' program opened itself up around 4:30AM!  And that as soon as TeamViewer appeared outta the blue on my desktop, my computer could hardly function correctly. It was as if glue was dumped into my machine. (Sigh) So I ran a full virus scan, and I also checked to see if someone was trying to log into my windows account as well? I found 3 IP address belonging to someone from the, UK, Australia, and Bitola, Macedonia. (Former Yugoslav Republic) I also found that an incorrect password was entered as well. Next I started having problems with Bitdefender's 'Autopilot' being turned off, and nor was I able to download any Windows updates as well. I even found that the performance logs and task scheduler had been disabled?!  I again called Bitdefender to report what was going on and they in turn told me to run their usual scan file and that they would get back with me within 48 hr. I then asked the Bitdefender tech if they were aware that 'TeamViewer' was hacked? And that around the same time of the hack, Bitdefender had also installed the 'TeamViewer' program into my machine? Of course Bitdefender downplayed the 'TeamViewer' hack. They also downplayed the possibility that my computer may have been compromised as well. Furthermore, I was also told that I had absolutely nothing to worry about since Bitdefender's-full-system-scan reported my computer was virus free. Well, even so, I still changed my PW's nonetheless.  I would also like to add that I have been a Bitdefender customer over 5 years now and that this is the first time that I've even needed to contact Bitdefender more then once a year.

 

Lastly, right after submitting my problem to you guys and just before calling Bitdefender... I began more research regarding the TeamViewer hack. I ran across this article called: http://www.makeuseof.com/tag/teamviewer-hack-everything-need-know/

And yes, I found the handy lil https://haveibeenpwned.com/   link within the article as well. Yup, I wasn't surprised to learn that I too had made the comprised list. (My breach was listed via the Adobe reader btw)   Looks like I have a lot more research to do on this topic. The good news is that I found several links regarding this topic via the BleepingComputer website. Yup, I seriously Thank God for all the BleepingComputer people who take the time to offer their knowledge and support to anyone in need. ♥

 

Take care,

Kath

 

PS: Oh and please don't post my personal response to you.  I'm pretty sure you wont but I had to ask nonetheless.  ; )  

 

 

 

OS = Windows 7 Home Premium (64-bit)

Computer = ACPI x 64-based PC - HP Pavilion HPE (Tower)

CPU = Intel ® Core ™ i7-2600 CPU @ 3.40 GHz

Motherboard= h8- 1070t

Ram= 12GB DDR3- 1333MHz SDRAM (3DIMMs)

Storage= 1.5TB 7200 rpm SATA 3Gb/s hard drive

Video Card= Nvidia 1GB DDR5 GeForce GTX 550 Ti (2DVI, mini-HDMI

Soundcard= Beats - Integrated studio quality sound

Power= Supply 600W

Case= ATX

 

 



#4 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 6,219 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:04:05 AM

Posted 28 July 2016 - 04:49 PM

I am moving this over to the 'Am I infected ?' section of BC.

 

Chris Cosgrove






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users