I'm not only after removing this crap. I'm after destroying who ever did this.

Some evil man from Russia or Luxemburgian trying to desperately hack me in and out. I need some rapid help. I truly beg your pardon if my post seems a bit brisk or arroggant but I'm in a hurry. I'm also sorry for any spelling mistakes:


1. Svchost is under attack, it has been infected by some backdoor virus.
Called a "Backdoor.Paproxy."
It is obviously a fake as the real one is in Sys32 and this one in Sys32/drivers
Still it cannot be removed. When I start deleting Svchost files and even hit it without hitting the main fail which causes an automatic shutdown within 60 sec the computer laggs like mad.
Basicly, if one tries to remove it manualy it says "Process is being used" and even getting the "properties" tab up takes some time. If one tries to shut it down then one cann't click on it. I'm looking into trying to remove it with Hijackthis. More on how this goes, but I dare not remove it yet, for reasons I will explain soon.


2. I'm getting spammed by so three digit viruses (for example 702, etc etc) they seem to be created by something called: mmmcficf.dll or the svchost itself. Any extra information on this would be MIGHTY appreciated.

3. I was infected by a so called "hacktool. Rootkit". Exacly how worried should I be? I had just formated my comp a couple of weeks ago and had not bothered installing my usual security measures. Could my credit card have been hijacked despite having a hardware firewall? - This file was/is called: Ksi32sk.sys (The only info I can find about it is from Russian sites).

I am currently keeping everything in chess with a firewall but I also need a good program that checks if files are being created without my knowledge. I knew one that was very good...Spy~checker? Can someone inform me of a good one.



Now to my main problem. I have some good friends, I can't just call them now in the midst of christmas celebrations and what ever. (afterpartys). Tho I've talked to them a bit. I also have minor knowledge of hacking myself. Now I need to route out the ****er who did this to me so that I can report him to the police. I don't quite count on the Luxemburgian.

I've discovered that his connection is being routed through this ISP:
REMOVED URL
His or the servers IP is the following and the port he is using:
REMOVED (USELESS) IP

What more information or PROOF do I need to provide to the ISP to be bound by LAW to give me the information about the host?

Thank you. I'm still keeping many files quarantied so that IC an root out more info.

If this forum is busy, please I beg of you, forward me to a forum you trust and that is skilled enough to help me.

Thank you for your time. :major

 

Oh no, I didn't format because of that. It's healthy to formate some times.
The viruses listed in 1-2 are / were still in the computer. They are now disabled/quarantied if needed for future evidence.

That's what I'm worried about to. Oh well, if that's the case then it'll help the guy!

The credit card seems to be safe.
I just know that he could've obtained the information since the Ksi32sk.sys virus was a remote control virus. The one I can't find any information about. And yes it was extremely stupid not to install anything more than Windows Firewall and a hardware firewall but I've learned from my mistakes now. I was in a bit of a stressy time back then. My windows isn't up to date because I don't fully trust all those Security Packs being installed. I try to pick the updates that I feel confident with and I'll look further into it.


I'm curious on two things tho.
The IP, why do you think that it was useless, please email me.
According to some tools I used it both found a host and a ISP. I'm just worried as you that it could be an innocent person being abused by the same backdoor proxy as I was.

Secondly, do you know how its possible that the second IP connecting to the compromised file was of a provider in Ukraina but according to a service the host was situated in the UK.

That was quite confusing. Is this possible or not do you think?



Oh and the revenge idea...Well, I've never gone after someone in the past but I don't feel comfortable with someone not only trying to steal stuff from me or spam me or destroy files in my computer but actually trying to remote control it. Any responsible citizen should at least try to fight back.