Windows Support Forum

Hacker Tracker

Q: Hacker Tracker

I have a law office and think my system may have been hacked by a competor or Im just psychotic. Either way thought I'd look into the above question and see what the smart folks thoughts were and at worst maybe kick this old dog of a computer back in gear and make it worth using again. SO assuming I was hacked I tried first to rid the eval bug but evil malware instead - cheap bastard that I am - then I figured hey I'll just learn programing cause I got such a good grade when I took BASIC in 1983 should be no sweat. Fools rush in they say. ANyway had the benefit of at least taking my brain off idle and getting me intrested in something again. Therefore, if theres a Guru out there willing to put me through the paces it'd be appreciated.

Mike

http://www.bleepingcomputer.com/forums/t/300217/hacker-tracker/
Relevancy 100%
Preferred Solution: Hacker Tracker

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevancy 35.26%

Wrote last week about problems with someone hacking my wireless router Quick recap is that I have done everything to block access including WPA and very long random computer generated SSID and passwords character character respectively and still getting the messages from Comcast that stuff was downloaded illegally So I shutoff the radio Today I looked at the router admin log and with the wireless turned off noticed that log entries showing someone accessing the internet I entered serveral of the sites common sites into the quot block entries quot file for the router but below is an example I copied hacker 2 Wireless - part just a few minutes ago site blocked minitri flg from source Friday April Wireless hacker - part 2 site blocked gadgets live com from source Friday April site blocked websearch ask com from source Friday April site blocked asktoolbar weather com from source Friday April site blocked money service msn com from source Friday April site blocked minitri flg from source Friday April Log Cleared Friday April Can anyone explain what is going on I would think that Wireless hacker - part 2 with the radio off there should be no activity showing up on the router log Thanks for any insight nbsp

A:Wireless hacker - part 2

Wow....this is getting stranger by the minute. Another notice from comcast just arrived in my email...for a copyright violation (porn download) that was 3 days after I turned off the wireless radio! Appreciate feedback/comment very much but please assume 1) nobody in my household is doing this and 2) there is only one computer connected via cable through this router/modem combination (I am typing on it now) and this computer was not used to download this material or to try and access the websites listed in the router log I mentioned in previous post. Previousl comment was made that comcast might have my IP address confused with someone else but then how does that explain the router log? Could some ahole be accessing the internet through my wired up computer without sitting at the keyboard?

Notice of Action under the Digital Millennium Copyright Act

Abuse Incident Number: Not Applicable
Report Date/Time: 26 Apr 2012 09:16:58 -04:00


KIM WAGNER
[address removed]
[removed], TN [zip removed]


Dear Comcast High-Speed Internet Subscriber:

Comcast has received a notification by a copyright owner, or its authorized agent, reporting an alleged infringement of one or more copyrighted works made on or over Comcast's High-Speed Internet service (the 'Service'). The copyright owner has identified the Internet Protocol ('IP') address associated with your Service account at the time as the source of the infringing works. The works identified by the copyright owner in its notification are listed below. Comcast reminds you that use of the Service (or any part of the Service) in any manner that constitutes an infringement of any copyrighted work is a violation of Comcast's Acceptable Use Policy and may result in the suspension or termination of your Service account.

If you have any questions regarding this notice, you may direct them to Comcast in writing by sending a letter or e-mail to:

Comcast Customer Security Assurance
Comcast Cable Communications, LLC
1800 Bishops Gate Blvd., 3rd Floor East Wing
Mount Laurel, NJ 08054 U.S.A.
Phone: (888) 565-4329
Fax: (856) 324-2940

For more information regarding Comcast's copyright infringement policy, procedures, and contact information, please read our Acceptable Use Policy by clicking on the Terms of Service link at http://www.comcast.net.

Sincerely,
Comcast Customer Security Assurance

Copyright work(s) identified in the notification of claimed infringement:

Evidence:
Infringement Title: Big *** White Girls
Infringement File Name: Big.***.White.Girls.XXX.DVDRip.XviD-NYMPHO
Infringement Hash: e1e4d31d2a7b653bea75268ada24f02ff42e3242
Infringement File Size: 1468723225 bytes
Infringement Protocol: BitTorrent
Infringement Timestamp: 2012-04-25 23:38:01 North American Eastern Time
Infringers IP Address: 75.64.189.181
Infringers Port: 11387
The following files were included in the download:
File 1: Big.***.White.Girls.XXX.DVDRip.XviD-NYMPHO/CD1/nympho-bawg1.avi
File 2: Big.***.White.Girls.XXX.DVDRip.XviD-NYMPHO/CD2/nympho-bawg2.avi
 

http://www.techspot.com/community/topics/wireless-hacker-part-2.180349/
Relevancy 34.83%

I am a networking novice and hope someone can help I am getting emails from Comcast that porn and other illegal videos are getting downloaded through my router I have talked to Comcast and read on the internet and tried about everything they suggested e g WPA encryption changed network and admin passwords to something random changed SSID name stopped broadcasting SSID setup MAC filter put aluminum foil over antenna turn radio off when not using router Wireless hacker problem it etc Still Wireless router hacker problem getting the emails worried they are smart and determined enough to steal personal info such as banking or K I have read that you can setup router for static IP addresses but haven t tried for fear I will screw it up Also understand computer generated random password of characters could help I am about ready to look into getting second modem and forgetting the wireless router but that doesn t seem like a good option either Can anyone help with a true foolproof solution or send me to someone who can provide one Thanks very much for any advise nbsp

A:Wireless router hacker problem

First thing I'd like to know is who else lives in the home with you? Also, are you sure those e-mails you're receiving are legit? I don't know of any ISP that cares if you browse porn sites.
 

http://www.techspot.com/community/topics/wireless-router-hacker-problem.180094/
Relevancy 33.11%

Calling all experienced I accidently pulled plastic connector off motherboard

I hope someone can help me I have a vaio pgn s580 series and during hardrive replacement the plastic piece that connects to motherboard came completley off exposing the 4 pins or connector contacts I thougt i could just put them back on however i broke the one off completely and Im so bummed is there any way i can work around that i still have plug . or is just smarter to use and external hd or can I use the dvd connection with right adapter. I hate to think that my vaio is toast calling all experience hackers
 

A:Calling all experienced hacker I accidently pulled plastic connector off motherboard

Hi

its not a hacker you need, its a motherboard from ebay....
 

http://www.techspot.com/community/topics/calling-all-experienced-hacker-i-accidently-pulled-plastic-connector-off-motherboard.144777/
Relevancy 41.28%

I've used Excite.com for years but with in the last few days I have noticed that a feature of theirs Stock Tracked is missing! Anyone happen to know if this is permanent?
 

http://www.techspot.com/community/topics/excite-com-stock-tracker-missing.147085/
Relevancy 41.28%

Need help! I have a advantage database program called Manheim tracker 3.097..been working fine until restart on 1/27. Program wouldn"t start up . A ( COMPANY ADT) file error.What is this?Where did it go? Any one fimiliar with this program.?
 

A:Manheim tracker data problem

Does this link help?
Recovery Toolbox
 

http://www.techspot.com/community/topics/manheim-tracker-data-problem.142147/
Relevancy 35.26%

Hey this is a program i made
youtube.com/watch?v=lfIGw2Rmfh8
the link of the program is in the video.
enjoy
 

http://www.techspot.com/community/topics/flash-game-hacker-8-5.96509/
Relevancy 35.69%

Can I use Resource Hacker to open up Notepad.exe and change the Save As... file extention? ie from *.txt to *.html??

Cheers

Oh yeah, How?

Cheers again,
Sam
 

http://www.techspot.com/community/topics/resource-hacker.43183/
Relevancy 35.69%

hello tech mates..

can i delete or it is necessary to shred this things using gutmann or DoD 522.0 Method?

Specs:
Windows 8.1
RAM: 4GB RAM
Processor: Core i5 4th Gen.

Error Encounter: Process Hacker

my self explanatory on this matter:

I don't know the cause of this, i want only to help my cousins. we do not yet deleted this file because we are not sure, for me as i remember those things are not exist when the pc was "SYSTEM RESET" but when we installed Avira anti-virus those things came up as what my cousin told me.

 

A:[Help] Process Hacker?

any help? pls?
 

https://forums.techguy.org/threads/help-process-hacker.1151609/
Relevancy 36.12%

I recently accidently activated sticky keys on my new HP Envy 700-406
 
when i pressed ok it took 10 seconds trying to load something, it went to the ease of acess menu and a voice came up saying "It is recommended to scan this area of your computer"
 
i instantly went and installed malware bytes, but its hyper and threat scan found nothing

A:Possible Hacker?

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:

Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.If you already have MBAM 2.0 installed:On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.How to get logs:(Export log to save as txt)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Export'.Click 'Text file (*.txt)'In the Save File dialog box which appears, click on Desktop.In the File name: box type a name for your scan log.A message box named 'File Saved' should appear stating "Your file has been successfully exported".Click OkAttach that saved log to your next reply.(Copy to clipboard for pasting into forum replies or tickets)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply.Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.Double click on downloaded file. OK self extracting promp... Read more

http://www.bleepingcomputer.com/forums/t/587739/possible-hacker/
Relevancy 35.26%

Hello I know that my computer was hacked and I know who did it my stepson He was trying to get my banking information of created new can't Hacker network get it rid for his Dad who coincidentally tried to kill me last week Ok Hacker created new network can't get rid of it enough for the drama I found when he hacked me and have restored some things but he is still there under other network that he created He his somehow using Adobe Arm and Hacker created new network can't get rid of it not sure how He has created a Created Owner user profile that I cannot delete I am denied permissions mostly when I am trying to get rid of him I know the exact time and date and have the logs that show he turned off a lot of services at that moment including my antivirus protection He installed Spyware Banker Id which I have removed but I can't seem to get rid of him Can you help Here is my DDS log The other log generated shows the time it was hacked I can post it if you need to look at Instructions were not to post Please help This is making me miserable I can't do anything on my computer because everything is being watch My privacy has been invaded and it feels horrible My theory at the moment which could be very wrong is that he has tapped into the hidden administrator account in Windows and password protected it DDS Ver - - - NTFS x Internet Explorer BrowserJavaVersion Run by Charlie at on - - Microsoft Windows Ultimate GMT - AV Norton Security Suite Enabled Updated C D - E -B E-FA - F ECC DB SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF SP Norton Security Suite Enabled Updated E A F - D -B D -C D - F F FW Norton Security Suite Enabled BFC - D-B -D E-C B A Running Processes C Windows system wininit exeC Windows system lsm exeC Windows System spoolsv exeC Program Files Common Files Adobe ARM armsvc exeC Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exeC Windows Microsoft Net Framework v WPF PresentationFontCache exeC Windows system srvany exeC Windows KMService exeC Windows system conhost exec Program Files Microsoft SQL Server MSSQL MSSQL Binn sqlservr exeC Program Files x Norton Security Suite Engine N exeC Windows system locator exec Program Files Microsoft SQL Server Shared sqlbrowser exec Program Files Microsoft SQL Server Shared sqlwriter exeC Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXEC Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exeC Windows system SearchIndexer exeC Program Files Windows Media Player wmpnetwk exeC Windows system taskhost exeC Program Files x Norton Security Suite Engine N exeC Windows system Dwm exeC Windows Explorer EXEC Windows System hkcmd exeC Windows System igfxpers exeC Program Files Realtek Audio HDA RtHDVCpl exeC Program Files iTunes iTunesHelper exeC Program Files Common Files Adobe ARM AdobeARM exeC Program Files Common Files Java Java Update jusched exeC Program Files Zemana AntiLogger Free AntiLogger Free exeC Program Files Microsoft Office Office MSOSYNC EXEC Program Files McAfee Security Scan SSScheduler exeC Program Files iPod bin iPodService exeC Windows system GWX GWX exeC Windows system DllHost exeC Program Files Common Files Microsoft Shared OfficeSoftwareProtectionPlatform OSPPSVC EXEC Program Files Common Files Java Java Update jucheck exeC Windows system prevhost exeC Program Files Windows Media Player wmprph exeC PROGRA MICROS Office OIS EXEC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Windows regedit exeC Windows system wbem wmiprvse exeC Program Files Google Chrome Application chrome exeC Program Files Google Chrome Application chrome exeC Windows system SearchProtocolHost exeC Windows system SearchFilterHost exeC Windo... Read more

A:Hacker created new network can't get rid of it

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/586686 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.FRST Download LinkWhen you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.Double click on the FRST icon and allow it to run. Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button. Notepad will open with the results. Post the new logs as explained in the prep guide. Close the program window, and delete the program from your desktop.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/586686/hacker-created-new-network-cant-get-rid-of-it/
Relevancy 33.54%

I'm not tech savvy so for some time I've noticed a second network and homegroup on my computer with a strange K drive but overlooked it I clicked on it two weeks ago and was shocked to find an exact replica of my c drive along with programs ive never seen or used Visual C tons of remote access and homefeoup Backdoor, Remote is toast??! computer my Acces virus? Help! Hacker, logs Ive never set that up copies of my search history and other seemingly spy-logs I found someone in my shared folders with my login and repeatedly had to close their open folders and session every few seconds minutes or hours even after leaving the network and homegroup I honestly just thought my husband was running is my computer toast??! Remote Acces Hacker, Backdoor, virus? Help! survalience stuff on me and was annoyed Over a few days they took control of my mouse a few times opened windows disabled the external drive I had just plugged in etc One day i watched them set up an internet gateway and deactivate my internet though the connection was still there with a good signal before they removed the security panel of my Computer management console that I was just using I've mostly only been in safe mode since then and I'm at a loss I've downloaded MSE CCcleaner is my computer toast??! Remote Acces Hacker, Backdoor, virus? Help! RougeKiller amp MalwareBytes but the logs history and or exe progeams are being corrupted or removed In searching my c drive Im finding tons of files programs and VITAL exe functions gone Countless files are all over the place in random spots - all files have holes or are chaotically disorganized ie system functions hidden in extremely remote Silverlight files Phishing files are hidden in remote areas Ive found files I cannot access despite repeatedly taking ownership and changing permissions MS config is gone system recocery exes are gone or misplaced much of my control panel is missing or i get permission errors sole-computer owner run as admin my drivers are disabled so i cant upload new anti-malware programs from a USB my registry keys have holes I lost software licenses and as of yesterday I noticed I no longer have the installer exe to re-download those programs Ive also lost the ability to uninstall programs and my command line functions stopped working last night Please tell me there may be some kind of hope Aside from programs and important business files I have like pictures of the last years on this computer with very few backed up elsewhere Computer info Windows Dell XPS

A:is my computer toast??! Remote Acces Hacker, Backdoor, virus? Help!

Please forgive the that first paragraph that doesnt make sense. Im on my phone, couldnt see much of the screen, and apparently deleted a few sentences.
*Cant find the edit post key...if nothing else than to change that bothersome heading typo, LOL!

http://www.bleepingcomputer.com/forums/t/586208/is-my-computer-toast-remote-acces-hacker-backdoor-virus-help/
Relevancy 34.83%

Hi there My computer has recently come under attack by a hacker who has targeted me how or why is unknown to me Here are the details I was on a skype call when my minecraft yes we were playing controlling Hacker camera my hardware & mc randomly shut itself suddenly a japanese song started playing on windows media player entitled tmp tmp and that was when I knew this was something serious I instantly shut the window as I was suprised and my camera control window popped up I didn't realise but the hacker was then able to see my camera later I took the camera off my pc After this happened we were laughing about it on a skype call but as we were speaking the hacker was taking photos of me and after shutting all my windows I opened up notepad and Hacker controlling my camera & hardware typed 'Who are you why are you doing this to me ' the hacker first of all held enter but after that turned the into a After this some very loud sounds hard to describe but horrible were playing and the japanese song a few times After this the hacker started open random files and towards the end opened up tmp jpg which was a snapshot of ME taken just now as I was wearing the same clothes etc after this I was scared and when I said to my microphone 'WHO IS THIS' a random person added me on skype and after that the same person on a different account added me same picture and username etc I know a hacker has access to my computer at the moment it's in safe mode but I don't know where to go what should I do - BrunoTheTiny

A:Hacker controlling my camera & hardware

I'm asking a moderator to move you to the am I infected forum so you can get the help you need to clean your system.
 
Dick

http://www.bleepingcomputer.com/forums/t/564485/hacker-controlling-my-camera-hardware/
Relevancy 34.83%

Hello virus possible? is hamachi router, hacker, in this Ive never posted but I have read and followed advice given on more problems than I care to think of right now I have a huge problem and I know that if anyone can help its you guys Any help or advice will as always be appreciated My yr old son is a minecraft addict He was threatened recently on x box live by a gamer named billowy prizm who said repeatedly that he was going to hack him My son eventually became friends with the person or so he thought My son has ocd and autism so kids tend to be able to take advantage of him easily were hamachi hacker, virus in router, is this possible? working on it I bought him a dell inspiron laptop for his birthday and being the addict that he is he wanted minecraft in his pc I was out and his friend billowy convinced him that he had to download a program called hamachi to be able to play together on their pcs They used the xbox live mic to walk through all of the steps to download and install When I got home my son told me about it and I found out that the program was for linking computer networks so I immediatly deleted the program I was too late though because not long after my sons comp was acting up and three warnings were brought onto his screen One was a Trojan and the other two said hacker virus or something like that within hours I couldnt log on again it seemed his password had changed I returned his comp and got a new one Problem solved but not quite This all in a matter of days I logged on to my old faithful pc this afternoon went to check my router settings I swear the second after I typed in the router password my whole house had a freakout Daughter asking why xbox was down son freaking cause wii netflix was disconnected my pc couldnt find web pages etc Called ISP they checked a few things had me power down and up again on the satellite was up again in no time Surfed for a bit then something popped up asking if I wanted disk antivirus professional clicked no and the next thing ya know I have a lil icon near my comp clock that wont allow me to exit I tried to delete it on add remove programs it wasn't there I searched it and found it in random folder deleted all three programs named disk antivirus but every page I went to after that would not open without a popup saying this page was determined unsafe by disk antivirus I'd click open anyway the pages opened I went to c net to get virus removal software I could download but no programs could open I went into safe mode renamed the three virus removal programs tried to open them one opened scanned found over threats but asked me to get user key to delete Went to my mail box but when I tried it wouldn't let me open the key page I found my original disks and performed complete system reformat When done turned comp on went to safe mode tried to get online to go get an antivirus and now I cant get comp to find my wireless connection Warning says sisnic sys on windows driver cabinet is needed I dont think the virus is gone because when I reconnected the ethernet cable my comp revved up and sounded louder then I've ever heard it Now what Is my sons new laptop in danger Should I worry about the x box wii nexus I phones What about my personal info I had on my pc I really don't know what to do or where to start I'd like to get my stone age pc up again if possible I'm planning on upgrading soon will the hacker be able to trash new devices Is my router hacked I don't think my old pc was connected when my son downloaded hamachi How do I know if hacker is gone Any help or opinion offered will be appreciated Specs below Old PC hp pavillion a w Windows XP Newest internet explorer was operating at the time Router cisco linksys E Satellite internet but old pc was hooked up via ethernet cable to router Sons Laptop dell inspiron windows mcafee antivirus internet explorer Long story thanks for taking the time to read it

http://www.bleepingcomputer.com/forums/t/488836/hamachi-hacker-virus-in-router-is-this-possible/
Relevancy 35.69%

HI all and professionals,
I am fed up or confused with my network IP address whether it is shared by other computers or network, which slows down my internet-surfing connection performance.

And my firefox browser always keeps loading at night and and sometimes getting pops-up message as the conflict IP address with others.

but when I called up local server provider, they say my IP address only can be used by myself.
kindly advice on the issue as mentioned .

thank you.

A:Network hacker

Worth a read, IMO: http://www.inetdaemon.com/tutorials/internet/ip/addresses/ip_address.shtml .

Louis

http://www.bleepingcomputer.com/forums/t/484082/network-hacker/
Relevancy 35.26%

My internet has slowed to a crawl the last few weeks. I have been watch task manager and it is flooded with com surrogate, dbus, host processing, console window host, service host, and an assortment of other processes. Also, I've noticed I have been locked out of certain folders and programs, I now belong to a homegroup, and my anti-virus has been disabled. Any help would be greatly appreciated. I've
 3.2.2015winlogon.exe.txt   7.92KB
  5 downloads taken the liberty to attach a recent task manager recording.

A:I'm sure I have a hacker living in my computer

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/568812 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.FRST Download LinkWhen you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.Double click on the FRST icon and allow it to run. Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button. Notepad will open with the results. Post the new logs as explained in the prep guide. Close the program window, and delete the program from your desktop.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/568812/im-sure-i-have-a-hacker-living-in-my-computer/
Relevancy 34.83%

Hello , I was attacked by a hacker few days ago from several proxy"s servers in Europe ... This hacker injected me a nasty trojan , who was cleaned by Panda Cloud cleaning tool i found on the internet .... After this attack my pc was behaving strange so i format it and installed Windows 7 again on it .... after few hours after  several updates when I restarted my PC shortcuts on my screen went blank white !!!
Microsoft support didn"t helped me too much and I did twice>> https://support2.microsoft.com/kb/2635447/en-us 
Any help will be very appreciated 

A:Hacker Attack with Trojan BackdoorCIA

Hey my friend. Please download FRST (by Farbar) from the link below and save it to your Desktop.Download Mirror #1If you are unsure whether you have 32-Bit or 64-Bit Windows, see hereDisable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)When the disclaimer appears, click Yes.Click Scan to start FRST.When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

http://www.bleepingcomputer.com/forums/t/563006/hacker-attack-with-trojan-backdoorcia/
Relevancy 35.26%

I had a recent problem from a Chinese hacker using a Hao Rising website It came in on the back of an Intel Webcam driver exe file and caused similar problems to those related in another post McAfee AV detected and deleted two Trojans that came with this intrusion but by Hacker Intrusion Chinese not the rest I then found Bleeping Computer and thanks to this site deleted the crap and got my Intrusion by Chinese Hacker pc running again I now have Voodoo Shield in operation and a number of the anti-malware programs listed here So far so good Although the anti-malware and anti-virus programs are telling me my pc is clean I still seem to have left-over files at various places - for example my mp mp files now have Intrusion by Chinese Hacker a chinese mp extension The files work fine and Zemana Malwarebytes say they are clean Also when I right-click on a file folder in the list of applications there is a remnant of the chinese invasion called Rising Antivirus Lastly in the Intrusion by Chinese Hacker hidden icons area of the toolbar there's an icon named RaUI exe calling itself 'Good Link and Associate' Again every scan performed is coming up clean While I no longer have any major concerns about this especially after coming here and finding some real expertise I am curious as to how to remove these unwanted labels or whatever they are Any advice would be gratefully received Thank you

A:Intrusion by Chinese Hacker

Unwanted items listed in the installed program list can be removed by using Download Revo Uninstaller Freeware in Advanced mode.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
After running CCleaner...post the three lists mentioned below using CCleaner:
 
Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.
At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next
post. Please do that.
 
Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you
will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.
 
Please tell me which programs you used to remove the adware and malware .

http://www.bleepingcomputer.com/forums/t/582958/intrusion-by-chinese-hacker/
Relevancy 33.97%

Hello everyone let me explain my story I was doing a live broadcast of doing gaming Then some some members of a hacking group I know what hacking group But I can say it in this forum So they Came in And said virus? may computer group. Linux Then Been ddosed a have My by hacker a these some of these things in the chat hitlar Been ddosed by a hacker group. Then My Linux computer may have a virus? was a nice guy delete system your mic is muted hail hitlar And some other things that I can't say in this forum Then after a cople of minutes They launched a ddos attack I don't know how they got my ip from YouTube Live Broadcast I was out for minutes with incoming ddos attacks Nothing to do But wait When the ddos attack was over I noticed some strange thing on my Ubuntu Linux Computer My internet connection was going on and off Webcam light was on Been ddosed by a hacker group. Then My Linux computer may have a virus? Even when I turned of the broadcasting software and closed it My mouse was glitchy And I'm worrying they are using key loggers to steal passwords and my information I'm pritty scared to use my computer plus I'm my router is OpenWrt Linux I hope they didn't put a virus on my router please help me

A:Been ddosed by a hacker group. Then My Linux computer may have a virus?

Sorry about the long post. 

http://www.bleepingcomputer.com/forums/t/582359/been-ddosed-by-a-hacker-group-then-my-linux-computer-may-have-a-virus/
Relevancy 35.26%

Hello ill start with the beggining and sorry if ll do writing mistakes because english is not my mother language So i computer? Hacker please \ in my Virus help! bought from a legit site a cd key for a game and they gaved me a link to get my cd key from wich i ve got an error that im using a proxy i don t know what a proxy is or vpn im not an Virus \ Hacker in my computer? please help! expert in computers ive contacted them and they said that im using a proxy vpn anyway i resolved afterwards they just gaved me the cd key but after that i searched on google about proxy vpn and i got into a site called whatismyproxy that is sayng BrowserMozilla Windows NT WOW rv Gecko Firefox Server Apache Your internal ip unknown Your external ip IP country Romania wich i am This server IP United States GA Atlanta no ideea why Ok after i saw United States thing i scanned my PC and used anti malware but same thing appeared on that website Today i reinstalled my windows and what it maked me panicking is that i saw that my bios has set a password itself and i never used a password on bios and i can say i didnt changed by myself on accident because i would have remember that So as i said im not an expert on computers please help

A:Virus \ Hacker in my computer? please help!

VPN is a just a program that hide your real IP address and replace it by another IP address. You are from Romania, maybe the ip other people see is the US ip address.

http://www.bleepingcomputer.com/forums/t/582139/virus-hacker-in-my-computer-please-help/
Relevancy 34.83%

OS: windows 8.1
Laptop: Lenovo G40-70
 
Can you please check if my laptop is compromised. Because these past weeks, I have a very bad feeling that acertain hacker knows all my google searches/yahoo searches. I only use google chrome for my researching/searching. Possibly a keylogger or some spyware might be installed on my system.

A:A hacker might be monitoring my internet activity

Hi there,This issue sounds like something more serious than what we can do here.Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Regards,Alex

http://www.bleepingcomputer.com/forums/t/575283/a-hacker-might-be-monitoring-my-internet-activity/
Relevancy 34.83%

First some technical details Running Windows bit with Mb RAM Password Hacker Computer Added on a Hewlett-Packard which of course did not come with any disks and none were created Hacker Added Computer Password when the computer Hacker Added Computer Password was purchased Someone in my office was having trouble with her printer and for some reason I can't figure out she googled Brother Printer Help She found some site called global something or other contacted them and followed their directions to download TeamViewer and allowed them in to her computer After several hours of them running her around in circles she finally hung up She couldn't shut down her computer the normal way so she forced a shut down using the power button When she came in the next morning and fired up her computer it was password protected This password window does not look like the typical one It's more generic Obviously she allowed in some ransom ware We cannot start in any mode without getting the password request I can get to system repair but when I try to get to system restore I'm asked for an administrator password and there is none Anybody got any ideas

A:Hacker Added Computer Password

You may want to check this link, I have used it for Windows XP, but not Windows 7 yet: ophcrack.sourceforge.net.

http://www.bleepingcomputer.com/forums/t/568189/hacker-added-computer-password/
Relevancy 35.26%

Hi there My computer has recently come under attack by a pc controlling & hardware Hacker hacker who has targeted me how or why is unknown to me Here are the details I was on a skype call when my minecraft yes we were playing mc randomly shut itself suddenly a japanese song started playing on windows media player entitled tmp tmp and that was when I knew this was something serious I instantly shut the window as I was suprised and my camera control window popped up I didn't Hacker controlling pc & hardware realise but the hacker was then able to see my camera later I took Hacker controlling pc & hardware the camera off my pc After this happened we were laughing about it on a skype call but as we were speaking the hacker was taking photos of me and after shutting all my windows I opened up notepad and typed 'Who are you why are you doing this to me ' the hacker first of all held enter but after that turned the into a After this some very loud sounds hard to describe but horrible were playing and the japanese song a few times After this the hacker started open random files and towards the end opened up tmp jpg which was a snapshot of ME taken just now as I was wearing the same clothes etc after this I was scared and when I said to my microphone 'WHO IS THIS' a random person added me on skype and after that the same person on a different account added me same picture and username etc I know a hacker has access to my computer at the moment it's in safe mode but I don't know where to go what should I do - BrunoTheTiny

A:Hacker controlling pc & hardware

Hi Bruno ... indeed is weird what you tell in your post , skype is a way to get hacked and also recorded what you talk and with who ...my advice is to save your important files , photos , music , etc and formatt your computer ASAP ... install a good router and antivirus and avoid skype conversations and online games ... those are ways to be targeted by hackers who lurk on those games servers to find new victims... Good luck!!!

http://www.bleepingcomputer.com/forums/t/564487/hacker-controlling-pc-hardware/
Relevancy 33.11%

   Unfortunately, since my reports to Windows Answer Desk ( since one-year ago ) that a hacker is driving me bananas, have been considered by TECHS and Supervisors TO BE BOGUS, and I am the only owner and administrator, as well as purchaser of
this my PC, do I have to go to a higher authority than myself to decide issues that by right, pertain only to me ? Why am I working at this moment is SAFE-MODE with NETWORKING, because ' some foreign force ( an ALIEN, maybe ) does not permit me to use or manage
my PC as any other person has the ability and capacity to ?
   I will not be taken for a fool.
   Give me a ready, common-sense answer and it'll do.

   Thanks
   JG

https://social.technet.microsoft.com/Forums/en-US/ed0d7f44-aae3-4e8d-8ebb-9418cb031b9a/im-supposed-to-have-no-hacker-aboard-why-then-am-i-asked-to-recur-to-my-system-administrator-to?forum=w7itprogeneral
Relevancy 34.83%

I cant login to type in a new password (As if he get there before me) I have time warner in nyc. now I see crap saying I need to install flash which I do have. What is the best way to get rid of him login into my router? I type in 192.168.0.1 which always worked but I was installing this os so long the router was naked with gust avg (username, password)Has anyone had such an issue before? Using arris DG1670A (a is the TW version) can I get him kicked through ipconfig?Thx
Ive tried hard reboot on router that did nothing one time it did pop up it was 192.168.100.1

http://www.sevenforums.com/network-sharing/386185-having-issue-where-hacker-controlls-my-router.html
Relevancy 35.26%

Is it possible to completely eliminate a backdoor left by a hacker on Windows 10?

My situation is that my new Windows 10 laptop was hacked (a fact confirmed by computer tech analysis) and the hacker installed a tdss rootkit. I removed the rootkit with tdsskiller and tried to reinstall Windows using the built in option, but the reinstall failed and the computer was rendered unusable so HP sent me a USB to reinstall Windows, which I did. Immediately after the reinstall, Malwarebytes Anti-Rootkit detected several lingering infections that were undetectable before the reinstall. After deleting them, I chose to reinstall again, this time first using diskpart, clean all. After the reinstall a Farbar scan still indicates infection and I'm told there is a cryptcat backdoor on the system.

Is there any way to trust this computer again?
 

Relevancy 35.69%

"Resource Hacker" is one of our favorite Windows software which is used to edit various system files such as dll, exe, cpl, etc. Most of the times its used to modify Windows look-n-feel, for example you can change look of various dialog boxes, menus, etc.

Changelog:

What's new in 4.2.0 version:
Redesigned user interface (UI)
New toolbar which can be disabled using Edit -> Preferences -> Hide Toolbar option
Unicode support
Improved display of ANI Icon/Cursor
Major redesign to properly handle RC files
Now its easy to compile *.rc script files from commandline and GUI
Now its easy to create resources from scratch
Addition of script templates for new resources
Addition of search feature
Bug fixes related to compiler
Also comes in portable version
http://www.angusj.com/resourcehacker/
Full Article
 

A:Resource Hacker

resource hacker
i played a lot with it
i remember a trojan infected all my setup executables
avg when disinfected those files ,files got corrupted
i used resource hacker to extract new exe out of infected...

and also for changing names in title bar and icons
i simply love it
 

https://malwaretips.com/threads/resource-hacker.47342/
Relevancy 34.4%

More info in:

https://blog.kaspersky.com/kaspersky-statement-duqu-attack/

https://securelist.com/blog/researc...a-sophisticated-cyberespionage-actor-returns/

https://securelist.com/files/2015/0...ophisticated_cyberespionage_actor_returns.pdf
 

A:Kaspersky Lab investigates hacker attack on its own network

Kudos to Kaspersky for informing the public of this attack, I think most companies would just want to hide this away in fears that customers would leave due to the risks of the hackers. As for the hackers, I think they made a big mistake taking on a security giant like Kaspersky, would love to see how they are going to deal with future threats.
 

https://malwaretips.com/threads/kaspersky-lab-investigates-hacker-attack-on-its-own-network.46919/
Relevancy 40.85%

Hello everyone here at MalwareTips We are working on our web filter which will can help Filter block collect Let's Web ad/tracker - servers MHT to you to keep the trackers away and block ads Also it will stop malware from communicating with the C amp C server s if the domain name is already in our database We won t release technical details for now later hopefully within - weeks in an other thread So we want to make the ad tracker servers list completely community based We will include everything what you report after checking if it s appropriate So feel free to report as MHT Web Filter - Let's collect ad/tracker servers to block much domains as you want and we will check and add all appropriate ones How a report should look like Example Domain google-analytics com Domain googletagservices com Click to expand Example If you can please use this method this makes verifying easier Link google-analytics com analytics js Link googletagservices com tag MHT Web Filter - Let's collect ad/tracker servers to block js gpt js Click to expand If you want to reply just to ask about the software or the system behind it don t do it as we won t tell anything now Thank you for understanding Thanks for everyone who will help us Moderator note The only replies to this thread should be those reporting a domain using the provided examples amp above Use the CODE tags for long lists All other replies will be deleted including questions nbsp

A:MHT Web Filter - Let's collect ad/tracker servers to block

Code:

Domain:0638.info
Domain:2mdn.net
Domain:2o7.net
Domain:8digits.com
Domain:aadserving.com
Domain:adadvisor.net
Domain:adasist.com
Domain:adcash.com
Domain:adcater.com
Domain:adform.net
Domain:adfox.ru
Domain:adhood.com
Domain:adlure.net
Domain:admost.com
Domain:adnexio.com
Domain:adnxs.com
Domain:adobedtm.com
Domain:adocean.pl
Domain:adplxmd.com
Domain:adpozitif.com
Domain:adprotected.com
Domain:adrazzi.com
Domain:adroll.com
Domain:adrttt.com
Domain:ads1-adnow.com
Domain:ads2-adnow.com
Domain:adscale.de
Domain:adslidango.com
Domain:adsniper.ru
Domain:adtech.com
Domain:adtech.de
Domain:adzerk.net
Domain:affsnetwork.com
Domain:ajansreklam.net
Domain:alephd.com
Domain:amazon-adsystem.com
Domain:amplifinder.biz
Domain:amung.us
Domain:atemda.com
Domain:bambar.net
Domain:bbelements.com
Domain:beelert.com
Domain:betburdaaffiliates.com
Domain:bizographics.com
Domain:bkrtx.com
Domain:bluekai.com
Domain:bounceexchange.com
Domain:chango.com
Domain:chartbeat.com
Domain:clicktale.net
Domain:cmcore.com
Domain:connextra.com
Domain:contextweb.com
Domain:coremetrics.com
Domain:cpatrendreklam.com
Domain:crazyegg.com
Domain:creativecdn.com
Domain:criteo.com
Domain:criteo.net
Domain:crwdcntrl.net
Domain:cxense.com
Domain:da-ads.com
Domain:demdex.net
Domain:dimml.io
Domain:directrev.com
Domain:doubleclick.net
Domain:dtscout.com
Domain:effectivemeasure.net
Domain:en25.com
Domain:engageya.com
Domain:ero-advertising.com
Domain:escinteractive.com
Domain:etracker.com
Domain:exelator.com
Domain:faggrim.com
Domain:flashtalking.com
Domain:flix360.com
Domain:flixcar.com
Domain:flixfacts.com
Domain:hit.gemius.pl
Domain:getshar.es
Domain:gigya.com
Domain:go-mpulse.net
Domain:google-analytics.com
Domain:googleadservices.com
Domain:googlesyndication.com
Domain:gravityrd-services.com
Domain:happilyswitching.net
Domain:histats.com
Domain:hitgelsin.com
Domain:hotjar.com
Domain:ibillboard.com
Domain:ilividnewtab.com
Domain:indexww.com
Domain:infolinks.com
Domain:junbi-tracker.com
Domain:kiosked.com
Domain:kissmetrics.com
Domain:krxd.net
Domain:leetmedia.com
Domain:liftdna.com
Domain:ligatus.com
Domain:likebtn.com
Domain:linkz.net
Domain:liverail.com
Domain:m6r.eu
Domain:mads.com
Domain:madsone.com
Domain:marinsm.com
Domain:marketo.net
Domain:med4ad.com
Domain:mediaplex.com
Domain:medyanetads.com
Domain:metaffiliation.com
Domain:metrics34.com
Domain:mgid.com
Domain:mlstat.com
Domain:mobisla.com
Domain:mobytrks.com
Domain:msads.net
Domain:myswitchads.com
Domain:netaffiliation.com
Domain:netbookmedia.com
Domain:netmng.com
Domain:newrelic.com
Domain:nexage.com
Domain:nr-data.net
Domain:nuggad.net
Domain:oclaserver.com
Domain:oclasrv.com
Domain:omtrdc.net
Domain:onclasrv.com
Domain:onclickads.net
Domain:onlinewebstat.com
Domain:onlinewebstats.com
Domain:openx.net
Domain:optimizely.com
Domain:oringmedia.com
Domain:oroll.com
Domain:oxcdn.com
Domain:parsely.com
Domain:perfectaudience.com
Domain:petametrics.com
Domain:pingdom.net
Domain:pixenka.com
Domain:pmelon.com
Domain:popads.net
Domain:popmarker.com
Domain:pradma.com
Domain:prfct.co
Domain:promoviral.com
Domain:pub2srv.com
Domain:pubmatic.com
Domain:pxlad.io
Domain:qservz.com
Domain:quantserve.com
Domain:regadsgx.com
Domain:reklamaction.com
Domain:reklamalan.com
Domain:reklampazar.com
Domain:reklamport.com
Domain:reklamstore.com
Domain:reklamz.com
Domain:reviveservers.com
Domain:revsci.net
Domain:rubiconproject.com
Domain:sail-horizon.com
Domain:say.ac
Domain:sayyac.com
Domain:scarabresearch.com
Domain:scorecardresearch.com
Domain:segmentify.com
Domain:serve-sys.com
Domain:serving-sys.com
Domain:skinected.com
Domain:smaclick.com
Domain:smartadserver.com
Domain:sociomantic.com
Domain:sonobi.com
Domain:statcounter.com
Domain:strands.com
Domain:stroeerdigitalmedia.de
Domain:studads.com
Domain:struq.com
Domain:supert.ag
Domain:swbdds.com
Domain:tapfiliate.com
Domain:triggit.com
Domain:tynt.com
Domain:uzmanreklam.com
Domain:uzreklam.com
Domain:veeseo.com
Domain:virgul.com
Domain:visilabs.com
Domain:visilabs.net
Doma... Read more

https://malwaretips.com/threads/mht-web-filter-lets-collect-ad-tracker-servers-to-block.46693/
Relevancy 35.69%

From Under Attack An interview with a hacker What Mobile What interview a with hacker An Mobile sat down An interview with a hacker with white-hat hacker Steve Lord for an exclusive interview on the current state of data security and mobile safety Smartphones An interview with a hacker marked an inaugural moment in our lives a moment where we plugged in and have not hit the off switch since Smartphones have become our most trusted companion a new right-hand man and a new limb if you will But what happens when something An interview with a hacker you put so much trust in can be used to damage you It hurts obviously and smartphones can do just that with a new age of convenience and information comes new ways for us to be vulnerable Take the good with the bad as they say Edward Snowden had recently revealed to the BBC s Panorama that UK intelligence agency GCHQ Government Communications Headquarters has the ability to access phones without the knowledge of the owner According to Snowden the GCHQ can access phones with tools known collectively as Smurf Suite tools that can survey or extract information from your device discreetly Dreamy Smurf can switch your phone on and off Nosey Smurf works in conjunction with Dreamy Smurf after the latter switches on your device Nosey Smurf gets to work by switching on your mic enabling the user to listen to you Finally we have Tracker Smurf which triangulates your exact location with more precision than the triangulation of mobile phone towers Scary stuff and to be honest if the government wants to get in your phone there s not a lot that you can do But for the more nefarious hackers there are measures that can be taken What better way to protect yourself than to ask a hacker Steve Lord is a White Hat hacker which thankfully means he works for good also means he would choose to destroy the Sith not join them Steve has a decade of experience in information security and runs his own company Mandalorian Security Services Ltd What is your job I m a penetration tester I ve been doing it for over years I get paid by companies to break into their computer systems to identify security flaws so they can fix them Most people build things I take them apart Because computers are everywhere these days I end up breaking into all kinds of strange things from banks to missile systems I ll be given a target by a customer it could be a website a mobile phone or in one case last week a meeting room You might think meeting rooms are strange things to attack But within an hour or so we had full control of the TV screens climate control and were able to stream audio from every meeting room in the building to us And this is a system that the US Department of Defense uses it at the Pentagon I write reports on how to fix problems Often the most serious vulnerabilities are those that affect the underlying business and they re usually the ones that need the most support Have you been forced to do something questionable No but we often get asked to do things that are unethical and sometimes downright illegal A company asked us to uncover the source of the biggest corruption scandal We politely declined People who expose corruption scandals in Turkey have a habit of disappearing We won t do anything that could endanger lives GCHQ use software tools called smurf to extract data from phones Are there any other tools GCHQ are using or can use GCHQ and the other five eyes agencies have a large array of tools as disclosed through the Snowden and other leaks They also have internally developed tools with funny names like SWAMP DONKEY and ANGRY PIRATE We don t know exactly what GCHQ can and can t do But every time there s a leak the details are often both impressive and scary from a hacker s perspective What kind of information can the GCHQ or hacker extract from mobile devices I don t know for sure With enough time they can probably get anything they want off anything they want to get it from What are your thoughts on the Black... Read more

A:An interview with a hacker

A hacker is an expert in this field. What changes is how he decides to use this talent.
 

https://malwaretips.com/threads/an-interview-with-a-hacker.53014/
Relevancy 34.83%

Is there any free software better than Process Hacker? If so ... which is it?
 

A:One free software better than Process Hacker

RE: One free software better tha Process Hacker



ocsi said:



Is there any free software better than Process Hacker? If so ... which is it?Click to expand...

Simple answer: COMODO KillSwitch - http://help.comodo.com/topic-119-1-208-2079-introduction-to-killswitch.html
It has a lot of features, and as a bonus, all the process are rated as Safe, Unsafe or Suspicious.. So it's very easy, even for newbie to find out if their is an active malicious process.

You can download this product from here: http://help.comodo.com/topic-119-1-208-2073-downloading-comodo-cleaning-essentials.html
 

https://malwaretips.com/threads/one-free-software-better-than-process-hacker.14863/
Relevancy 35.69%

It's been a few months since this has been happening, sometimes out of nowhere, the computer will get taken over by an unknown source and start clicking everything rapidly. After you hear low tone beeps and it opens system 32. I had this happen many times (around 5 or 6) and i always unplug my computer before it gets past the system 32 part. I haven't ran a full system virus scan yet (cuz im lazy and stubborn) but i did run a light scan through my computer. Any ideas on what this may be?
 

https://forums.techguy.org/threads/not-sure-if-its-a-virus-or-hacker.1162826/
Relevancy 33.97%

I have been terrorized by installs on has OS NT my over my Hacker X: nonstop! relentlessly attacks PC Boot and this hacker over and over for the last months I have spent hundreds of dollars tech support antivirus new installation disks and hard drives and that's the small of it This person ruined other very nice PC's prior to this desktops in our recording studio years of music gone and another laptop after that It stopped for a few months then on my birthday hacked into my new laptop and is slowly but surely destroying it Hacker has Boot X: on my PC relentlessly attacks and installs NT over my OS nonstop! also I have tried everything I can to stop Hacker has Boot X: on my PC relentlessly attacks and installs NT over my OS nonstop! the attacks I have warned this hacker about the law enforcement getting involvement now I have even pleaded with this person to be reasonable and just stop the attacks before the situation gets anymore out of hand but he just wont stop The guy uses arsenal of Microsoft developer software drivers for thousands of devices and software that stops every antivirus program I've tried He's breaking a riduculous ammount of laws with concern at all about what reprocussions he could be facing I am athe end of my rope dealing with this and any help would be greatly apperciated

https://social.technet.microsoft.com/Forums/en-US/e1f37f1c-37b3-4d74-bcba-da32c61f6941/hacker-has-boot-x-on-my-pc-relentlessly-attacks-and-installs-nt-over-my-os-nonstop?forum=w7itprosecurity
Relevancy 34.83%

YOU SEE THEM mentioned in the news all the time DoS and DDoS attacks are on the rise and they are getting more sophisticated and intense every year The US government accused Iran of conducting a prolonged series of DDoSagainst the web sites of Bank of America and other financial institutions presumably as retaliation for economic sanctions levied against Iran for its nuclear program Recently DDoS attacks by extortionists have DoS Lexicon: What Attacks? and DDoS Are Hacker targeted banks in Greece and Sweden So what are DoS and DDoS attacks DoS stands for denial of service and refers to an attack that overwhelms a system with data most commonly a flood of simultaneous requests sent to a website to view its pages causing the web server to crash or simply become inoperable as it struggles to respond to more requests than it can handle As a result legitimate users who try to access the web site controlled by the server are unable to do so There are other types of DoS attacks that use different tactics but they all have the same effect preventing legitimate users from accessing a system or site TL DR A DoS or denial-of-service attack floods a system often a web server with data in order to overwhelm it and prevent Hacker Lexicon: What Are DoS and DDoS Attacks? users from accessing a website DDoS refers to a distributed denial-of-service attack that comes from multiple systems distributed in various locations Hacker Lexicon: What Are DoS and DDoS Attacks? on the internet Simple DoS attacks performed from a single machine are uncommon these days Instead they ve Hacker Lexicon: What Are DoS and DDoS Attacks? been supplanted by DDoS attacks distributed denial-of-service attacks that come from many computers distributed across the internet sometimes hundreds or thousands of systems at once The attacking machines are generally not initiating the assault on their own but are compromised machines that are part of a botnet controlled by hackers who use the machines as an army to target a website or system Because these attacks emanate from thousands of machines at once they can be difficult to combat by simply blocking traffic from machines especially when attackers forge the IP address of attacking computers making it difficult for defenders to filter traffic based on IP addresses Perpetrators launch DDoS attacks for a variety of reasons Hacktivists have used them to express displeasure against targets for example when members of Anonymouslaunched attacks against the sites of PayPal Visa and MasterCard in after the payment service providers refused to process financial donations intended for WikiLeaks In spammers apparently launched a punishing attack against the spam-fighting site Spamhaus after the site added a Dutch hosting company called Cyberbunker to its spam blacklist Spamhaus provides blacklists to email providers to help them filter out spam sent from known spammers Cyberbunker got on the list because it was accused of providing hosting services to spammers At the attack s peak gigabits of traffic per second reportedly flooded Spamhaus servers The online gaming industry has also been plagued with DDoS attacks for several years with the blame going to disgruntled players and even to competitors A number ofDDoS-for-hire services for examples will take down a competitor s website for any business that wants to hire them Some DDoS attacks are launched for political purposes The most famous of these were the DDoS attacks that targeted Estonia and Georgia In a barrage of traffic knocked government and media sites in Estonia offline and was later attributed to Russian nationalists who were angry about Estonia s decision to relocate a Soviet war monument in Tallinn from the center of the city to a military cemetery In web sites in Georgia were hit with DDoS attacksweeks before Russian troops invaded South Ossetia prompting Georgia and others to blame Russia for the digital attacks More recently DDoS attacks have been used as a criminal ex... Read more

https://malwaretips.com/threads/hacker-lexicon-what-are-dos-and-ddos-attacks.55457/
Relevancy 34.83%

I posted the below and got the below response I wonder why when there are plenty of other hacker questions I only needed a yes or no answer it appears to me this may be another one of the MA Hacker LE sites There s not other explanation for closing a threat with a simple question which plenty of others asked Have fun Manning My question and Ms Cookies reply is below LOL quot I believe I ve received incorrect information and I need someone to explain how this hacking process is done if it s in fact do-able My ex and his friends are definitely hacked into me this I ve dealt with for security??? Hacker allowed not under Questions years A few years ago I received the results of a computer Hacker Questions not allowed under security??? forensics report who analyzed my pc They stated quot separate IPS have remote admin rights to my pc quot I have a new pc now but it doesn t matter he s a cop and always hacks me Someone is skewing my documents When I type complaints PDF Docs on him and send them in I m told when they re received they re illegible and jumbled The documents look fine to me but are being received jumbled This is a brand new pc so it s not anything I have done but I know they desperately need to block the information I m sending in on them I spoke with one law enforcement officer who told me quot no one can remotely Hacker Questions not allowed under security??? delete alter or infect your PDF documents quot but I told him it s been done to me in the past Hacker Questions not allowed under security??? Some documents are also being deleted on me and he said that can t be done as well I m not high tech and he didn t sound very sure but I need to know if he s wrong or I am I m dumb about this stuff but I d think it s something which is pretty easy to do They also have all of my email passwords and they get them as soon as I change them Thanks I m sure they ll arrive here to post since they know I m on this forum First of all we aren t about to explain how hacking is done even if we could Secondly we don t get involved in these types of situations as you need to address it with law enforcement As a result I m closing this thread nbsp

A:Hacker Questions not allowed under security???

I don't know what you want us to tell you and spewing accusations at us doesn't help at all. If you allow remote access to your computer then yes, anything is possible as they can manipulate whatever is on your computer. We can help you with instructions on how to turn off remote access and not allow the installation of any remote access software but beyond that there's nothing else we can do.

In the future, if you don't agree with the action of an Administrator or Moderator then please use the Report button to appeal the decision.
 

https://forums.techguy.org/threads/hacker-questions-not-allowed-under-security.1166594/
Relevancy 36.12%

I believe I ve received incorrect information and I need someone to explain how this hacking process is done if Hacker help it s in fact do-able My ex and his friends are definitely hacked into me this I ve dealt with for years A few years ago I received the results of a computer forensics report who analyzed my Hacker help pc They stated quot separate IPS have remote admin rights to my pc quot I have a new pc now but it doesn t matter he s a cop and always hacks me Someone is skewing my documents When I type complaints PDF Docs on him and send them in I m told when they re received they re illegible and jumbled The documents look fine to me but are being received jumbled This is a brand new pc so it s not anything I have done but I know they desperately need to block the information I m sending in on them I spoke with one law enforcement officer who told me quot no one can remotely delete alter or infect your PDF documents quot but I told him it s been done to me in the past Some documents are also being deleted on me and he said that can t be done as well I m not high tech and he didn t sound very sure but I need to know if he s wrong or I am I m dumb about this stuff but I d think it s something which is pretty easy to do They also have all of my email passwords and they get them as soon as I change them Thanks I m sure they ll arrive here to post since they know I m on this forum nbsp

A:Hacker help

First of all, we aren't about to explain how hacking is done, even if we could.

Secondly, we don't get involved in these types of situations as you need to address it with law enforcement.

As a result, I'm closing this thread.
 

https://forums.techguy.org/threads/hacker-help.1166592/
Relevancy 30.53%

im using Resource hacker to edit a program , its a one filed exe program
ive managed to switch icons, change almost everything with this wonderful program
the only thing left is the right click
i want to disable it or at least edit the buttons inside it
ive gone through everything in Resource hacker but came up with nothing
any suggestions please ?
i dont mind disabling the the right click menu completely in the program
thank you in advance

http://www.sevenforums.com/customization/392309-disabling-right-click-menu-resource-hacker.html
Relevancy 35.26%

Hello, I have a difficult situation. My hacker once lived in my home and I think they had something wired to my cables for internet access. They can connect to my network without a password and can even take over my computer if it wasn't for the fact that I have McAfee and lists it as an intruder. The only way I can see the hackers device if I have my computer wired in. But, I think they are using a phony IP and MAC addresses because I've gone onto my wireless router and set access for this MAC address under deny but she continues to have access. Is there something I can do on my computer or wireless router to turn off something to block her. Or, is there a way for me to locate her true MAC address? Please help.
 

https://forums.techguy.org/threads/hackers-device-on-my-network.1167741/
Relevancy 35.69%

I have a big problem im running windows and for Virus Please Hacker Help Or a few weeks things have been wild from icons disappearing to my C Drive being stored in the wrong folder my recovery drive D is almost full now with a folder inside marked android I have factory refreshed twice I can delete programs and such and they come right back my cam will sometimes come on and off the mouse hangs Virus Or Hacker Please Help and wont move for a minute in download folder there is a folder marked entourage I have deleted it and deleted it it comes back inside the folder is favorites and searches in searches is indexing and that is where all my hard drive things end up I have desktop icons in my computer and in libraries instead of the picture folder it is appdata im sure of a keylogger or something if anybody has any advice on this please let me know ill give any info I can to help more nbsp

https://forums.techguy.org/threads/virus-or-hacker-please-help.1169795/
Relevancy 28.38%

Hi TechGuy people I ll have a few questions and few board posts so please excuse Hacker "stuck?" being me We believe that we have been experiencing a targeted hack bully situation for a year now We are in the process of swapping to a new hard drive and Hacker being "stuck?" rethinking set up and security We believe that it may have started with a deliberately infected Hacker being "stuck?" email and have continued to be modified with time I suspected a keylogger rootkit set and a possible router hack We found out eventually that it didn t matter what device we were still seeing things that we re confident relates to the hacker bullies My other post gives another example Is it possible to hack either with a program bought over the web or by using a hacker s program they hired themselves and be quot stuck quot Couldn t they delete the program on their end so it doesn t matter how many times that keylogger or rootkit is gathering information and trying to communicate back It would help give us a slightly more clearer understanding of the situation we hope If we are correct and they had the ability to cease their end but choose not to I m exploring this possibility nbsp

A:Hacker being "stuck?"

closing duplicate, please do not start duplicate threads for the same issue. the original is at https://forums.techguy.org/threads/hacked-email-accounts.1170780/#post-9241984.

thanks,

v
 

https://forums.techguy.org/threads/hacker-being-stuck.1170781/
Relevancy 35.69%

In June I got serious about finishing a book. I was at a free coin website, needed help and sent email. Got the help and mentioned book. He wanted to see my book. In meantime I agree to proofread his articles et al.

I work on the book, save often but each save rewrote everything again under my work. I found by accident and deleted much but word documents are missing much detail.

I've restarted my book countless times and certain ones are not there as soon as I typed, saved and closed and immediately check still missing. The coin guy is very good with PCs. He's not as prolific a writer as I am.

It isn't a viral problem. That's been through every check, but I went to control panel>folder options>view>show hidden files>apply>OK. The folder with all my work had a hidden file! Word or hacker?

A:Word or hacker?

I'm sorry, but I am not sure what your question or problem is.

Can you please try to explain what exactly you are asking help with?

Thanks,

-Coolfreak

http://www.techsupportforum.com/forums/f10/word-or-hacker-523116.html
Relevancy 41.71%

Hey Team I am not to sure if this would be the right place to seek help for my issue neways GUYS i am time Idle tracker having a hard time in my organization there is a new application installed on every employees system which is Idle time tracker known as the quot time tracker quot NOw the concern is that if you do not touch the keyboard or the mouse for min it counters a idle time and then adds up to my break time i do not have admin rights to research on it and also my tried effort went in vain I created autorefresh java html script it did not work it refreshed but did not help in idle time Tried website redirect again disappointment it redirects but again did not help in idle time i would be GLAD can you guys can help me find a solution to over come the idle time OS- winxp sp i have restrictions as i am on domain group policy

A:Idle time tracker

Hi and welcome to TSF

I guess, in this day in age, be thankful you have job. I guess the "boss" expects you work since he/they are paying you.

What you are asking we can't help. You basically asking for a work around a
restriction that has been placed on you PC or a requirment of the employer.

Please take the time to review our rules again, they can be found here in case you missed it:

http://www.techsupportforum.com/rules.php

Closing this post.

BG

http://www.techsupportforum.com/forums/f10/idle-time-tracker-471292.html
Relevancy 36.12%

I recently found a suspicious email sent from my husbands phone. It was sent from his email to Craigslist, specifically to Casual Encounters, North Jersey (where we live) to "Lisa Hot Bombshell" saying "Saw your pic. Would love to see more" He insists he was hacked and has never been on Craigslist. Also said his email was blocked around that time. What are the chances of this? Any time I've been "hacked" it was sent to multiple people from my contacts and did not appear in my Sent folder.
 

https://forums.techguy.org/threads/possible-hacker.1170898/
Relevancy 36.12%
Q: hacker

So I'm on my computer and tight vnc says it's been conected then some .net stuff pops up and starts going through setup step for remote connection
So I exitedout of it and it happens 3 times in a row
Obviously someones trying to hack into my computer so I shut it down
What can I do to stop the hacker

A:hacker

Uninstall WinVNC. Should be in add/remove programs. Clumsy of the hacker to install VNC in plain sight though.
Also you should do a full antispyware and antivirus scan to make sure you don't have any other malware (VNC can't be installed by itself - something else must have given the hacker access to your PC for him to install VNC).
Other than that, make sure Windows has all the latest updates, and that your firewall is up (I wouldn't be surprised if it was down, or somehow configured to allow incoming VNC connections), and enable DEP (data execution prevention).

http://www.techsupportforum.com/forums/f10/hacker-297352.html
Relevancy 36.12%
Q: hacker

How can I block a hacker with the address of 68.87.76.178

A:hacker

How'd you get the IP? I think Norton has an option to block a specific IP with the firewall, not 100% though.

http://www.techsupportforum.com/forums/f10/hacker-267829.html
Relevancy 35.69%

hi..mmm
my problem is this.
i got a girlfriend that allowed a guy to enter to his computer remotely with
VNC or something like that.
the thing is that this guy opened one port so he can access computer anytime, and see, keylogger and stuff like that.
i already remove the program put this ZONEALARM
but still..i know that this guy is accessing.
Can anyone tell me how can i know wich port did he opened? and how to close it? or how can i shut tha F@## this guy out.?
i have tried other firewalls like outpost.
TNX for the help..

A:HELP!!!...hacker attack!

To find out what ports your PC is listening on type

netstat -an |find /i "listening"

in a command prompt. Using zonealarm or another firewall you should be able to block that port. Ultimately I believe you will need to look over the First Steps at Removing Malware , because if your computer is still listening on that port, whatever he installed on that PC is probably still there.

This webiste has much more information on looking for open ports, it even explains how to find what program is listening on what port

http://www.techsupportforum.com/forums/f10/help-hacker-attack-237897.html
Relevancy 35.69%

I've been installing xp on a new computer that i built recently, and found that every time I connect to the internet, my Kaspersky Internet Security freaks out. Finding 187 threats within the first 2% of a scan is something I don't think is normal. I formatted my hard drive and installed XP about 6 times, and the same thing is happening. One of my buddies told me that I might be targeted by a hacker. If anyone has any ideas on what can be done to stop this, I would really appreciate any and all thoughts.

Thanks in advance.

A:Targeted by a hacker?

Hackers aren't like that, they give rat's. What you are a part of is a netbot I think.
So im probably get a slap on the wrist but, reinstall xp :|

http://www.techsupportforum.com/forums/f10/targeted-by-a-hacker-178463.html
Relevancy 42.14%

Hi, I was wondering if any has heard of a facebook tracker that allows you to see what people have viewed your profile, and if it is out there what are the steps to get it? thanks.

Keith

A:Facebook Tracker

im almost 100% sure there is no such thing. you might be able to see the ips of the people but i dont htink so.

http://www.techsupportforum.com/forums/f10/facebook-tracker-137791.html
Relevancy 35.69%

I am currently not connected to the Internet but both my computers have been hacked by a local I cannot seem to find the answer on how to keep this hacker off my machines Anyway what I would like to learn is how to undo what this hacker has done My first question deals with Services The hacker has some of my Services turned off and when I try to turn them on I get quot Access Denied quot Should I delete them and the what hacker Undoing done has then recreate them using sc create I have already created one that is required from a backup program I use Somehow the hacker blocks installation of the service when I install the program After the creation the backup program works OK Another thing that the hacker has done is to Undoing what the hacker has done have files read by a svchost exe process just to slow down my computer Yeah I know that all I have to do is kill the process but that is a pain having to almost constantly monitor Undoing what the hacker has done what is happening On my Win system the System process is reading the same files as the video program I use That just cannot be right And furthermore I cannot shut down the System process Another thing that has been done is having a file open by some process so that it cannot be readily deleted Is there a way without having to shut down the program that is holding the file open to remove such a file Or if I shut down the process can I prevent the file from returning Any help will be welcomed Thanks in advance for any help

A:Undoing what the hacker has done

You need to check your startup entries and remove anything suspicious from there, It would also help if you ran a few virus/malware/rootkit scans.

However, you wont be able to do it if you are being blocked in your user profile.

To avoid any problems, enable your admin profile and run everything from there.

You can do it in the CMD prompt by typing the following


Code:
net user administrator /active:yes
this will enable your admin account and you will be able to log in to it and run anything. once you are done, log back into your main user profile, run this command to hide your admin account again


Code:
net user administrator /active:no
You can try using smarty uninstaller and smarty startup manager to help you remove anything they put in. Youc an download a free 21 day trial of it here

http://www.techsupportforum.com/forums/f217/undoing-what-the-hacker-has-done-793498.html
Relevancy 35.26%

A hacker has targeted the same folder on my Vista and Win 7 systems. This folder was set up by myself, and I run EXE's created from Bat files. On my Win 7 system, if I try to run an EXE file, I receive "Access denied, etc." In order to run a particular EXE I have to move it out of the folder into another folder. On my Vista system, if I try to run an EXE, I get a window telling me that an EXE could not be found or run, an EXE like this: Tmp3728.exe with the numbers changing with every attempt. Can anyone tell me where to go looking in order to resolve the hack. This hacker has also hacked Task Scheduler in both systems, and I have removed some of his work.

A:Hacker has targeted a folder-all EXE's

Please check out and follow the instructions in this thread

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

You'll get the best results starting there

http://www.techsupportforum.com/forums/f217/hacker-has-targeted-a-folder-all-exes-693184.html
Relevancy 34.4%

Hi All My Vista Admin Account was hijacked by an unknown hacker or script The hidden admin took over as head admin on my HP Vista Desktop disabled almost all my HW and SW permissions and then created a hidden group of users also some with deny permissions Trying different kinds of malware or anti virus removal By Hacker Vista Unknown Admin Hijacked guides does Vista Admin Hijacked By Unknown Hacker nothing They all report no known virus trojans or malware found Everywhere else I have posted asking for help in deleting the hidden admin and its user group and restoring myself as the admin on my PC with full rights and permissions not one single person had replied Vista Admin Hijacked By Unknown Hacker with anything helpful Here is what the hidden admin did Can not download install run or uninstall in Normal Boot Mode Do not have permissions to do so anymore Can not print or install a printer Do Vista Admin Hijacked By Unknown Hacker not have permissions to do so All System Restore points are hidden Do not have permission to create a new pt or even run sys restore Disabled my network cable card and can not view or see any of my Home Wireless Network Identical Vista Desktops and XP Laptops All my PCs are using wireless network cards The hacked one uses USB Wireless so I can still get online I do not have permission anymore to create or see any kind of wired or wireless network Erased disabled or hid IE I never use it I have used Firefox for years So Firefox is still working so I can ask for help online view my home pages and bookmarked pages and send and recieve email Disabled or hid all MS Management Consoles I do not have permission to use them Disabled Task Manager or took away my permission to use it Disabled my CD DVD Drive or at least the ability to run anything from it Disabled my access to my external backup drive USB Thumbdrives I can see but do not know if I can run anything from them in normal boot mode Disabled any kind of troubleshooting software and security software I already had Anti Virus Spyware PC Check Up Windows Defender Most of my software is creative arts music video photo that seems to be working ok If I boot in Safe Mode with network support I can download run and install some programs Part of my network now shows in Control Panel My Wireless Desktop and my Router Still nothing in printers MS Management or Backup and Restore Linux and Dos Boot Discs work and Vistas Dos Window seems to be ok Any ideas on how to get rid or the hidden admin and its user group and how to get my full admin rights and permissions back would really be helpful Thanks MidiVox

A:Vista Admin Hijacked By Unknown Hacker

Hi Again,
I am making some progress by just going around my PC and manualing resetting permission in property boxes. The auto play window now displays in normal bootup mode. When a CD or DVD is placed in the drive. Nothing on it runs, but at least you can see it.
I was able to remove hacker admin user name TexMex1 by loading the old XP style UAC Console. Then that user name changed to show the reg string for the unknown hacker. I do not know anything about editing the reg.
In Safe Mode, I unlocked and restored part of my permissions on my external back up drive. And I have delete all the hacker users from the property boxes of the software I use the most and made myself owner of that software instead of the hacker.
I have many different log files now from different pieces of troubleshooting software all saying no problems found. No missing or corrupt MS Services found. No hard drive problems. If anyone makes any kind of troubleshooting software to scan for and remove hidden admins and users or restore permissions, do not know what it is.
I signed up for a Remote Tech Repair Service, with a money back guarantee, we can fix your PCs problems. I told them exactly what my problem was before I signed up. A hacker hidden admin took over my PC and disabled most of my permissions and admin rights. So far in 14 hours of remote repair, they have not once actually tried to find the hidden hacker admin delete it or done anything to restore my lost permissions. They keep running the same troubleshooting software I can run in safe mode and get the same results. Nothing found.
Last nights tech told me. Its very easy to restore your permissions and find the hidden admin, but we have not done so because that would not solve your lost permissions problem.
Instead he tried to do an inplace Vista Repair by downloading a Vistasp1 iso image and then had me burn it to a DVD. Of course it did nothing because DVD drive does not work in Safe Mode and I can not run anything in normal mode. That might wipe my hard drive anyway, so I would not have allowed it anyway.
I have no Vista problems except for lost or changed permissions by the hacker.
One repair tech even uninstalled Win Patrol, the only piece of software I have that will try to find hidden boot files for you and discover if any of them are hacker created or have hacker code hidden in them. I did find one hacker created user in one and deleted that user.
Most so far, say its impossible for any hacker to hijack your Vista Admin account and change your permissions and also impossible for a hacker to create a hidden admin on your PC.
Thanks for any idea or help.
MidiVox

http://www.techsupportforum.com/forums/f217/vista-admin-hijacked-by-unknown-hacker-502278.html
Relevancy 41.28%

Hi,

I'm looking for a simple Windows Vista desktop software that runs in the background that just keeps a log of the time that my laptop is on and running. I just want something to track the number of hours I work each day. I don't need to keep track of the tasks. And I don't want to have to turn on and turn off the program -- I want it to be completely automatic (but not a memory hog).

I've searched download.com. But all the software there seems quite complicated (ie, it requires me to enter in tasks, etc). Perhaps I searched the wrong thing (I searched "desktop time tracker").

Does anyone know of anything like this?

Thanks for the advice.

A:Looking for simple time tracker software

Hi, in XP it used to tell you "system uptime" now it records only "system boot time" still you can easily work out how long you have been on. Go to start accessories and right click on command prompt select "run as administrator" at the prompt type:- systeminfo press enter

http://www.techsupportforum.com/forums/f217/looking-for-simple-time-tracker-software-334151.html
Relevancy 35.26%

First thing is first network was hacked and claimed by one of my neighbors I went through trouble getting it back but the problems started there with my first computer same operating system as the one i am using now Then the yahoo google and bing redirect virus was intensely messing with my computer and it kept shutting down somehow even in safe mode the computer was acting up this program pretended to be my virus protection which was a program i have never see nor used hacker Network/computer AND IT WAS IN SAFE MODE it kept flashing saying i was under attack and i needed to click all these buttons saying quot click here to protect your computer quot it was persistent i couldnt cancel it or anything then my computer just shut off and it restarted and it forced me to do a factory image restore things were fine for like a week until windows couldnt do a back up for some reason i tried and it would say errors then my Network/computer hacker files began to get messed with like homegroup changes and permissions to my documents then eventually i didnt have genuine windows and i lost my whole harddrive onto the network i had no access to it since that computer has been dead i have been using this one which has the same operating system Its starting to have the same symptoms as the other one but i found a few weird things with this one in my event logs like random accesses and changes to files i found this too i dont know if this is helpful i was hoping someone could explain this to me C Code woody xtras dir flash flashasset flashplayer shared tcserver -I this was in my flash files saying that they were shared I also found some other strange programs as well that i saved on a flash drive just incase its more then a virus or just an error Another HUGE deal is my bank account got locked one day and i called them asking why and they said there was two different transactions at the same time for dollars from some website ive never even heard of I need to know if i am just crazy or if there is something wrong because i am really startign to doubt myself This computer runs very slowly and theres like cpu usage when nothings even running I am in the process of doing the Gmer scan

A:Network/computer hacker

oh and another thing is my antivirus say that i have infected cookies that wont let me remove from casalmedia, tribal fusion and some other

http://www.techsupportforum.com/forums/f50/network-computer-hacker-613960.html
Relevancy 35.26%

my old laptop same as this one except dell is completely dead blue screen of death and now this computer is beginning to have the same symptoms help please

A:Is it a Virus or Hacker or just problems help

DDS.txt

Attach.txt

http://www.techsupportforum.com/forums/f50/is-it-a-virus-or-hacker-or-just-problems-help-613944.html
Relevancy 33.11%

Hello Tech Support Members This is long though it is a culmination of past solved threads that aren't information all in one as well as an all around plea to the selfless experts Bank Email, Hacker Administration - Control Accounts, REMOTE and Facebook I am creating this final last ditch thread to help shed some light on a real enigma that has been cloaking my system Over the past month or so I have created and followed through with several threads all stemming from one main issue regarding my system security namely hidden users and permissions as far as I can tell In the beginning I could not really provide much in REMOTE Hacker - Bank Accounts, Email, Facebook and Administration Control the line of symptoms persay nor could I quite narrow down which method of attack if not many or numerous at one time being utilized Furthermore have a narrowed down area to begin looking at and troubleshooting in Now I feel there is much I can provide if asked to submit beyond generic scans which turn up nothing Most of the smoking gun actually appears with the aid of my process explorer application To complicate matters even further is that this person can view and assimilate a fellow TSF lending bogus damaging advice If not doing actively that can at the very least view the steps I may take to resolve the problem and in turn get a head start Also the person could in theory manipulate the virus behavior to become something else all together I have my doubts on this consideration though if considered thus cannot be discounted from the problem so I mention it just as a heads up I highly highly suspect a keylogger in effect as well How I know this is difficult to prove I have a person whom continues to regain control of my system and I am not sure what KIND of virus to call this at any one time I am more than will ing to run scans but I would like to encourage someone to have me explore particular areas of the computer and report back to see if the definite smoking gun can be found and reversed Presently the computer has just been re-formatted and is just above bare bones if not for the rapid activity that occurs on my device driver menu re-freshes many many times immediately following my connecting my external USB harddrive This harddrive once had and never before a folder called the usual quot System Volume Information quot containing restore files that appear suspicious to me and have since disappeared and I can no longer find it Suffice to say I would like to look the slow manual way for the thing and report back my findings on top of any scans suggested A few FACTS about the problem One This person has in the past camouflaged the required files for breach along side Windows Updates The large amount of updates that accrue and are suggested following a re-format Two A resulting symptom and effect is that my system is corrupted AND my broadband modem router is no longer accessible to me at the web link Executing this link results a search query that is clearly a re-direct So whomever this is now has full control of the router When manipulations and changes are made they cannot be viewed as the detailed event viewer is turned off then on shortly there after Three Besides the above I have a process that operates as any usual spyware that begins running as process quot iexplore exe quot as a child in the tree of the parent process of the same name quot iexplore exe quot Together this makes two processes for every one Internet Explorer Upon it's closure it brifly changes to a process called RUNDLL as an App then disappears There are more but lastly I have two new processes Both without process ID's running that only appear following my plugging in my external harddrive for the first time following a re-format One is quot Interrupts quot PID n a Description Hardware Interrupts Two is quot DPC's quot PID n a Description Deferred procedure calls Last are the listening ports and re-direct of information through those ports to such domains as akamaite... Read more

A:REMOTE Hacker - Bank Accounts, Email, Facebook and Administration Control

Here is a detailed START UP log.

StartupList report, 21/01/2011, 12:39:30 AM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Rian\Local Settings\Temporary Internet Files\Content.IE5\CQYCG9IT\HijackThis[1].EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\Rian\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Rian\Local Settings\Temporary Internet Files\Content.IE5\CQYCG9IT\HijackThis[1].exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Rian\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

TkBellExe = "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
SkyTel = SkyTel.EXE
RTHDCPL = RTHDCPL.EXE
igfxtray = C:\WINDOWS\system32\igfxtray.exe
igfxpers = C:\WINDOWS\system32\igfxpers.exe
igfxhkcmd = C:\WINDOWS\system32\hkcmd.exe
AzMixerSel = C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
Alcmtr = ALCMTR.EXE
KernelFaultCheck = %systemroot%\system32\dumprep 0 -k
SpyHunter Security Suite = C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------... Read more

http://www.techsupportforum.com/forums/f50/remote-hacker-bank-accounts-email-facebook-and-administration-control-545045.html
Relevancy 34.83%

i use firefox mostly all the time and when just surfing the web most recently on myspace i get re-directed to another site and asked to dl browser pop-up trojan x64 or hacker? Vista possible this virus protection because my computer has been hi-jacked thankyou for the fast reply on my previous post i have followed all instructions you have given me possible trojan or browser pop-up hacker? x64 Vista and here are the results if you can help please thankyou so much DDS Ver - - - NTFSX Run by Ben at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows Vista Ultimate GMT - SP Windows Defender enabled Updated D DDC A- possible trojan or browser pop-up hacker? x64 Vista F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system nvvsvc exe C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system nvvsvc exe C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files x Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files x Bonjour mDNSResponder exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C Program Files x Common Files LogiShrd LVMVFM LVPrS H exe C Windows SysWOW PnkBstrA exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system taskeng exe C Windows SysWOW nvSCPAPISvr exe C Windows system svchost exe -k imgsvc C Program Files x Viewpoint Common ViewpointService exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows RAVCpl exe C Windows ehome ehtray exe C Program Files x Common Files InstallShield UpdateService ISUSPM exe C Program Files x iTunes iTunesHelper exe C Program Files Windows Media Player wmpnscfg exe C Windows ehome ehmsas exe C Windows System alg exe C Program Files Windows Media Player wmpnetwk exe C Program Files iPod bin iPodService exe C Program Files x Mozilla Firefox firefox exe C Windows system SearchProtocolHost exe C Windows system SearchFilterHost exe C Users Ben Downloads dds scr C Windows system wbem wmiprvse exe Pseudo HJT Report mLocal Page c windows syswow blank htm mWinlogon Userinit userinit exe BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files x common files adobe acrobat activex AcroIEHelperShim dll BHO CA F - F E- B -A E- E E C C - No File BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files x java jre bin jp ssv dll TB FA EF- D- D - B F- A D - No File uRun ehTray exe c windows ehome ehTray exe uRun ISUSPM quot c program files x common files installshield updateservice ISUSPM exe quot -scheduler mRun lt NO NAME gt mRun Adobe Reader Speed Launcher quot c program files x adobe reader reader Reader sl exe quot mRun Adobe ARM quot c program files x common files adobe arm AdobeARM exe quot mRun QuickTime Task quot c program files x quicktime QTTask exe quot -atboottime mRun iTunesHelper quot c program files x itunes iTunesHelper exe quot StartupFolder c users ben appdata roaming micros windows startm programs startup deskto lnk - c program files x research in motion blackberry DesktopMgr exe mPolicies-explorer NoActiveDesktop x mPolicies-explorer NoActiveDesktopChanges x mPolicies-explorer ForceActiveDesktopOn x mPolicies-explorer BindDirectlyToPropertySetStorage x mPolicies-system EnableLUA x mPolicies-system EnableUIADesktopToggle x DPF AD C - E- D -B E - F D - hxxp java sun com update jinstall- -windows-i cab DPF FFBE D- C C- - BD- DC B... Read more

A:possible trojan or browser pop-up hacker? x64 Vista

bump please :)

http://www.techsupportforum.com/forums/f50/possible-trojan-or-browser-pop-up-hacker-x64-vista-459552.html
Relevancy 35.26%

Hello ill start with the beggining and sorry if ll do writing mistakes because english is not my mother language So i bought from a legit site a cd Hacker computer? \ in please help! my Virus key for a game and they Virus \ Hacker in my computer? please help! gaved me a link to get my cd key from wich i ve got an error that im using a proxy i don t know what a proxy is or vpn im not an expert in computers ive contacted them and they said that im using a proxy vpn anyway i resolved afterwards they just gaved me the cd key but after that i searched on google about proxy vpn and i got into a site called whatismyproxy that is sayng BrowserMozilla Windows NT WOW rv Gecko Firefox Server Apache Your internal ip unknown Your external ip IP country Romania wich i am This server IP United States GA Atlanta no ideea why Ok after i saw United States thing i scanned my PC and used anti malware but same thing appeared on that website Today i reinstalled my windows and what it maked me panicking is that i saw that my bios has set a password itself and i never used a password on bios and i can say i didnt changed by myself on accident because i would have remember that So as i said im not an expert on computers please help

A:Virus \ Hacker in my computer? please help!

Hello and Welcome to TSF,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. I am glad that you follow the writing rules. if you do not, It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

=========================================================

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.

http://www.techsupportforum.com/forums/f284/virus-hacker-in-my-computer-please-help-1015690.html
Relevancy 42.14%

Hi,sorry for multi-posting,i did not realise that messages cannot be deleted, this is the actual post for my problem(ignore other posts by me). I received a few friend requests from an official well known chat group. These requests are being send through by its official site to my hotmail.However there are notices that pop ups when i clik accept the friend requests.These notices seek for my permission to allow access to my DNS,keyboard and mouse. I do not know whether my computer is infected. I need help in removing these tracking programs juz to make sure the information in my computer is safe.Thanks

http://www.techsupportforum.com/forums/f284/help-in-removing-dns-tracker-496721.html
Relevancy 35.26%

Hey today i found a remote keyloger on my system with Malwarebyte and removed it im still worried it there is still a threat My email got hacked but luckly i changed passwords ect on all my stuff before any damage is done im just worried it will happen again Here is my log from Hyjackthis Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows system taskeng exe C Windows Explorer EXE C Windows System rundll exe C Windows System rundll exe C Program Files Lavasoft Ad-Aware AAWTray exe C Windows system hacker/keylogger? Remote wuauclt exe C Program Files Skype Phone Skype exe C Program Files Skype Plugin Manager skypePM exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Windows system conime exe C Program Files Mozilla Firefox firefox exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Remote hacker/keylogger? Microsoft Internet Explorer Main Start Page http www google ie R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by Dell R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Browser Address Error Redirector - CA C - B - E-A -A C DB F - C Program Files BAE BAE dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInit O - HKLM Run NVHotkey rundll exe C Windows system nvHotkey dll Start O - HKLM RunOnce Malwarebytes' Anti-Malware C Program Files Malwarebytes' Anti-Malware mbamgui exe install silent O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exe O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User 'LOCAL SERVICE' O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User 'LOCAL SERVICE' O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User 'NETWORK SERVICE' O - Extra context menu item Send image to amp Bluetooth Device - c Program Files WIDCOMM Bluetooth Software btsendto ie ctx htm O - Extra context menu item Send page to amp Bluetooth Device - c Program Files WIDCOMM Bluetooth Software btsendto ie htm O - Extra button btrez dll - - CCA CA-C - ef- - C D F - c Program Files WIDCOMM Bluetooth Software btsendto ie htm O - Extra 'Tools' menuitem btrez dll - - CCA CA-C - ef- - C D F - c Program Files WIDCOMM Bluetooth Software btsendto ie htm O - Extra button no name - DFB A - F - C -A - CAB FD A - C Program Files Spybot - Search amp Destroy SDHelper dll O - Extra 'Tools' menuitem Spy... Read more

http://www.techsupportforum.com/forums/f284/remote-hacker-keylogger-485158.html
Relevancy 35.69%

I've been having quite a few problems with my computer and I'm starting to think that the system has been taken over We have other computers setup on through our router and of the computers is acting strange as well I always keep the computers up to date with Antivirus software MS Updates Windows Firewall with no exceptions allowed ATF cleaner to delete temporary files Malware Remover I usually have to reinstall Windows XP every Help! Trojan or Please Hacker?? Possible months because we experience so many problems with our computers I'm very aware of security issues - Possible Trojan or Hacker?? Please Help! and I'm currently running FireFox with the quot no scripts quot addon A security issue we might be having is that I use CuteFTP on a regular basis and I Possible Trojan or Hacker?? Please Help! try to keep it as secure as possible but I'm not sure which is the best way to configure it I also have a few sites though GoDaddy and that is where I have my SMTP setup through outlook and I'm always having problems with sending and receiving emails HERE ARE SOME OF MY ISSUES Can't connect securely to reputable sites microsoft com gmail com System Time just changed - Sent email through Outlook and it said the date was July rd instead of June rd Can't uninstall programs System will not restore to an earlier date Roxio Media Manager starts everytime computer is rebooted I've deleted the file of the computer about times but I can't get rid of it - this window pops up The screenshots are in the word doc I attached Access priveleges denied and I am the Administrator Antivirus turns on and off automatically Windows XP Firewall turns off and I can't get it back on for days THIS IS THE MESSAGE I GET WHEN I TRY AND CONNECT TO MICROSOFT COM IN FIREFOX quot Secure Connection Failed www microsoft com uses an invalid security certificate The certificate is not trusted because the issuer certificate is not trusted Error code sec error untrusted issuer This could be a problem with the server's configuration or it could be someone trying to impersonate the server If you have connected to this server successfully in the past the error may be temporary and you can try again later quot Any Help you can give would help me tremendously This is really frustrating because I can t seem to figure it out SYSTEM STARTUP SCAN Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS system spoolsv exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system oodag exe C WINDOWS system HPZipm exe C WINDOWS system svchost exe C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS system wuauclt exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C Program Files Adobe Reader Reader Reader sl exe C Program Files iTunes iTunesHelper exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files Trend Micro HijackThis HijackThis exe C WINDOWS system msiexec exe C WINDOWS system MsiExec exe C Program Files iPod bin iPodService exe R - HKCU Software Microsoft Internet Explorer Main Search Page http www linkedin com R - HKCU Software Microsoft Internet Explorer Main Start Page http www linkedin com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www linkedin com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http www linkedin com R - HKLM Software Microsoft Internet Explorer Main Search Page http www linkedin com R - HKLM Software Microsoft Internet Explorer Main Star... Read more

http://www.techsupportforum.com/forums/f284/possible-trojan-or-hacker-please-help-262325.html
Relevancy 35.26%

I've been trying to fix this and it brought me here Just because I'm trying to be as Hacker using keylogger on and vnc laptop my thorough as possible I have never created or used a vnc but I think my laptop must have come with the equipment to make it possible For the keylogger issue I looked at my Windows Task Manager processes and I Hacker using keylogger and vnc on my laptop have same named ati evxx exe i believe the keylogger is the one with a way bigger i o read and it's not the SYSTEM one I haven't ended the process yet because I don't know if that will be the full solution For the remote control access issue vnc I searched for quot vnc quot in my comp and chose to put VNCHosts dll as I recall in my Recycle bin which is now empty Deckard's System Scanner v Run by Anna on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Software Distribution Service - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint -- First Restore Point -- - - UTC - RP - System Checkpoint Backed up registry hives Performed disk cleanup -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v Scan saved at - - Platform Windows XP Service Pack MSIE Internet Explorer Boot mode Normal Running processes C WINDOWS system smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C WINDOWS system ati evxx exe C WINDOWS explorer exe C Program Files AVG AVG avgwdsvc exe C Program Files AVG AVG avgrsx exe C Program Files AVG AVG avgemc exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files QuickTime qttask exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files HPQ Quick Launch Buttons eabservr exe C Program Files HPQ HP Wireless Assistant HP Wireless Assistant exe C Program Files Common Files InstallShield UpdateService issch exe C WINDOWS system dla tfswctrl exe C Program Files Java jre bin jusched exe C Program Files Hp HP Software Update hpwuSchd exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files AVG AVG avgtray exe C WINDOWS system ctfmon exe C Program Files HPQ shared hpqwmi exe C Program Files Messenger msmsgs exe C Program Files Spybot - Search amp Destroy TeaTimer exe C WINDOWS system ZoneLabs vsmon exe C Documents and Settings Anna Desktop dss Hijackthis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TY lion amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY lion amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Comcast R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Comcast O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Pr... Read more

A:Hacker using keylogger and vnc on my laptop

Bump!

ActiveScan.txt Panda.txt

http://www.techsupportforum.com/forums/f284/hacker-using-keylogger-and-vnc-on-my-laptop-252514.html
Relevancy 34.4%

Hi I am a student living in university accommodation and using the internet available here The usage is monitored and I have often been 'throttled' i e disconnected from the server for high usage The problem is I don't know how this is happening as the monitoring service claims that I have downloaded something like MB of data an hour and a half after connecting - - Virus/Hacker? Too High Internet Usage Possible I wasn't even using the internet in that time This is not the only such incident and I don't have any programs which are updating or downloading or otherwise connecting to the internet atleast not with my permission I have Norton AntiVirus installed as well as Spybot and neither have picked anything up Although I do get 'intrusion alerts' from Norton claiming that quot Portscan quot was attempted but blocked by Norton and I get this atleast once a day I followed the -steps but I could not get the Panda Active Scan to work as everytime it started my computer would say Internet Usage Too High - Possible Virus/Hacker? quot COM surrogate has stopped working quot and the scan would remain at I registered Thank you for your time and help I am using genuine Windows Vista Business Edition -bit Below Internet Usage Too High - Possible Virus/Hacker? is the information from HijackThis Deckard's System Scanner v Run by Akshay Garg on - - Computer is in Normal Mode Internet Usage Too High - Possible Virus/Hacker? -------------------------------------------------------------------------------- -- Last Restore Point s -- - - UTC - RP - Windows Update - - UTC - RP - Removed Handbrake - - UTC - RP - Scheduled Checkpoint - - UTC - RP - Windows Update Backed up registry hives Performed disk cleanup -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v Scan saved at - - Platform Windows Vista MSIE Internet Explorer Boot mode Normal Running processes C Windows System dwm exe C Windows explorer exe C Program Files Camera Assistant Software for Toshiba traybar exe C Program Files Camera Assistant Software for Toshiba CEC MAIN exe C Program Files Protector Suite QL psqltray exe C Windows System taskeng exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Windows Defender MSASCui exe C Program Files Toshiba ConfigFree NDSTray exe C Windows System wbem unsecapp exe C Program Files Toshiba Power Saver TPwrMain exe C Program Files Toshiba SmoothView SmoothView exe C Program Files Toshiba FlashCards TCrdMain exe C Program Files Google Google Desktop Search GoogleDesktop exe C Windows RtHDVCpl exe C Program Files Google Gmail Notifier gnotify exe C Program Files Common Files Symantec Shared ccApp exe C Windows WindowsMobile wmdc exe C Program Files Symantec Norton AntiBot agent Bin NortonAntiBot exe C Program Files SiteAdvisor SiteAdv exe C Program Files Toshiba TOSCDSPD TOSCDSPD exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtMng exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Google Google Desktop Search GoogleDesktop exe C Windows System mobsync exe C Program Files Symantec Norton AntiBot agent Bin NABMonitor exe C Program Files Toshiba Bluetooth Toshiba Stack TosA dp exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHid exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHSP exe C Program Files Synaptics SynTP SynToshiba exe C Program Files Toshiba ConfigFree CFSwMgr exe C Program Files Microsoft Office OFFICE OUTLOOK EXE C Program Files Microsoft Office OFFICE WINWORD EXE C Users Akshay Garg AppData Local Microsoft Windows Temporary Internet Files Content IE B M Y dss exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www google com ie R - HKCU Software Microsoft Internet Explorer Main Search Page http www google com R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKCU Software Microsoft Internet Expl... Read more

http://www.techsupportforum.com/forums/f284/internet-usage-too-high-possible-virus-hacker-240519.html
Relevancy 34.83%

hey there so for a couple of days my computer is acting weird i check my yahoo man-in-the-middle? possibility of hacker,backdoor, gmail mail and when i send out email and go to the sent folder its marked as read even though i dont read my sent mail yahoo cant help password change didnt help either also my computer is kinda slow now im not very good with computers but i ran possibility of hacker,backdoor, man-in-the-middle? trojan killer avast a-squared spybot anti vir and couldnt find anything maybe trojans or whatever are 'covered' as normal file program now i wouldnt be so worried but my mom has a hacker for sure in her system even the police confirmed that people shut down her pc open and delete pictures log into her online accounts cancel orders etc etc does anyone know what this could be i appreciate any help that i can get heres my logfile Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Programme Alwil Software Avast aswUpdSv exe C Programme Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C Programme AntiVir PersonalEdition Classic avguard exe C WINDOWS Explorer EXE C WINDOWS system hkcmd exe C WINDOWS SOUNDMAN EXE C WINDOWS AGRSMMSG exe C Programme AntiVir PersonalEdition Classic avgnt exe C Programme Java jre bin jusched exe C PROGRA ALWILS Avast ashDisp exe C WINDOWS system ctfmon exe C Programme Spybot - Search amp Destroy TeaTimer exe C Programme a-squared Free a service exe C Programme AntiVir PersonalEdition Classic sched exe C WINDOWS system svchost exe C Programme Alwil Software Avast ashMaiSv exe C Programme Alwil Software Avast ashWebSv exe C Programme Trillian trillian exe C WINDOWS system wuauclt exe C PROGRA Mozilla Firefox firefox exe C Dokumente und Einstellungen Sonja Eigene Dateien hijackthis HijackThis exe O - BHO Adobe PDF Reader - E F-C D - D -B D- B D BE B - C Programme Gemeinsame Dateien Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Programme Java jre bin ssv dll O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run AGRSMMSG AGRSMMSG exe O - HKLM Run avgnt quot C Programme AntiVir PersonalEdition Classic avgnt exe quot min O - HKLM Run SunJavaUpdateSched quot C Programme Java jre bin jusched exe quot O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run SpybotSD TeaTimer C Programme Spybot - Search amp Destroy TeaTimer exe O - HKCU Run TrojanKiller quot C Programme Trojan Killer TrojanKiller exe quot O - Extra button no name - B E C - FCB- CF-AAA - C - C Programme Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Konsole - B E C - FCB- CF-AAA - C - C Programme Java jre bin ssv dll O - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra 'Tools' menuitem Spybot - Search amp amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Programme Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Programme Messenger msmsgs exe O - HKLM System CCS Services Tcpip A CAA-D DF- D - B -CB A NameServer O - Protocol livecall - A - C - - F- E F - C PROGRA MSNMES MSGRAP DLL O - Protocol msnim - A - C - - F- E F - C PROGRA MSNMES MSGRAP DLL O - Winlogon Notify igfxcui - C WINDOWS SYSTEM igfxsrvc dll O - Winlogon Notify WgaLogon - C WINDOWS O - SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - C WINDOWS system WPDShServiceObj dll O - Service a-squared Free Service a free - Emsi Software GmbH - C Programme a-squared Free a service exe O - Service... Read more

A:possibility of hacker,backdoor, man-in-the-middle?

no one so far?
btw im trying to create a kaspersky log file but the online scanner keeps stopping around 6990-7069 files..

i wish someone could help :(

http://www.techsupportforum.com/forums/f284/possibility-of-hacker-backdoor-man-in-the-middle-237225.html
Relevancy 34.4%

See the log below 1 and found hacker spyware Online 18 kit scan did online scan with PandaScan and it found spyware and hacker kit or something like that can't remember can you help with this Thanks Deckard's System Scanner v Run by Owner on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC Online scan found 18 spyware and 1 hacker kit - RP - Software Distribution Service - - UTC - RP - Installed Adobe Reader - - UTC - RP - Removed Adobe Reader - - UTC - RP - System Checkpoint -- First Restore Point -- - - UTC - RP - System Checkpoint Backed up registry hives Performed disk cleanup Total Physical Memory MiB MiB recommended -- HijackThis run as Owner exe ----------------------------------------------- Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS Explorer EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C WINDOWS system hkcmd exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Java jre bin jusched exe C Program Files QuickTime qttask exe C WINDOWS system netdde exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system ctfmon exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logitech KHAL KHALMNPR EXE C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C WINDOWS system svchost exe C Program Files Google Google Talk googletalk exe C Program Files Internet Explorer IEXPLORE EXE C Program Files SpywareBlaster spywareblaster exe C Documents and Settings Owner Local Settings Temporary Internet Files Content IE BC OPTX dss exe C PROGRA TRENDM HIJACK Owner exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www record-eagle com webcamholiday htm R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO no name - D -C F - efb- B - ECA - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - D - C - ABF- ECC- C - no file O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO no name - B E - FE - DDB- A D-A E BD BF - no file O - BHO no name - CE DFC- FEC- E- B - F F D BD - C WINDOWS assembly temp odsodc dll file missing O - BHO no name - E A- D F- B -B DF-AE AEF A B - no file O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run PrinTray C WINDOWS System spool DRIVERS W X printray exe O - HK... Read more

A:Online scan found 18 spyware and 1 hacker kit

I forgot this.....from PandaScan....

Incident Status Location

Potentially unwanted tool:application/sysprotect Not disinfected hkey_local_machine\software\classes\appid\CheckProduct2_1.DLL
Spyware:spyware/virtumonde Not disinfected Windows Registry
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt ... Read more

http://www.techsupportforum.com/forums/f284/online-scan-found-18-spyware-and-1-hacker-kit-200779.html
Relevancy 36.12%
Q: Hacker

Hi I tried to perform all the steps but I Hacker couldnt get the online scan to work Anyway someone hacked my computer and got my credit card number and made a bunch of charges to escort services I installed zone alarm and its constantly poping up alerts saying the its blocked inbound attempts thats since wednesday Thanks ogfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C Hacker WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C Program Files Eset nod krn exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C PROGRA ALWILS Avast ashDisp exe C Program Files Java jre bin jusched exe C Program Files Eset nod kui exe C WINDOWS system explorer winsysmngr exe C WINDOWS system ctfmon exe C Program Files Adobe Acrobat Reader AcroRd exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Real Update OB realsched exe C Program Files Zone Labs ZoneAlarm zlclient exe C WINDOWS system ZoneLabs vsmon exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Yahoo R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O -... Read more

A:Hacker

If you still require assistance, then please carry out the following instructions:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.
What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

--------------------------------------------------------------

Please include the following in your next reply:

C:\Deckard\System Scanner\main.txt
C:\Deckard\System Scanner\extra.txt - Attached please

http://www.techsupportforum.com/forums/f284/hacker-195940.html
Relevancy 35.26%

Hi for the last months i have been having comp problems It started in march when i opened yahoo hacker problem Suspect messanger then checked netstat-no and noticed connections to yahoo on xxx this was unusuall Then my computer crashed and after reboot no internet connectivity so i did a restore point still no internet connectivity so i did a format After the reinstallation of xp Suspect hacker problem i was updating xp and i noticed it coming down from xxx but the net worked Then i noticed that my antivirus bitdefender was updating through xxx All was fine for a time except the some of my web pages routing through xxx Then i after an antivirus update the computer crashed and i had to reformat again during windows update traffic routing through xxx as well as antivirus and some web pages If I block this address my pages wont open and updates wont work After the second format i installed windows defender and sometimes after an antivrus update through xxx that error messages will popup about of them saying something about an application was already in use or something its be awhile scince that error but i think it was windows defender protecting my system Also at random my steam game team fortress sometimes looses connectivity to fix i retrain my comodo firewall and game connectivity resumes as normal and whenever i open steam game client my ports get scanned the port scans have been going on scince the first crash Before this problem my windows update would come down via a xx xx xx also i now use avg and it also updates through xxx Recently when i open www theaustralian com au web page it routes through xx as usuall but there is about a delay before the page opens My instinct is this is an automated attack problem During todays windows update updates contiue not to update netframework and core services security update i am sorry i did save their exact names but lost it all other netframewrok updated not probs just continues not to update it installs but for some reason it continues to say on windows update that it needs to be done Here is panda scan first followed by deckards system scanner quot Incident Status Location Spyware Cookie Not disinfected C Documents and Settings Gary Cookies gary txt Spyware Cookie adultfriendfinder Not disinfected C Documents and Settings Gary Cookies gary adultfriendfinder txt Spyware Cookie Atlas DMT Not disinfected C Documents and Settings Gary Cookies gary atdmt txt Spyware Cookie Serving-sys Not disinfected C Documents and Settings Gary Cookies gary bs serving-sys txt Spyware Cookie Com com Not disinfected C Documents and Settings Gary Cookies gary com txt Spyware Cookie Doubleclick Not disinfected C Documents and Settings Gary Cookies gary doubleclick txt Spyware Cookie Mediaplex Not disinfected C Documents and Settings Gary Cookies gary mediaplex txt Spyware Cookie Overture Not disinfected C Documents and Settings Gary Cookies gary overture txt Spyware Cookie Overture Not disinfected C Documents and Settings Gary Cookies gary perf overture txt Spyware Cookie Serving-sys Not disinfected C Documents and Settings Gary Cookies gary serving-sys txt Spyware Cookie Toplist Not disinfected C Documents and Settings Gary Cookies gary toplist txt Spyware Cookie Cgi-bin Not disinfected C Documents and Settings Gary Cookies gary www addfreestats txt Spyware Cookie Zedo Not disinfected C Documents and Settings Gary Cookies gary zedo txt quot deckards as follows Deckard's System Scanner v Run by Gary on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Software Distribution Service - - UTC - RP - Software Distribution Service - - UTC - RP - Configured AVG - - UTC - RP - System Checkpoint -- First Restore Point... Read more

A:Suspect hacker problem

here are the exact names of the windows updates that didnt update

"Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)

Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB928366)"

I can make some wireshark logs if this can help diagnose my problem thanks

http://www.techsupportforum.com/forums/f284/suspect-hacker-problem-186659.html
Relevancy 35.69%

Hey I've been having issues with my computer for a little while now and I think it might be a virus or a hacker. I tried to fix all of the problems I was having with a system restore a few days ago back to a few weeks ago. The computer said it could not restore the computer completely but everything on the computer seemed to be back to the way it was before because all of the programs I have downloaded since then were not there. I've tried to download zonealarm firewall and ad-aware and I couldnt download either of them. Also, I used the Norton Antivirus computer scan yesterday and it did not find aything. I just ran Hijackthis and I can post the results. Please someone help!

A:Need help! Virus or hacker...

Here is some more information about what was going on with my computer before I did the system restore that I posted in a previous thread.....

I'm having problems with my computer where I think it might have a hacker or a virus. I've been having problems with my computer where today I found a website that I'm 99% sure I didn't open but had mentioned to someone in an AIM conversation about an hour before. Is it possible that I have a hacker who read my conversation and opened a site? Can hackers read all conversations and see all files on my computer? Also, I keep running spybot because I thought that could get rid of hackers but sometimes it says user abort and the scan stops. I have gotten the scan to run through the whole way and gotten rid of the few files that were on it multiple times since then. Can you tell me if I have a hacker or a virus?? I have zonealarm for a firewall, avg for viruses, and spybot for spy ware. Oh also, I attempted to download ad-aware se personal but it wouldn't let me finish the download, saying that specific file wasn't part of the win32 or something like that.. I also wanted to add that twice in the past few days I have looked on my desktop and there were blank spaces in between my icons which made it seem like icons had been deleted which I hadn't done. I hope someone can help me or give me some advice.


Here are the results from running HJT earlier today. I had two error screens come up while I scanned. One said it was denied access to the host files and the second said: "An unexpected error has occured at procedure: modMain_CheckOther1Item() Error #75 - Path/File access error. And then it says to email merijn#spywareinfo.com so I guess I will do that. Anyways, help me out please. Here are my results...


Logfile of HijackThis v1.99.1
Scan saved at 5:14:38 PM, on 8/28/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\vVX3000.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\AIM\aim.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Toshiba\IVP\ISM\ivpsvmgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Allison\AppData\Local\Temp\Temp1_hijackthis[1].zip\HijackThis.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Intern... Read more

http://www.techsupportforum.com/forums/f284/need-help-virus-or-hacker-177838.html
Relevancy 35.26%

I'm having problems hacker question or Virus with my computer where I think it might have a hacker or a virus I've been having problems with my computer where today I found a website that I'm sure I didn't open but had mentioned to someone in an AIM conversation about an hour before Is it possible that I have a hacker who read my conversation and opened a site Can hackers read all conversations and see all files on my computer Also I keep running spybot because I thought that could get rid of hackers but sometimes it says user abort and the scan stops I have gotten the scan to run through the whole way and gotten rid of the few files that were on Virus or hacker question it multiple times since then Can you tell me if I have a hacker or a virus I have zonealarm for a firewall avg for viruses and spybot for spy ware Oh also I attempted to download ad-aware se personal but it wouldn't let me finish the download saying that specific file wasn't part of the win or something like that I also wanted to add that twice in the past few days I have looked on my desktop and there were blank spaces in between my icons which made it seem like icons had been deleted which I hadn't done I hope someone can help me or give me some advice I ran hijackthis and here are my results Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Windows System igfxtray exe C Windows System hkcmd exe C Windows System igfxpers exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Windows Defender MSASCui exe C Program Files Synaptics SynTP SynToshiba exe C Program Files Toshiba Utilities KeNotify exe C Program Files ltmoh ltmoh exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Google Google Desktop Search GoogleDesktopIndex exe C Toshiba IVP ISM pinger exe C Program Files Toshiba ConfigFree NDSTray exe C Windows RtHDVCpl exe C Program Files Toshiba Power Saver TPwrMain exe C Program Files Toshiba SmoothView SmoothView exe C Program Files Toshiba FlashCards TCrdMain exe C Program Files Canon MyPrinter BJMYPRT EXE C Program Files ScanSoft OmniPageSE OpWareSE exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C Windows vVX exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Grisoft AVG avgcc exe C Program Files Toshiba TOSCDSPD TOSCDSPD exe C Program Files AIM aim exe C Windows ehome ehtray exe C Windows ehome ehmsas exe C Program Files Windows Media Player wmpnscfg exe C Program Files MSN Messenger msnmsgr exe C Program Files Google Google Desktop Search GoogleDesktopDisplay exe C Program Files Google Google Desktop Search GoogleDesktopCrawl exe C Program Files Toshiba ConfigFree CFSwMgr exe C Program Files Internet Explorer IEUser exe C Program Files Internet Explorer iexplore exe C Program Files Lavasoft Ad-Aware Ad-Aware exe C Users Allison Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn com SEENUS SAOS FORM TOOLBR R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www toshibadirect com dpdstart R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO AcroIEHlp... Read more

http://www.techsupportforum.com/forums/f284/virus-or-hacker-question-177048.html
Relevancy 33.11%

Completed Steps - I have had trouble staying connected to the internet being disconnected every few minutes until I go to IE 'Options' and reset my 'Security' settings 'all to default' IE webpages not loading errors on them w popups on various pages saying script errors cannot find display webpage etc Computer is slow hangs and frequently does nothing Excel dissapeared so I had to install Excel Reader Viewer Believe hacker s have hacked into my system Also I may have programs on my PC that I do not need or that was put there by someone unknown May have hardware conflicts Deleted Trillian when trying to get rid of unwanted programs then tried using DataNuker to get rid of the trillian file but it would not disappear This was done before I realized Trillian was a corrupt program I know I need more RAM will adjusting my Virtual Memory settings help my PC to speed up any Deckard's System Scanner v Run by Tim on - - at Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - System Checkpoint - - UTC - RP - Installed Tools/Rootkits Detected! Trillian, PRScheduler, Application/Deleter Hacker Ad-Aware - - UTC - RP - System Checkpoint - - UTC - RP - Installed Java TM Update -- First Restore Point -- - - UTC - RP - good Backed up registry hives Performed disk cleanup Percentage of Memory in Use more than Total Physical Memory MiB MiB recommended -- HijackThis run as Tim exe ------------------------------------------------- Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe Hacker Tools/Rootkits Detected! Trillian, PRScheduler, Application/Deleter C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System rmctrl exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C PROGRA Grisoft AVG avgcc exe C Program Files Common Files Real Update OB realsched exe C Program Files Java jre bin jusched exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files Windows Media Player WMPNSCFG exe C WINDOWS Nhksrv exe C WINDOWS system PackethSvc exe C Program Files Lavasoft Ad-Aware aawservice exe C Program Files Grisoft AVG Anti-Spyware guard exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C WINDOWS System svchost exe C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe C Program Files wmconnect wwm exe C Program Files CallWave IAM exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Hacker Tools/Rootkits Detected! Trillian, PRScheduler, Application/Deleter Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www dellnet com O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O... Read more

http://www.techsupportforum.com/forums/f284/hacker-tools-rootkits-detected-trillian-prscheduler-application-deleter-172846.html
Relevancy 34.83%

Where do I begin I started having problems with keystrokes If I type a number an extra number appears like is supposed to be just The cursor jumps around either in your sentence when you try to delete the extra characters or if you hit space bar in programs like Outlook it acts like enter I have xp and Mcafee I contacted them and they sent me here I attempted the steps I couldn t get adaware to do THANKS!!!! hacker..IE keystroke shuts down...hijackthis log a complete download can t go to safe mode did the panda scan and hijackthis file but not the other three I removed service keystroke hacker..IE shuts down...hijackthis log THANKS!!!! pack STUPID thinking it was stopping me from getting the cleansers didn t help and made my system unstable However Mcafee has been updating and running as usual I downloaded adware and spywareblaster on another computer and installed them I have run adaware and spybot numerous times and nothing showed so I put SP back on I still have the keystroke problem and now backgrounds which is why this looks like this IE shuts down as soon as its up so I came here through an email link you sent me I typed this in Word because some key I was hitting when I typed in the post was making the page go to a google link I appreciate any and all advice as I am close to finding a sledge hammer Here is the first hijackthis log as well as the active scan Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system inetsrv inetinfo exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c program files common files mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C Program Files SiteAdvisor SAService exe C WINDOWS System svchost exe C Program Files Common Files Ulead Systems DVD ULCDRSvr exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C PROGRA mcafee com agent mcagent exe C Program Files iTouch iTouch exe C WINDOWS essspk exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files Pinnacle Shared Files Programs USBTip USBTip exe C WINDOWS System spool DRIVERS W X E FATIADA EXE C Program Files SiteAdvisor SiteAdv exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C Program Files CreataCard Gold FMRemind exe C Program Files iPod bin iPodService exe C Program Files Broderbund Mavis Beacon Teaches Typing Standard MiniMavis exe C Program Files MSN Toolbar Suite DS en-us bin WindowsSearch exe C Program Files Logitech MouseWare system em exec exe C Program Files MSN Toolbar Suite DS en-us bin WindowsSearchIndexer exe C Program Files TC Net dialer exe C Program Files Internet Explorer iexplore exe C DOCUME JACQUE LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www tc net com R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn com SEENUS SAOS FORM TOOLBR R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page ... Read more

A:keystroke hacker..IE shuts down...hijackthis log THANKS!!!!

Here is an update on the situation. I have cleaned out everything possible through spybot, adaware, mcafee, and have spyblaster running. I have all of the Windows updates back up and running. I ran another Panda scan afterward and I still have three rootkit problems showing up:


Incident Status Location
Potentially unwanted tool:application/funweb
Not disinfected hkey_current_user\software\Fun Web Products
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_current_user\software\MyWebSearch
Potentially unwanted tool:Application/Processor
Not disinfected C:\Documents and Settings\myname\Local Settings\Temp\nst5D.tmp

My computer still has these symtoms of infection. I still have the extra numbers, the cursor is still moving around in strange ways, the right shift key makes the page go back to the former webpage. I went to cmd prompt and noticed things listed and I wasn't sure what they what they were, and they do not have 'dir' in front of the name.

http://www.techsupportforum.com/forums/f284/keystroke-hacker-ie-shuts-down-hijackthis-log-thanks-150341.html
Relevancy 35.26%

Im preety sure my computer was hacked yesterday I followed threw the steps and also found some un-needed spyware problems as well I wanna clean my pc and possibly change my IP due to the possible hacker thing but im not sure if thats really necessary because ive never had a hacker problem or one that i know of so im guessing its really just a random Here are my logs Panda log Incident Status Location Adware adware startpage amc Not disinfected c windows system xtempx xxx Adware adware clickalchemy Not disinfected c windows inf alchem inf Adware adware ncase Not disinfected c windows msbb exe temp Potentially unwanted tool application bestoffer Not disinfected c windows smdat m sys Adware adware sidesearch Not disinfected C Documents and Settings Mladen Application Data Lycos Potentially unwanted tool application altnet Not Issue, Hacker Spyware..etc disinfected hkey local machine software Altnet Adware adware savenow Not disinfected Windows Registry Adware adware exact bargainbuddy Not disinfected Windows Registry Adware adware ist istbar Not disinfected Windows Registry Adware adware xplugin Not disinfected Windows Registry Adware adware abox Not Hacker Issue, Spyware..etc disinfected Windows Registry Dialer dialer asl Not disinfected HKEY CURRENT USER Software Hacker Issue, Spyware..etc Microsoft Windows CurrentVersion Ext Stats A AC - CE Hacker Issue, Spyware..etc - A -B E- D AC Adware adware topconvert Not disinfected Windows Registry Spyware spyware bundleware Not disinfected Windows Registry Potentially unwanted tool application mywebsearch Not disinfected HKEY CURRENT USER Software Microsoft Windows CurrentVersion Ext Stats B EAB-A - -B BB- DE CCA Adware adware zango Not disinfected Windows Registry Adware adware wupd Not disinfected Windows Registry Spyware spyware media-motor Not disinfected Windows Registry Adware adware ieplugin Not disinfected Windows Registry Adware adware mediatickets Not disinfected Windows Registry Adware adware wintools Not disinfected Windows Registry Adware adware favoriteman Not disinfected Windows Registry Adware adware sahagent Not disinfected Windows Registry Spyware spyware betterinet Not disinfected Windows Registry Adware adware dyfuca Not disinfected Windows Registry Spyware Cookie o Not disinfected C Documents and Settings Administrator Cookies owner o txt Spyware Cookie o Not disinfected C Documents and Settings Default User Cookies owner o txt Spyware Cookie Atlas DMT Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt atdmt com Spyware Cookie Doubleclick Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt doubleclick net Spyware Cookie Advertising Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt advertising com Spyware Cookie Advertising Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt servedby advertising com Spyware Cookie Traffic Marketplace Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt trafficmp com Spyware Cookie Falkag Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt as-us falkag net Spyware Cookie RealMedia Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt realmedia com Spyware Cookie Rightmedia Not disinfected C Documents and Settings Mladen Application Data Mozilla Firefox Profiles jjym uy default cookies txt rightmedia net Adware Adware PestTrap Not disinfected C Documents and Settings Mladen Application Data Sun Java Deployment cache javapi v jar jar jar- cee - ea zip web exe Virus Trj Multidropper BQI Disinfected C Documents and Settings Mladen Application Data Sun Java Deployment cache javapi v ja... Read more

A:Hacker Issue, Spyware..etc

Combo Scan

ComboScan v20070221.16 run by Mladen on 2007-02-22 at 11:28:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as Mladen.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:32:17 AM, on 2/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Documents and Settings\Mladen\Desktop\comboscan.exe
C:\HJT\Mladen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Sympatico
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com*
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Of... Read more

http://www.techsupportforum.com/forums/f284/hacker-issue-spyware-etc-141733.html
Relevancy 36.12%

First i would like to explain that the problem does not exist on my computer it is on a friend's computer He doesn't know quite how to deal with the problem if there is one so i am helping him out with it Possible Hacker... I have done all that i can and it seems like his system is relatively clean i just wanted to have you all take a look at the hijackthis log and tell me if he is in the clear The one entry makes me uneasy is all O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF Possible Hacker... D D - C Possible Hacker... Program Files Java jre bin ssv dll We have run a full Sophos scan Adaware scan and Spybot scan to find Possible Hacker... ALL of them are completely clean i mean spotless i'm still weary should i be The symptom is that sometimes when he shuts his system down windows informs him that someone else is logged into his computer The OS is Win XP Pro The computer is fairly new and still runs very well What do you think Thanks for the time you take in reading this Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS system nvsvc exe C Program Files Sophos Sophos Anti-Virus SAVAdminService exe C Program Files Sophos AutoUpdate ALsvc exe C WINDOWS system svchost exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Sophos AutoUpdate ALMon exe C Documents and Settings User Desktop HijackThis exe O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Windows Defender quot C Program Files Windows Defender MSASCui exe quot -hide O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - Global Startup AutoUpdate Monitor lnk C Program Files Sophos AutoUpdate ALMon exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - Winlogon Notify WgaLogon - C WINDOWS SYSTEM WgaLogon dll O - SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - C WINDOWS system WPDShServiceObj dll O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service iPodService - Apple Computer Inc - C Program Files iPod bin iPodService exe O - Service NVIDIA Display Driver Service NVSvc - NVIDIA Corporation - C WINDOWS system nvsvc exe O - Service Sophos Anti-Virus status reporter SAVAdminService - Sophos Plc - C Program Files Sophos Sophos Anti-Virus SAVAdminService exe O - Service Sophos Anti-Virus SAVService - Sophos Plc - C Program Files So... Read more

A:Possible Hacker...

Hi
Your log is fine.No problems.The 02 entry is ok as its part of Sun Java.As for the shutdown message,it sounds like he may have two user profiles or even the Guest account active.Im sure one of the other forums will help him sort that one out.

http://www.techsupportforum.com/forums/f284/possible-hacker-136592.html
Relevancy 35.69%

I received a fishing email from a scammer dealing with my Possible hacker issue VirtualMoney card I clicked the link and logged in I was notified after of the ongoing bogues emails posing as Virtual Money Anyway I am not sure how thay knew I even had VM card or got my email address I am concerned there Possible hacker issue is some sort of spyware etc I am not aware of I have previously done all the suggested things including getting IESpyad Scotty the Snoop patrol dog Ewido Cleanup Spybot AVG So here's what I've done I made hidden files viewable and ran a scan with everything I also did a housecall online scan which founf one spyware item that could monitor my pc and removed it I am going to submit the results below for Ewido along Possible hacker issue with the HijackThis log Please tell me if you see anything that I haven't cleaned out and need to be concerned about thanks Dewayne Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C WINDOWS SnoopFreeUI exe C PROGRA BILLPS WINPAT winpatrol exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgcc exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files Zone Labs ZoneAlarm zlclient exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files The Weather Channel FW Desktop Weather DesktopWeather exe C Program Files ewido anti-malware ewidoctrl exe C WINDOWS system nvsvc exe C Program Files Spyware Doctor sdhelp exe C Program Files Kodak Kodak EasyShare software bin EasyShare exe C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe C WINDOWS System SnoopFreeSvc exe C WINDOWS system svchost exe C WINDOWS system wdfmgr exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS System alg exe C Program Files Spyware Doctor swdoctor exe C WINDOWS system wuauclt exe C PROGRA Grisoft AVGFRE avgw exe C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http us f mail yahoo com ym Sho set amp YY O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR tools iesdsg dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO PCTools Browser Monitor - B A D D- - C -A - DF C AC - C PROGRA SPYWAR tools iesdpb dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run SnoopFreeUI SnoopFreeUI exe O - HKLM Run WinPatrol C PROGRA BILLPS WINPAT winpatrol exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKCU Run DW quot C Program Files The Weather Channel FW Desktop Weather DesktopWeather exe quot O - HKCU Run Spyware Doctor quot C Program Files Spyware Doctor swdoctor exe quot Q O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Kodak EasyShare software lnk C Program Files Kodak Kodak EasyShare software bin EasyShare exe O - Global Startup KODAK Software Updater lnk C Pro... Read more

A:Possible hacker issue

Hi DD

Your log is clean, as is Ewido.

You'll find some further reading on safety and security here along with some additional useful programmes.

http://www.techsupportforum.com/forums/f284/possible-hacker-issue-117943.html
Relevancy 42.14%

I feel that someone is monitoring me I have a couple of emails address that I can not log into from yahoo I was wondering if there is some type of software that can track someone tracking tracker monitioring my computer For example win-spy is a monitoring spyware that allows the remote tracking tracker user into your computer when you are online It has keylogging snapshots email tracking and other things for a person to track you For now I have keylogg hunter and spy cop installed on my computer But win-spy states it can stop anti-spyware What can I do I am just average user HIJACJTHIS LOG Logfile of HijackThis v Scan saved at tracking tracker AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C tracking tracker WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system winlogon exe C WINDOWS Explorer EXE C WINDOWS system rundll exe C Program Files CA eTrust Internet Security Suite caissdt exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe C WINDOWS System spool DRIVERS W X LMPDPSRV EXE C Program Files Common Files AOL ee AOLSoftware exe C Program Files Messenger msmsgs exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files Lexmark X LEX SU exe C Program Files Keylogger Hunter KeyloggerHunter exe C DOCUME David LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run CaISSDT quot C Program Files CA eTrust Internet Security Suite caissdt exe quot O - HKLM Run CaAvTray quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe quot O - HKLM Run CAVRID quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe quot O - HKLM Run LMPDPSRV C WINDOWS System spool DRIVERS W X LMPDPSRV EXE O - HKLM Run HostManager C Program Files Common Files AOL ee AOLSoftware exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Startup Keylogger Hunter lnk C Program Files Keylogger Hunter KeyloggerHunter exe O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Global Startup Lexmark X Settings Utility lnk C Program Files Lexmark X LEX SU exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF A E - F C- DD -ADE - FAB ctlProductChecker ProductChecker - http bcontractors safeguardpropert uctChecker cab O - DPF AB CE -AC F- F- -D ABCA EC Get ActiveX Control - https h www hp com ewfrf-JAV oadManager ocx O - Service CAISafe - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus ISafe exe O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service VET Message Service VETMSGNT - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrus... Read more

A:tracking tracker

Download WinPFInd http://www.bleepingcomputer.com/file...r/WinPFind.zip and extract it to your C:\ folder. This will create a folder called WinPFind in the C:\ folder.

Download Track qoo http://www.geekstogo.com/downloads/Trackqoo.zip
Save it somewhere you will remember like the Desktop. Unzip the Track qoo.vbs inside to your desktop. DO NOT run it yet!

Reboot into Safe Mode
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.!


Inside C:\WinPFind is a file called WinPFind.exe. Double-click on this file to launch the program. Once it is launched, click on the Start Scan button and wait for it to finish. This program will scan large amounts of files on your computer for known patterns so please be patient while it works as it can take a while, upwards to 30 minutes or more.! Once the Scan is Complete it will make a txt file (log) of what was found.

1. Go to the WinPFind folder
2. Locate WinPFind.txt
3. Please post those results in your next post!

REBOOT to normal mode.

Double Click on "Track qoo.vbs"

Note - If you Antivirus has Script Blocking, you will get a Pop Up Windows asking you what to do. Allow this Entire Script to Run, its harmless!

Wait a few seconds and a notepad page will pop up, Copy & Paste those results and place them in the next post along with the results of WinPFind!

So I need the following tool logs..

WinPFind.txt log
Track qoo.vbs log

http://www.techsupportforum.com/forums/f284/tracking-tracker-89396.html
Relevancy 35.26%

While having someone help me on another site earlier with pop up problems I found out I had a very well hidden hacker on the computer. I did a BLBeta scan to find this out. Came up with over 2,000+ files all in the folder C:\\Program Files\dirolbar\cache

I did the same scan on a different computer to make sure it wasn't just the scan and the scan came back clear. I tried to do a hidden search on my computer for the files but nothing showed up. I looked up dirol online and found mostly hacker sites.

Is there any programs that I can use to remove the files? I tried ewido, spybot, regsupremepro, and a lot of others.

A:Hacker hidden on computer

LOL...that's no hacker. Shacker ..yes but no hacker. That's a rootkit infection that's causing you those pop ups.

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download AproposFix.exe - but do NOT run it yet.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Then please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Once in Safe Mode, double-click aproposfix.exe and unzip it to the desktop.
Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

When the tool is finished, please reboot back into normal mode.
Post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.

http://www.techsupportforum.com/forums/f284/hacker-hidden-on-computer-78262.html
Relevancy 36.12%

Hey, over the past couple days whenever I go to my internet I get a different page than my home page (the screen that below). I've tried Spybot Search and Destroy, Adaware, eTrust Pest Control, Microsoft AntiSpyware, EZ Armor thing, and a couple free ones that I've found on the net. This thing is still in my computer though and that page wont go away, and I cant find out how to get rid of it. Any suggestions? I tried the "Free Scan", but whenever you try to delete the problems it says you have to pay the $50 a year or however much it costs. Should I just throw in the $50 for one of those things?

A:Can't Get This Hacker or w/e Out of My PC

Download HiJackThis - this program will help us determine if there are any malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install the newer version.
It will by default install to the directory - C:\Program Files\HiJackThis\
If it gives you an intro screen, just choose - Do a system scan and save a logfile.
If you don't get the intro screen, just hit [Scan] and then click on Save log.
Post the HiJackThis.log file here.

http://www.techsupportforum.com/forums/f284/cant-get-this-hacker-or-w-e-out-of-my-pc-75616.html
Relevancy 36.12%
Q: hacker?

is there a way to tell if someone has hacked into my computer or is able to hack in from my hijackthis log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System brsvc a exe C WINDOWS system spoolsv exe C WINDOWS System brss a exe C hacker? WINDOWS System snmp exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C WINDOWS BCMSMMSG exe C PROGRA DEFEND DEFEND PopUpKiller exe C Program Files AIM aim hacker? exe C Program Files Soulseek slsk exe C Program Files Internet Explorer iexplore exe C Program Files Zone Labs ZoneAlarm zlclient exe C WINDOWS SYSTEM ZoneLabs vsmon exe C Documents and Settings Sarah Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride http localhost O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO IE PopUp-Killer Neikeisoft - E E F - C - D - D- - C PROGRA DEFEND DEFEND PopUp dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKCU Run Ashampoo PopUpBlocker C PROGRA DEFEND DEFEND PopUpKiller exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra 'Tools' menuitem Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Plugin for bcf C Program Files Internet Explorer Plugins NPBelv dll O - DPF A BB - - EC-ACCB- EAE B SysProWmi Class - http support dell com systemprofiler SysPro CAB O - DPF ED DDF - - BBE- - A EDB D A McAfee com Operating System Class - http bin mcafee com molbin shared mcinsctl cab O - DPF B E - - - - EB E CB WebSpyWareKiller Class - http download zonelabs com bin pro tor WebSWK cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandasoftware com activescan as asinst cab O - DPF BCC FF - D - -A E-C E ADA DwnldGroupMgr Class - http bin mcafee com molbin shared mcgdmgr cab O - Winlogon Notify igfxcui - C WINDOWS SYSTEM igfxsrvc dll O - Service BrSplService Brother XP spl Service - brother Industries Ltd - C WINDOWS System brsvc a exe O - Service Sony SPTI Service SPTISRV - Sony Corporation - C PROGRA COMMON SONYSH AVLib Sptisrv exe O - Service TrueVector Internet Monitor vsmon - Zone Labs LLC - C WINDOWS SYSTEM ZoneLabs vsmon exe

A:hacker?

We cannot necessary see if any intrusion has occurred, but I can tell you the log is clean and no intrusion programs are evident.

What makes you think someone got onto your machine? That's harder to do than people think.

http://www.techsupportforum.com/forums/f284/hacker-41173.html
Relevancy 36.12%

a hacker know my ip, and my ip never change after restarting the computer.cuz i using cable.. he knows my real ip address.. can he connect and controll my computer with my ip address he knows???? plz help.. i already format my pc, because i dl a spyware from him b4 and that's why i gotta format my computer... my ip is the same anytime, and i have 3 comuter using the same ip.. what can i do know? can he still connect to my computer with only my ip address????

A:a hacker know my iq...help

Quote:





Originally Posted by skyjohnny1


a hacker know my ip, and my ip never change after restarting the computer.cuz i using cable.. he knows my real ip address.. can he connect and controll my computer with my ip address he knows???? plz help.. i already format my pc, because i dl a spyware from him b4 and that's why i gotta format my computer... my ip is the same anytime, and i have 3 comuter using the same ip.. what can i do know? can he still connect to my computer with only my ip address????




No he can't. If your Windows operating system is up to date, then there is not much risk of him being able to do anything.

I suggest you download Windows XP Service Pack 2, assuming your running XP, as this installs a firewall for you.

http://windowsupdate.microsoft.com

Otherwise, you can call your cable provider and ask for your ip to be changed. Most will let you do this.

http://www.techsupportforum.com/forums/f284/a-hacker-know-my-iq-help-22365.html
Relevancy 35.26%

This post refers to my Vista System only The problem I am experiencing with the EXE's is that when I try to run one in my Dropbox folder or subfolders I either get the CMD line message quot Access denied - c users jxx folder-all EXE's Hacker a targeted has Re: appdata local temp ztmp 'C users jxx appdata local temp ztemp tmpnnnn bat where n represent any number is not recognized as an internal quot This ploy is to capture in a file in the ztmp folder any BAT file I run from the above mentioned Dropbox folder The hacker is trying to get passwords that are in the BAT files But I have removed those BAT files and have created EXE's of them that do not reveal the password s stored in them or quot Windows cannot find c users Appdata ztmp Re: Hacker has targeted a folder-all EXE's tnnnn bat quot This ploy is the same as mentioned above Plus I am experiencing a slow computer especially when I boot up Sometimes I have to restart my machine Here is the DDS txt file DDS Ver - - - NTFS x Internet Explorer BrowserJavaVersion Run by XXX at on - - Microsoft Windows Vista Home Premium GMT - AV Norton Internet Security Enabled Updated SP Windows Defender Enabled Outdated SP Norton Internet Security Enabled Updated FW Norton Internet Security Enabled Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system Ati evxx exe C Program Files Creative Shared Files CTAudSvc exe C Windows system SLsvc exe C Windows System spoolsv exe C Windows system Ati evxx exe C Program Files Common Files Adobe ARM armsvc exe C Program Files Common Files Intel IntelDH NMS AdpPlugins DQLWinService exe C Program Files EaseUS Todo Backup bin Agent exe C Program Files EaseUS Todo Backup bin GuardAgent exe C Program Files Intel Intel Matrix Storage Manager Iaantmon exe C Windows system IProsetMonitor exe C Program Files Nero Nero MediaHome NMMediaServerService exe C Program Files Norton Internet Security Engine ccSvcHst exe C Program Files Norton PC Checkup SymcPCCULaunchSvc exe C Program Files Common Files Motive pcCMService exe C Program Files Common Files Motive pcServiceHost exe C Program Files Common Files Protexis License Service PsiService exe C Program Files RealNetworks RealDownloader rndlresolversvc exe C Program Files Secunia PSI PSIA exe C Program Files Norton Internet Security Engine ccSvcHst exe C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Windows system taskeng exe C Program Files ATT-SST pcTrayApp exe C Program Files HP HP Software Update hpwuschd exe C Windows ehome ehtray exe C Program Files Windows Media Player wmpnscfg exe C Program Files Secunia PSI psi tray exe C Program Files Secunia PSI sua exe C Windows ehome ehmsas exe C Users Jim AppData Roaming Dropbox bin Dropbox exe C Program Files TeamViewer Version TeamViewer Service exe C Windows system vssvc exe C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Windows system SearchIndexer exe C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Windows system wbem wmiprvse exe C Windows System vds exe C Windows system iashost exe C Program Files Windows Media Player wmpnetwk exe C Windows system wbem wmiprvse exe C Windows system wbem unsecapp exe C Program Files Secunia PSI sua exe C Windows system DllHost exe C Windows system DllHost exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k hpdevmgmt C Windows System svchost exe -k HPZ C Windows System svchost exe -k HPZ C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system sv... Read more

A:Re: Hacker has targeted a folder-all EXE's

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

Emergency Backup Procedure - Tech Support Forum

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Programs->Programs and Features if it still exists:

Windows Searchqu Toolbar<<Please read this

Also delete the following Folder if it still exists:

C:\Program Files\Windows Searchqu Toolbar

------------------------------------------------------

I noticed you have FreeSoundRecorder Toolbar installed.

Please read this and decide if you want to keep it >> SystemLookup - Global Search

You can uninstall it via Programs and Features in your Control Panel.

If you decide to uninstall it, please delete the following Folder if it still exists:

C:\Program Files\freesoundrecorder

------------------------------------------------------

Take a look in this file:

c:\windows\system32\o.BAT

What did you find?

------------------------------------------------------

Please download ComboFix and Save it to your Desktop.

**Note: It is important that it is saved directly to your desktop**

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Double-click ComboFix.exe and follow the prompts to run it.

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you. Please post that log, C:\ComboFix.txt, in your next reply.

Please re-enable your antivirus before posting the ComboFix.txt log.

If you get an 'Illegal operation attempted on a Registry key which has been marked for deletion' error message, please reboot your machine.

------------------------------------------------------

http://www.techsupportforum.com/forums/f100/re-hacker-has-targeted-a-folder-all-exes-693800.html
Relevancy 35.69%

I have had someone repeatedly hack into my computer at home. My passwords get changed and emails are deleted. I have tried all sorts of spyware downloads, but nothing seems to stop this person.

What can I do?

Thanks,
RT

A:Problem with a hacker

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.


NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f100/problem-with-a-hacker-556225.html
Relevancy 41.28%

Hi, recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web. I'm not sure whether my computer is affected by it but i would like to know how to remove these so as to make sure that my computer is safe. Thanks.

A:Help in removing mouse and screen tracker sent by others

Hello and welcome to TSF.


Quote:




recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web.




You should not allow anybody to access your computer remotely unless you know and trust the person 100%.

If you suspect that they may have infected your computer , we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f100/help-in-removing-mouse-and-screen-tracker-sent-by-others-510807.html
Relevancy 33.54%

After installing my Vipre Antivirus Premium software I was prompt to restart, which I eventually did. However once my computer was done with the reboot this message comes up.

*I am currently using my friend's desktop computer*





Any suggestions or solutions on getting myself out of this situation are greatly appreciated.

A:Possible Antivirus/Keylogger/Hacker, NEED HELP ASAP! (Unable to access desktop)

Where did you get Vipre from? It's a paid product, so I suggest you contact customer support

http://www.sunbeltsoftware.com/Support/

To alleviate the shutdown...

Open notepad and copy/paste the text in the quotebox below into it:


Code:

@shutdown -a
Save this as fix.bat Choose to "Save type as - All Files"
It should look like this:

Each time your machine threatens to shutdown, double click on fix.bat & it shall abort the shutdown procedure. That should ease some of your current difficulties.

------------------------------------------------------------------------------------------

http://www.techsupportforum.com/forums/f100/possible-antivirus-keylogger-hacker-need-help-asap-unable-to-access-desktop-468823.html
Relevancy 35.69%

i use firefox mostly all the time and when just surfing the web most recently on myspace i get re-directed to another site and asked to dl this virus protection because my computer has been hi-jacked anyways here is my latest HJT log file if you can help possible hacker? or trojan please thankyou so much Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows Vista possible trojan or hacker? SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes possible trojan or hacker? C Program Files x Common Files InstallShield UpdateService ISUSPM exe C Program Files x Mozilla Firefox firefox exe C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - Hosts localhost O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - no file O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - HKLM Run Adobe Reader Speed Launcher quot C Program Files x Adobe Reader Reader Reader sl exe quot O - HKLM Run Adobe ARM quot C Program Files x Common Files Adobe ARM AdobeARM exe quot O - HKCU Run ehTray exe C Windows ehome ehTray exe O - HKCU Run ISUSPM quot C Program Files x Common Files InstallShield UpdateService ISUSPM exe quot -scheduler O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User 'LOCAL SERVICE' O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User 'NETWORK SERVICE' O - Startup Desktop Manager lnk C Program Files x Research In Motion BlackBerry DesktopMgr exe O - Service SystemRoot system Alg exe - ALG - Unknown owner - C Windows System alg exe file missing O - Service Apple Mobile Device - Apple Inc - C Program Files x Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe O - Service Bonjour Service - Apple Inc - C Program Files x Bonjour mDNSResponder exe O - Service dfsrres dll - DFSR - Unknown owner - C Windows system DFSR exe file missing O - Service systemroot system fxsresm dll - Fax - Unknown owner - C Windows system fxssvc exe file missing O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files x Common Files InstallShield Driver Intel IDriverT exe O - Service iPod Service - Apple Inc - C Program Files iPod bin iPodService exe O - Service keyiso dll - KeyIso - Unknown owner - C Windows system lsass exe file missing O - Service Logitech Bluetooth Service LBTServ - Logitech Inc - C Program Files Common Files Logishrd Bluetooth LBTServ exe O - Service Process Monitor LVPrcS - Logitech Inc - C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe O - Service comres dll - MSDTC - Unknown owner - C Windows System msdtc exe file missing O - Service SystemRoot System netlogon dll - Netlogon - Unknown owner - C Windows system lsass exe file missing O - Service NVIDIA Display Driver Service nvsvc - Unknown owner - C Windows system nvvsvc exe file missing O -... Read more

A:possible trojan or hacker?

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/possible-trojan-or-hacker-459306.html
Relevancy 40.85%

Hello please disregard or delete my tracker-blue screen Trojan-cookies previous post as I don't think I followed your procedures correctly as I posted from work and was rushing I am experiencing vista blue screen which Trojan-cookies tracker-blue screen I guess is from downloading Photoshop not the one that's installed now though through LIMEWIRE now uninstalled and possibly accepting an end user agreement by accident called 'netnucleus' which I think transferred a TROJAN I ran Mcafee and it picked this trojan up and I deleted it but forgot the name of the trojan Ran mcafee again and it said clean Still blue screened Ran Windows Defender and it said clean still blue screened so I ran dumpchk on the minidump with debugging tools and it gave me probably caused by Mpfp sys Mpfp seems to be a mcafee driver as in - c pograms mcafee FWdriver Mpfp sys amp in - drivers c windows system I uninstalled Mcafee Still blue screened Ran debugging tool dumpchk on the new minidump file and it gave me probably caused by ntoskrnl exe nt e b Which I have been advised is a legitimate program I then downloaded SPYBOT and it picked up 'webtrends' a cookie collecting application removed ran Spybot and said clean Still blue screened System does seem to be alot more stable but still blue screens now and then PLEASE HELP I have attached the correct zip files now and here's the DDS log DDS Ver - - - NTFSx Run by Dan at on Internet Explorer Microsoft Windows Vista Home Premium GMT SP Spybot - Search and Destroy disabled Updated ED FAF- B F- B -ACA - E C DADBE SP Windows Defender enabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system WLANExt exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system agrsmsvc exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Microsoft Small Business Business Contact Manager BcmSqlStartupSvc exe C Program Files Bonjour mDNSResponder exe C Windows system svchost exe -k bthsvcs C Program Files Intel WiFi bin EvtEng exe C Program Files Common Files LightScribe LSSrvc exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Common Files Intel WirelessCommon RegSrvc exe C Program Files CyberLink Shared Files RichVideo exe C Program Files Microsoft SQL Server Shared sqlbrowser exe C Program Files Microsoft SQL Server Shared sqlwriter exe C Windows system svchost exe -k imgsvc C Windows system taskeng exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Program Files Spybot - Search amp Destroy SDWinSec exe C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Samsung Easy Display Manager dmhkcore exe C Windows system taskeng exe C Windows System igfxpers exe C Windows RtHDVCpl exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files SAMSUNG EasySpeedUpManager EasySpeedUpManager exe C Program Files Samsung Samsung Magic Doctor MagicDoctorKbdHk exe C Program Files Samsung EBM EasyBatteryMgr exe C Windows system igfxext exe C Windows system igfxsrvc exe C Program Files iPod bin iPodService exe C Program Files Synaptics SynTP SynTPHelper exe C Program Files Mobile Broadband Connect AutoUpdateSrv exe C Users Dan AppData Local Google Chrome Application chrome exe C Windows TEMP xktvuldwto exe C Windows system UI Detect exe C Windows sy... Read more

A:Trojan-cookies tracker-blue screen

I just though I'd update this post.

I understand it may push back it being looked at though.

Just ran updated Windows Defender and it found this.


Trojan:Win32/winwebsec

Alert Level: Severe

Category:
Trojan

Description:
This program is dangerous and executes commands from an attacker.

Advice:
Remove this software immediately.

Resources:
file:
C:\Windows\Temp\ xktvuldwto.exe

file:
C:\ProgramData\19214044\19214044.exe



Also this file tried/caused this window pop up...

***********************************************************
interactive secrices dialog detection.

a program can't display a mssage on your desktop.
the program may need information or permission to complete a task.

*show me the message

*remind me in a few minutes


program(s) or device(s) requesting attention...

Message title: Crytical Error!
Program Path: c:\windows\temp\xktvuldwto.exe
received 35th July 2009, 14:01:27
This problem happened because of a partial incopatibility with windows.
please contact the program or device manufacturer(s) for more information.


***********************************************************

The trojan it found is also in the dds log..

xktvuldwto can be found in 'Running Processes' near the bottom.

And

19214044 can be found in 'Created Last 30' at the top.

Which you guys already probably spotted!

Sorry if this update has upset anyone as it may been seen as a bump but i understand that it the older posts that seen to first. I really appreciate what you guys do and hope you can still resolve this as I'm sure my registry has damage.


Thanks all!

http://www.techsupportforum.com/forums/f100/trojan-cookies-tracker-blue-screen-398428.html
Relevancy 35.26%

I'm going to best today to buy another antvirus program I bougt Norton didn't like it any subscription ran out I heard MacaFee was aquality program s I may and ups, threat hacker spywar pop go that route I'm getting pop ups new IE windows and something seems to be running in my pc's background My keyboard isn't responding very well Active sn mentioned a potential hack infestation as well Help please I went through all the steps your site remmended before posting pop ups, hacker threat and spywar the logs Incident Status Location Virus Generic Malware Disinfected pop ups, hacker threat and spywar Operating system Virus Bck VBBot D Disinfected Operating system Spyware Spyware Virtumonde Not disinfected C WINDOWS pop ups, hacker threat and spywar SYSTEM nnnnomj dll Potentially unwanted tool application regclean Not disinfected C Documents and Settings Snoopy Application Data Registry Cleaner Spyware spyware media-motor Not disinfected Windows Registry Spyware Cookie RealMedia Not disinfected C Documents and Settings Administrator Application Data Mozilla Firefox Profiles haxbhkar default cookies txt realmedia com Spyware Cookie o Not disinfected C Documents and Settings Snoopy Cookies snoopy o txt Spyware Cookie YieldManager Not disinfected C Documents and Settings Snoopy Cookies snoopy ad yieldmanager txt Spyware Cookie Advertising Not disinfected C Documents and Settings Snoopy Cookies snoopy advertising txt Adware Adware Yazzle Not disinfected C Documents and Settings Snoopy install exe Virus Generic Malware Disinfected C Documents and Settings Snoopy Local Settings Temporary Internet Files Content IE CND Q KT retadpu exe Virus Bck VBBot D Disinfected C Program Files a zip Setup exe Virus Bck VBBot D Disinfected C Program Files b zip Video exe Virus Bck VBBot D Disinfected C Program Files c zip Track exe Virus Bck VBBot D Disinfected C Program Files Setup exe Virus Bck VBBot D Disinfected C Program Files Track exe Virus Bck VBBot C Disinfected C Program Files uy exe Virus Bck VBBot D Disinfected C Program Files Video exe Virus Generic Malware Disinfected C WINDOWS retadpu exe Virus Generic Malware Disinfected C WINDOWS retadpu exe tmp Virus Trj Downloader PNC Disinfected C WINDOWS system app exe Spyware Spyware Virtumonde Not disinfected C WINDOWS system install exe Virus Bck VBBot C Disinfected C WINDOWS system p pnetworking exe Potentially unwanted tool Application Restart Deckard's System Scanner v Run by Snoopy on - - at Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Software Distribution Service - - UTC - RP - Software Distribution Service - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint -- First Restore Point -- - - UTC - RP - Software Distribution Service Backed up registry hives Performed disk cleanup -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of HijackThis v Scan saved at - - Platform Windows XP Service Pack MSIE Internet Explorer Running processes C WINDOWS system smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS explorer exe C WINDOWS system LexBceS exe C WINDOWS system spoolsv exe C WINDOWS system Lexpps exe C WINDOWS system spool drivers w x hpztsb exe C WINDOWS system nvsvc exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C WINDOWS system rundll exe C Program Files WinPop winpop exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Logitech MouseWare system EM EXEC EXE C WINDOWS system svchost exe C Program Files Internet Explorer iexplore exe C Docume... Read more

A:pop ups, hacker threat and spywar

Worried about a hacker getting into my system, although I'm limited on funds because of a workplace injury. I bought McAfee last night and installed it. I'm doing a scan now. Once it's done should I go through the five step process again?

I also uninstalled a program called "Winpop".


As always thanks for the help this website provides.

http://www.techsupportforum.com/forums/f100/pop-ups-hacker-threat-and-spywar-170099.html
Relevancy 42.14%

Besides these two I also seem to have Elite toolbar and Sasser last nite as well I have done spybot Adaware Adaware is coming up clean Spybot cannot seem to finish quarantining the files found above I am on different machine currently Sex Adaware and A Tracker as my IE cannot work I'm not even running IE and I'm getting popups sounds like Elite is back ARRRRGHHHH Please review HJT Sex Tracker and A Adaware Log and give me some help pleeeeaaase I'm in China on business and Laptop is my only link to work etc Logfile of Sex Tracker and A Adaware HijackThis v Scan saved at AM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes Sex Tracker and A Adaware C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System Ati evxx exe C PROGRA SYMANT SYMANT DefWatch exe C WINNT System svchost exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C PROGRA SYMANT SYMANT Rtvscan exe C WINNT system regsvc exe C WINNT system MSTask exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT system userinit exe C WINNT system Atiptaxx exe C PROGRA SYMANT SYMANT vptray exe C WINNT system ctfmon exe C Program Files EarthLink TotalAccess TaskPanl exe C WINNT DvzCommon DvzMsgr exe C Program Files WinZip WZQKPICK EXE C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe C Program Files Palm HOTSYNC EXE C WINNT explorer exe C Program Files Microsoft Office Office WINWORD EXE C WINNT system cmd exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http start earthlink net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www earthlink net partner mor on search html R - HKCU Software Microsoft Internet Explorer Main Search Bar http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Search Page http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www earthlink net partner mor on search html F - REG system ini UserInit userinit exe userinit exe O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run vptray C PROGRA SYMANT SYMANT vptray exe O - HKCU Run ctfmon exe ctfmon exe O - HKCU Run E TaskPanel quot C Program Files EarthLink TotalAccess TaskPanl exe quot -winstart O - Startup HotSync Manager lnk C Program Files Palm HOTSYNC EXE O - Global Startup Dataviz Messenger lnk C WINNT DvzCommon DvzMsgr exe O - Global Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPICK EXE O - Global Startup Wireless-B Notebook Adapter Utility lnk C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF BAC - DD- - D- A E D A Yahoo Photos Easy Upload Tool Class - http us dl yimg com download yaho opper us cab O - DPF E E E - AA - D -ABA - AA C GpcContainer Class - https partminer webex com client v ex ieatgpc cab O - Service Ati HotKey Poller - Unknown owner - C WINNT System Ati evxx exe O - Service CWShredder Service - Unknown owner - D CWShredder exe file missing O - Service DefWatch - Symantec Corporation - C PROGRA SYMANT SYMANT DefWatch exe O - Service Logical Disk Manager Administrative Service dmadmin - VERITAS Software Corp - C WINNT System dmadmin exe O - Service Symantec AntiVirus Client Norton AntiVirus Server - Symantec Corporation - C PROGRA SYMANT SYMANT Rtvscan exe O - Service Remote Administrator Service r server - Unknown owner - C WINNT system r server exe qu... Read more

A:Sex Tracker and A Adaware

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro http://uk.trendmicro-europe.com/ente...all_launch.php. Just follow the instructions on the site to run the online scan. If any viruses/trojans are detected, try to delete or clean them in that site. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Go to Start->Run and type in services.msc and hit OK. Then look for Remote Administrator Service (r_server) and double click on it. Click on the Stop button and under Startup type, choose Disabled.

Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\WINNT\system32\userinit32.exe

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
F2 - REG:system.ini: UserInit=userinit.exe,userinit32.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINNT\system32\userinit32.exe - delete the file exactly as shown here
C:\WINNT\system32\r_server.exe

Reboot into Normal Mode and run new HijackThis scan. If there were some entries that didn't show up in Safe Mode, you may check and fix those that appear now in normal mode (if you do that, make sure to run a new scan again). Save the log file and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in the forum.

http://www.techsupportforum.com/forums/f100/sex-tracker-and-a-adaware-49119.html
Relevancy 34.83%

So my younger cousin was at my house yesterday and wanted to use my laptop so I let her She was on club penguin and decided she wanted a free membership so she googled it and downloaded something which was an exe I don't know what the name of it was because I was letting her do her own thing by My remote controlled being computer a is hacker. at the time I didn't My computer is being remote controlled by a hacker. know she was going to install a virus So anyway after a few hours she went home and I went back to playing My computer is being remote controlled by a hacker. games and using the Internet when suddenly out of nowhere My computer is being remote controlled by a hacker. a chat box came up with no X button to close out of it Admin typed something like this thanks for your account I was really confused so I typed back what account And Admin replied your club penguin account I was immediately like oh crap At this time I knew my cousins account must've been hacked There must be a key logger on my system But suddenly the admin typed again He said watch this And suddenly my mouse was moving on its own After doing a little bit of research with the little knowledge I have of computers I think it's a rat But I'm too worried to turn on my computer again in case my computer gets controlled again After panicking and asking my friends they suggested to take out the battery from the laptop and not use it for a few days then take it to a professional But I don't want the chat opening to said professional because Well it would be weird Also my mum is going to be pissed at me for ruining my Christmas present I would love to get rid of this rat myself preferably I am using a Windows laptop and my cousin downloaded the virus yesterday I have to do school work on this laptop so please any help is appreciated Any at all Please bear in mind I'm a noob with computers so if you can explain it in the easiest terms possible it will help a lot Also malware bytes found nothing on my system when I did a scan Thanks

A:My computer is being remote controlled by a hacker.

You can still use your computer for homework until you get this issue fixed. Just disconnect from the internet and you will be fine; if there is no connection no hacker can attack the computer. If you are wireless, click the connection icon in the lower right corner of the screen (aka your system tray) and click "disconnect" in the menu that pops up. Sometimes you must right click your connection item, then disconnect. Your laptop probably has an internet disconnect switch on it somewhere so just use that. Then enter the Control Panel/Add-Remove Programs and look for something listed as "Club Penguin" and remove it; hopefully it is listed there if your cousin installed it normally.
Now go Here, follow the instructions and post in the Malware removal forum for help from a tech who will help you clean up your system.

http://www.bleepingcomputer.com/forums/t/612163/my-computer-is-being-remote-controlled-by-a-hacker/
Relevancy 35.26%

i need a working wifi hacker
 

A:i need a working wifi hacker

Exactly...what are you referring to?
 
What is it that you want to do?
 
Louis

http://www.bleepingcomputer.com/forums/t/498402/i-need-a-working-wifi-hacker/
Relevancy 35.69%

hi guys, my problem is that i got ADSL, fixed ip adress, and a hacker got it, now i guess hes gonna make a hell of my life because i won't feel confident imputting any password or whatever i used to do in my computer guys please tell me if theres a way to get that loser lost. btw my comp has the deepfreezer installed and running

EDIT: i got the windows xp professional edition(XPized) i dunno if that could help you help me if i specify the OC im using. i got AVG 7.5 as antivirus, Spybot search and destroy.

A:My Ip Got Tracked By A Hacker Help Me

Explain what you mean by "a hacker got your IP".Someone getting your IP address is a completely trivial matter, any time you connect to a website, any time you connect to various chat services your IP will be quite easy to look up. Just because someone knows your IP doesn't necessarily mean your computer security has been compromised. The first thing you need to make sure of is that you're running a firewall. If you have a wired or wireless router that will afford you some built-in firewall protection, XP Service Pack 2 also comes with a built-in firewall. There are also a few free firewalls listed in this thread. Freeware Replacements for Common Commercial Apps.

http://www.bleepingcomputer.com/forums/t/106896/my-ip-got-tracked-by-a-hacker-help-me/
Relevancy 36.12%
Q: Hacker

Someone needs to help me My father and I Hacker no longer speak and he bought me this computer When I was younger he installed a logger on my other computer where he could read Hacker all of my AOL conversations see the websites I visited etc When I was home over winter break he went onto my computer and I don t know if he did this again Someone keeps changing my pictures on websites and has been reading my online conversations For an example as to how I know they are Hacker reading my conversations - I was missing a camera of Hacker my friends and I talked to her on AIM about it She got an email about the camera later on that day saying that I had the camera and to keep pressing me to get it back to her I have a feeling it is my father but seeing that I am independent of him and do not associate with him anymore and am over is this legal I am seriously thinking of going to the cops with this one but I need to know is there a way someone can read my conversations see what websites I visit etc from another computer Are there programs out there that will send him information through an email or something I need help -KF

A:Hacker

Possibly. Probably not on a Federal level, which would come into play if you and he live in different states (See Here. I'd suggest consulting an attorney for the local scoop.

http://www.bleepingcomputer.com/forums/t/46417/hacker/
Relevancy 35.69%

I am currently being helped on a hacker problem that I have. Can someone help me with a couple of questions that I have?
I have been instructed to 'create a folder' and name it 'c:\submit, where do I create this folder? How do I create this folder?
Also, I need to locate file C:\WINNT\System 32\COM_~1.EXE, how do I go about locating this file so that I can add it to the folder c:\submit?

A:Hacker Problem

To create a folder called "c:\submit", right click on your start button and select EXPLORE. This brings up windows explorer. Click on the root of your C drive or C:\ or Local disk (C:) Selecting it should make it blued.

On the top toolbar select FILE - NEW - FOLDER A folder appears with the name NEW FOLDER - new folder should be blue at this point. type in submit. A folder called submit should appear under the C:\ folder now. If something happens, right mouse click the "new folder" and rename it to submit.

Next... on the left side of the explorer window, look for C:\WINNT and double click it. Look below that and you should see System 32 - double click that. You should now be in C:\WINNT\System 32. Look for COM_~1.EXE on the right side of the window. If you find it, right click on the file and select copy. back to the left... find the folder you created called SUBMIT. Right click on that folder and paste it there.
You are ready to go!

Good luck

Rigel

http://www.bleepingcomputer.com/forums/t/14523/hacker-problem/