running wireshark on a rooted device & .Lnk hack or acivex hack

asked 2020-07-19 12:21:09 +0000

Phantomplanet gravatar image

hi, im not very good with this kind of stuff but iv spent a week on whirlpool forums trying to get back control of my devices. the guy who has been helping me told me about this software and told me to run it to see my packet loss. i had finally secured my network, and then started getting attacked remotely from what looks like the businesses around me. now they are back in my network again. i will be replacing hard drives and fresh os after we are done but we did this to find out exactly how it was pulled off and what they used to do across all my devices, cell phones, etc. different locations etc. they found my desktop was rootkitted with hidden .exes to active x. my laptop has a hidden rootkit but we were unable to very deep. the hack they are using changes programs they dont want me to run from .exe to .Lnk . when this happens, all the settings, and features they dont want visable are disabled. so on my version of wireshark its very limited as to what i can monitor. iv tried installing a good copy from jump drive, in safe mode, etc. scanning in cmd using netstat -s -p tcp shows way more, but it only runs for a min and then stops. i was looking for a continual monitor to check as im going. one other question would be offtopic, but im looking for someone i can send these hard drives and phones to that may be able to get in and tell me what was done and how it was done, and possibly who is was done by. i am willing to pay but just suffered a pretty big financial loss, so i cant pay an outrageous amount. any help or pointing me in the right direction would be greatly appreciated.

ill send the link to my wp forum. its missing the last 5 days, because we had to continue in private. the members were getting upset thinking i was trolling them, but it will be updated when we finish.

thank u for your time.

edit retag flag offensive close merge delete


after rereading i dont think my original question was clear. is it possible to run a clean version of this program on a corrupted devise or is that not realist? thank you.

tried to upload a screen shot of what it looked like but it says i needed 60 points. set it as my avatar but its illegible.

Phantomplanet gravatar imagePhantomplanet ( 2020-07-19 12:23:27 +0000 )edit