Windows Support Forum

aim logger/ tracker

Q: aim logger/ tracker

I think my wife may be cheating on me and I want to record her aol messenger conversations without her knowing. Also, is there any software that would record any of the sites she has logged in, while showing the password she used and username/email account?

thanks. need help please.

Relevancy 100%
Preferred Solution: aim logger/ tracker

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: aim logger/ tracker

Hi, Sorry, TechGuy.org does not assist with using keyloggers, or AIM loggers, we have no way to verify the situation, hope you understand.

Nine times out of ten you will make the situation worse- logging software can be detected. Things can get out of hand, and we cannot be part of something like this.

Closing thread.

https://forums.techguy.org/threads/aim-logger-tracker.649948/
Relevancy 41.28%

I've used Excite.com for years but with in the last few days I have noticed that a feature of theirs Stock Tracked is missing! Anyone happen to know if this is permanent?
 

http://www.techspot.com/community/topics/excite-com-stock-tracker-missing.147085/
Relevancy 41.28%

Need help! I have a advantage database program called Manheim tracker 3.097..been working fine until restart on 1/27. Program wouldn"t start up . A ( COMPANY ADT) file error.What is this?Where did it go? Any one fimiliar with this program.?
 

A:Manheim tracker data problem

Does this link help?
Recovery Toolbox
 

http://www.techspot.com/community/topics/manheim-tracker-data-problem.142147/
Relevancy 36.12%

Okay this is my first time posting I think I m doing it correctly I ve gone through the steps at this location http www techspot com vb topic html CPU i GHz MB MSi X- PRO-E RAM x CORSAIR GB MHZ GPU x EVGA GTX PSU Rosewill W OS Windows Enterprise -Problem- When running BF about - minutes in it all just freezes no force restart or input recognition Crashing WHEA-Logger - 18 EventID giving Crashing - WHEA-Logger EventID 18 about minutes on this idle screen nothing changes need to hard reset Attempts to fix as per the above link Updated nVidia then to Beta then back Crashing - WHEA-Logger EventID 18 to March drivers same problem recreated itself each time no difference Event log shows the title of this thread multiple times at almost every crash I have a minidump Installed speedfan and all voltages are fine first thing I thought was overheating relocated case more fans temps not going above c for intense BF playing before crashing my system would get to sometimes for short periods without problems RE the recent changes I checked the system restore and the points I have wouldn t help there aren t any before the crashing began about a week ago again I ran Memtest like the instructions say took quite awhile zero faults I was half asleep my girlfriend read the monitor and said something close to that -Bottom Line- I hope I didn t miss anything I m doing Crashing - WHEA-Logger EventID 18 the page allocation and defrag right now but I don t think that ll be a problem this computer is on a routine defrag weekly I ll update if it returns anything out of the norm I appreciate any assistance nbsp

A:Crashing - WHEA-Logger EventID 18

The minidump file is corrupt. Turn off that "routine" defrag. It is not necessary and it will only wear out the hard drive faster
 

http://www.techspot.com/community/topics/crashing-whea-logger-eventid-18.182270/
Relevancy 35.69%

Hello Everyone

Brother i am facing a problem in Microsoft Windows 7 Professional:
the following error was generated and Windows got stuck and i was unable to restart system so that i had to restart after by switching power. any one having ideas please let me know.

- System

- Provider

[ Name] Microsoft-Windows-Kernel-EventTracing
[ Guid] {B675EC37-BDB6-4648-BC92-F3FDC74D3CA2}

EventID 2

Version 0

Level 2

Task 2

Opcode 12

Keywords 0x8000000000000010

- TimeCreated

[ SystemTime] 2010-07-08T04:11:02.694335900Z

EventRecordID 1491

Correlation

- Execution

[ ProcessID] 4
[ ThreadID] 52

Channel Microsoft-Windows-Kernel-EventTracing/Admin

Computer Dark-Knight

- Security

[ UserID] S-1-5-18


- EventData

SessionName Circular Kernel Context Logger
FileName
ErrorCode 3221225525
LoggingMode 268436608

Please let me know why this problem occurred.

Await your reply.
 

A:Error: Circular Kernel context logger

New one on me. :Let us know when you figger it out.
 

http://www.techspot.com/community/topics/error-circular-kernel-context-logger.149666/
Relevancy 36.55%

I think that my internet is being monitored or that i have a key logger  installed i think i may have uninstalled the programme but dont know for sure. i have the zenmana anti logger as well. how to i detect if my internet is being monitered and  how do i remove both things. thank ing you in advance

A:I think i may have a key logger or my internet is being mointered

WHy do you think it's a key logger?

http://www.bleepingcomputer.com/forums/t/586339/i-think-i-may-have-a-key-logger-or-my-internet-is-being-mointered/
Relevancy 36.55%

A friend asked if I could help He has an Acer laptop that is running Windows Home Premium He tells me he logger Question Key Ransomware has been infected with Key logger Ransomware I know the virus needs to be cleaned and I have several options I am going to try What I am wondering is if I use the Acer Recovery program to return the computer to factory specifications will that delete the Ransomware program I could Ransomware Key logger Question ask it to save the pictures music documents etc and once it has reformatted and returned to factory spec I could see if any of the files can be unencrypted If they can't at least the Ransomeware would be gone He would still have the computer the way it was when he purchased it and the programs that Acer included would be there Does this sound like a viable way to take care of his problem I do know from what I've read that if the files are encrypted they can't be unencrypted and are lost Please advise Edit Topic moved from Windows to the more appropriate forum Animal

A:Ransomware Key logger Question

I have seen encrypted files on some recovery partitions.  I suggest you examine the recovery partition before you try to restore to factory default.  If you see encrypted files, install_tor, or any other evidence of tampering,  a factory restore may fail but will certainly waste your time.  A wipe and load will be the safest solution, but download the networking drivers (on a different computer) first.

http://www.bleepingcomputer.com/forums/t/564718/ransomware-key-logger-question/
Relevancy 36.12%

I've checked to see what's running and I can't determine what's legitimate and what's not besides, I know that's not the only way to tell. Can anyone tell me what I should do? I suspect there's a key stroke logger on my computer and I really need to find out. It would have been put on remotely. Thanks in advance.Edit: Topic moved from Windows 7 to the more appropriate forum. ~ Animal

A:What is the best way to find out if there's a key stroke logger on my computer?

Hello annRunning these should help. The first MBAM may be a 1/2 hour,the ESET may be a few hours.Download MalwareBytes Anti-Malware to your desktop.Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.Click the Scan Now button, a threat scan will start automatically.MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.Your computer is now being scanned, please do not use your computer during the scan.If no threats were found, click View detailed log.Click Export and save the log as a .txt file on your Desktop or another location.If the scan detected any threats, click Apply Actions. To complete any actions taken you will be prompted to restart your computer...click on Yes.After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.Check the box next to Scan Log. Choose the most current scan and click View.Click Export and save the log as a .txt file on your Desktop or another location.Providing the MalwareBytes' Anti-Malware log fileAttach the log file you just saved to your next reply for further review.>>>ESET.Hold down Control and click on this link to open ESET OnlineScan in a new window.Click the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.Double click on the icon on your desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under scan settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.When the scan completes, click List ThreatsClick Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.Click the Back button.Click the Finish button.NOTE:Sometimes if ESET finds no infections it will not create a log.

http://www.bleepingcomputer.com/forums/t/564149/what-is-the-best-way-to-find-out-if-theres-a-key-stroke-logger-on-my-computer/
Relevancy 36.55%

In the last days I have logged into my online banking and had notifications that on Possible keystroke logger computer someone has tried to log into my account but have not gotten past my personal verification questions I have changed my password times now in those days the last Possible keystroke logger on computer password change was from a computer at work I have Possible keystroke logger on computer not had any other attempts shown when I log into my banking which I am now doing only from work I have run a scan on my home computers with the antivirus software Trend Micro and checked for malware with Malwarebytes I did this just prior to the last time I got the notification from my banking site that someone had tried to log in So does that mean I may have a keystroke logger on one of my home computers I am looking for programs to Possible keystroke logger on computer run to check my home computers other than the I have listed above I am not hugely computer savy but I can follow directions I would certainly like to be able to log into my banking from home without the worry about my password being misused The one glitch is that when I log into my banking I also have to answer a personal verification question if I had a keystroke logger on my computer would they not be able to get this along with my password I am confused and concerned Edit Moved topic from Windows to the more appropriate forum Animal

A:Possible keystroke logger on computer

As a precaution, you should also change your personal verification questions and answers.
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 

 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 

 
3.  Click Start Scan and allow the scan process to run.
 

 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 

 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
 

Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

http://www.bleepingcomputer.com/forums/t/557007/possible-keystroke-logger-on-computer/
Relevancy 36.98%

A couple of weeks ago, my ebay account was used by some hacker to purchase over $1400 worth of items using my paypal. I did notice right before then that I was on a public network (in my own home). I quickly changed it back to private and don't know how it became public (11 year old grandson, maybe). I have since stayed off the internet with that computer, changed passwords, and scanned with avast and malware bytes. 3 infections were found and removed.
When I look in my users file, I notice something called tech01 which was never there before. Two restore points were created for after all this happened.
I want to reformat my computer, but I am afraid something may now be infected in my documents and pictures. I also can't find my windows 7 product key. It was not taped to the side or bottom of my PC when I purchased it a year or so ago.
Any suggestions?

http://www.bleepingcomputer.com/forums/t/589474/key-logger-or-other-virus/
Relevancy 35.26%

I have tested latest Zemana Anti-Logger version under Windows 10 with CLT and AKLT.

Suprisingly, Zemana called out 0 (ZERO) alerts in both test applications.

CLT score is the same with Zemana as without it (Clean Windows 10 Pro x64).

Seems like they have released a graphic user interface and they lie to their users about Windows 10 support.

Why does Zemana mislead their users about Windows 10 support?

It does not work at all. I recall there was the same issue with Windows 8.1, and honestly I am afraid to check if they fixed it yet.













 

A:Zemana Anti-Logger doesn't work with Windows 10 even though it says it does

@ald4 Just tried out AKLT against Zemana AntiLogger Free and Zemana worked. No keystrokes captured during the test. Seems like free version works fine on Windows 10 (64-bit).

Regards,
Kardo
 

https://malwaretips.com/threads/zemana-anti-logger-doesnt-work-with-windows-10-even-though-it-says-it-does.48965/
Relevancy 36.12%

why do i get this error with zemana can someone post al ink for a 64bit windows edition please dnt link cnet or majorgeeks or brosoft as my internet blocks those sites for some reason
 

A:zemana anti logger error

Hello friend I had installed Zemana AntiLogger in Windows 7 64 bit, at first everything worked right, looked in desistalar a program and icon Zemana Antiloger was the following 2 days looked again and the icon was but nose looked good and the room or fifth day the installer would disappear, desistalar could not because it was not, I had to install an older version of Zemana Antiloger to desistalarlo as it should, because the same version error.Hace gave me much I did not use this issue.

I hope that useful to my experience.

Excuse my English, google translator.

VinDiesel.
Español.

Hola amigo yo tenía instalado Zemana Antilogger en Windows 7 64 bits,al principio todo funcionaba correcto,miraba en desistalar un programa y el icono de Zemana Antiloger estaba,los 2 dias siguientes miraba de nuevo y el icono estaba pero nose veia bien y al cuarto o quinto dia el instalador desaparecia,no se podia desistalar por que no estaba,tube que instalar una version anterior de Zemana Antiloger para poder desistalarlo como se debe,por que con la misma version me daba error.Hace mucho que no lo utilizo por este problema.

Espero que se a util mi experiencia.

Disculpa mi ingles,traductor google.

VinDiesel.
 

https://malwaretips.com/threads/zemana-anti-logger-error.34946/
Relevancy 40.85%

Hello everyone here at MalwareTips We are working on our web filter which will can help Filter block collect Let's Web ad/tracker - servers MHT to you to keep the trackers away and block ads Also it will stop malware from communicating with the C amp C server s if the domain name is already in our database We won t release technical details for now later hopefully within - weeks in an other thread So we want to make the ad tracker servers list completely community based We will include everything what you report after checking if it s appropriate So feel free to report as MHT Web Filter - Let's collect ad/tracker servers to block much domains as you want and we will check and add all appropriate ones How a report should look like Example Domain google-analytics com Domain googletagservices com Click to expand Example If you can please use this method this makes verifying easier Link google-analytics com analytics js Link googletagservices com tag MHT Web Filter - Let's collect ad/tracker servers to block js gpt js Click to expand If you want to reply just to ask about the software or the system behind it don t do it as we won t tell anything now Thank you for understanding Thanks for everyone who will help us Moderator note The only replies to this thread should be those reporting a domain using the provided examples amp above Use the CODE tags for long lists All other replies will be deleted including questions nbsp

A:MHT Web Filter - Let's collect ad/tracker servers to block

Code:

Domain:0638.info
Domain:2mdn.net
Domain:2o7.net
Domain:8digits.com
Domain:aadserving.com
Domain:adadvisor.net
Domain:adasist.com
Domain:adcash.com
Domain:adcater.com
Domain:adform.net
Domain:adfox.ru
Domain:adhood.com
Domain:adlure.net
Domain:admost.com
Domain:adnexio.com
Domain:adnxs.com
Domain:adobedtm.com
Domain:adocean.pl
Domain:adplxmd.com
Domain:adpozitif.com
Domain:adprotected.com
Domain:adrazzi.com
Domain:adroll.com
Domain:adrttt.com
Domain:ads1-adnow.com
Domain:ads2-adnow.com
Domain:adscale.de
Domain:adslidango.com
Domain:adsniper.ru
Domain:adtech.com
Domain:adtech.de
Domain:adzerk.net
Domain:affsnetwork.com
Domain:ajansreklam.net
Domain:alephd.com
Domain:amazon-adsystem.com
Domain:amplifinder.biz
Domain:amung.us
Domain:atemda.com
Domain:bambar.net
Domain:bbelements.com
Domain:beelert.com
Domain:betburdaaffiliates.com
Domain:bizographics.com
Domain:bkrtx.com
Domain:bluekai.com
Domain:bounceexchange.com
Domain:chango.com
Domain:chartbeat.com
Domain:clicktale.net
Domain:cmcore.com
Domain:connextra.com
Domain:contextweb.com
Domain:coremetrics.com
Domain:cpatrendreklam.com
Domain:crazyegg.com
Domain:creativecdn.com
Domain:criteo.com
Domain:criteo.net
Domain:crwdcntrl.net
Domain:cxense.com
Domain:da-ads.com
Domain:demdex.net
Domain:dimml.io
Domain:directrev.com
Domain:doubleclick.net
Domain:dtscout.com
Domain:effectivemeasure.net
Domain:en25.com
Domain:engageya.com
Domain:ero-advertising.com
Domain:escinteractive.com
Domain:etracker.com
Domain:exelator.com
Domain:faggrim.com
Domain:flashtalking.com
Domain:flix360.com
Domain:flixcar.com
Domain:flixfacts.com
Domain:hit.gemius.pl
Domain:getshar.es
Domain:gigya.com
Domain:go-mpulse.net
Domain:google-analytics.com
Domain:googleadservices.com
Domain:googlesyndication.com
Domain:gravityrd-services.com
Domain:happilyswitching.net
Domain:histats.com
Domain:hitgelsin.com
Domain:hotjar.com
Domain:ibillboard.com
Domain:ilividnewtab.com
Domain:indexww.com
Domain:infolinks.com
Domain:junbi-tracker.com
Domain:kiosked.com
Domain:kissmetrics.com
Domain:krxd.net
Domain:leetmedia.com
Domain:liftdna.com
Domain:ligatus.com
Domain:likebtn.com
Domain:linkz.net
Domain:liverail.com
Domain:m6r.eu
Domain:mads.com
Domain:madsone.com
Domain:marinsm.com
Domain:marketo.net
Domain:med4ad.com
Domain:mediaplex.com
Domain:medyanetads.com
Domain:metaffiliation.com
Domain:metrics34.com
Domain:mgid.com
Domain:mlstat.com
Domain:mobisla.com
Domain:mobytrks.com
Domain:msads.net
Domain:myswitchads.com
Domain:netaffiliation.com
Domain:netbookmedia.com
Domain:netmng.com
Domain:newrelic.com
Domain:nexage.com
Domain:nr-data.net
Domain:nuggad.net
Domain:oclaserver.com
Domain:oclasrv.com
Domain:omtrdc.net
Domain:onclasrv.com
Domain:onclickads.net
Domain:onlinewebstat.com
Domain:onlinewebstats.com
Domain:openx.net
Domain:optimizely.com
Domain:oringmedia.com
Domain:oroll.com
Domain:oxcdn.com
Domain:parsely.com
Domain:perfectaudience.com
Domain:petametrics.com
Domain:pingdom.net
Domain:pixenka.com
Domain:pmelon.com
Domain:popads.net
Domain:popmarker.com
Domain:pradma.com
Domain:prfct.co
Domain:promoviral.com
Domain:pub2srv.com
Domain:pubmatic.com
Domain:pxlad.io
Domain:qservz.com
Domain:quantserve.com
Domain:regadsgx.com
Domain:reklamaction.com
Domain:reklamalan.com
Domain:reklampazar.com
Domain:reklamport.com
Domain:reklamstore.com
Domain:reklamz.com
Domain:reviveservers.com
Domain:revsci.net
Domain:rubiconproject.com
Domain:sail-horizon.com
Domain:say.ac
Domain:sayyac.com
Domain:scarabresearch.com
Domain:scorecardresearch.com
Domain:segmentify.com
Domain:serve-sys.com
Domain:serving-sys.com
Domain:skinected.com
Domain:smaclick.com
Domain:smartadserver.com
Domain:sociomantic.com
Domain:sonobi.com
Domain:statcounter.com
Domain:strands.com
Domain:stroeerdigitalmedia.de
Domain:studads.com
Domain:struq.com
Domain:supert.ag
Domain:swbdds.com
Domain:tapfiliate.com
Domain:triggit.com
Domain:tynt.com
Domain:uzmanreklam.com
Domain:uzreklam.com
Domain:veeseo.com
Domain:virgul.com
Domain:visilabs.com
Domain:visilabs.net
Doma... Read more

https://malwaretips.com/threads/mht-web-filter-lets-collect-ad-tracker-servers-to-block.46693/
Relevancy 31.82%

Should I use Zemana Anti-Logger and Anti-Malware - I have a one year testing license
 

A:Should I use Zemana Anti-Logger and Anti-Malware - I have a one year testing license

Why not? You can give it a try with their 15-day trial.
Ever since I come to MT, I literally install and uninstall several of security software. Some of them I never heard of. E.g. EAM/EIS, Bitdefender, ESET, Webroot, NVT, Sandboxie etc...
That way I can find my best fit.
 

https://malwaretips.com/threads/should-i-use-zemana-anti-logger-and-anti-malware-i-have-a-one-year-testing-license.53640/
Relevancy 35.26%

I am using zemana antilogger from about an year and i love it.
I specialy like the intelliguard feature that blocks unknown files from execution

I recently came through a good review of spyshelter how it protects when all the big antivirus companies fail

Should i try spyshelter premium?
Is it better then zemana ?
 

A:Zemana Anti-Logger Paid vs Spyshelter Premium

It depends. Zemana is kinda a set and forget application. While Spyshelter is likely to make a lot popups similar to a HIPS.

If you like the 'quietness' of Zemana, then stay with it. If you don't mind having a lot popups and want to have a lot more control, then go with Spyshelter.

You can also get a trial of Spyshelter Premium and decide for yourself if it's something you like.

Have a good day.
 

https://malwaretips.com/threads/zemana-anti-logger-paid-vs-spyshelter-premium.50013/
Relevancy 31.39%

A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: Machine Check Exception
Error Type: Bus/Interconnect Error
Processor APIC ID: 2

The details view of this entry contains further information.

I run a Cyberpowerpc with an AMD FX(tm)-4130 Quad-Core Processor 3.80 GHz
I have WINDOWS 8.1 NOT 7, NOT 10, NOT VISTA, 8 EIGHT

https://social.technet.microsoft.com/Forums/en-US/aa124f1f-2d50-45ae-a4df-c71d38654082/oh-boy-problem-1-event-properties-event-18-whealogger?forum=w7itprohardware
Relevancy 30.96%

Many people have posted about Event 2 - Session "Circular Kernel Context Logger" failed to start with the following error: 0xC0000035.  I have not seen any posts where someone from Microsoft explained why this event occurs, why it occurs
in groups of 20 in about 10 seconds, how to prevent it, or whether it is something to be lived with.
Can anyone, especially someone from the NTdebugging team, a/k/a Global Escalation Services (GES), address this?
Thanks.

https://social.technet.microsoft.com/Forums/en-US/1c28d02c-184b-40f8-9f3f-b6bc50159000/microsoft-explanation-of-event-2-session-quotcircular-kernel-context-loggerquot-failed-to?forum=w7itproperf
Relevancy 35.26%

Hi, guys i have a slightly annoying problem related to zemana antilogger free, whenever i choose to restart my windows 10 machine will send me to this prompt

uninstalling zemana will fix this and my pc will restart normally, also tried zemana anti-logger trial version and i have the same problem, next i installed zemana ak free on a laptop with windows 10 and again same problem ... Can't find any information on the net and since so many people use zemana im the only one plagued by this issue ? Any thoughts ?

ps. windows 10 version is 10586.104
 

A:Zemana anti-logger free, restart issue w10

@Magusxd That is very strange, try excluding Zemana from other security products and exclude other security products from Zemana. This thread should be here: Troubleshooting Software - Questions and Help! Contact Zemana support: Support For AntiLogger Free or PM Zemana Staff here on MalwareTips: @TwinHeadedEagle and @iIda15

Other options:

Update your PC fully through Windows Update, DO NOT use any other clients as they may cause problems.

1.) Any applications I tell you to use (if any) are 100% safe - by following my instructions, it it completely at your own risk!

2.) Download CCleaner from this link which is the official website: http://download.piriform.com/ccsetup513.exe
3.) Run CCleaner:
Press the button and let it analyse your PC.
After it has analysed your PC press the button and let it finish.

4.) Restart your PC and see if there are any more problems
 

https://malwaretips.com/threads/zemana-anti-logger-free-restart-issue-w10.56433/
Relevancy 35.69%

Hello Everyone nbsp nbsp nbsp After searching for help another link took me here saying to post my problem nbsp My event viewer shows a repeating problem with Kernel-eventtracing nbsp The error is as follows ' The backing-file for reached its Logger maximum size. Kernel NT the real-time session quot NT Kernel Logger quot has reached its maximum size As a result new events will not be logged NT Kernel Logger reached its maximum size. to this session until space becomes available This error is often caused by starting a trace session in real-time mode without having any real-time consumers It's giving a warning and was told dismissively to just ignore it but it bothers me that I don't know what it is or why nbsp Thanks for any help Regards John - System - Provider Name Microsoft-Windows-Kernel-EventTracing NT Kernel Logger reached its maximum size. Guid B EC -BDB - -BC -F FDC D CA EventID Version Level Task Opcode Keywords x - TimeCreated SystemTime - - T Z EventRecordID Correlation - Execution ProcessID ThreadID Channel Microsoft-Windows-Kernel-EventTracing Admin Computer MAXXXX - Security UserID S- - - - EventData SessionName NT Kernel Logger ErrorCode LoggingMode Log Name nbsp nbsp nbsp nbsp nbsp Microsoft-Windows-Kernel-EventTracing Admin Source nbsp nbsp nbsp nbsp nbsp nbsp nbsp Microsoft-Windows-Kernel-EventTracing Date nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp PM Event ID nbsp nbsp nbsp nbsp nbsp Task Category Logging Level nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp Warning Keywords nbsp nbsp nbsp nbsp nbsp Session User nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp nbsp SYSTEM Computer nbsp nbsp nbsp nbsp nbsp MAXXXX Description The backing-file for the real-time session quot NT Kernel Logger quot has reached its maximum size As a result new events will not be logged to this session until space becomes available This error is often caused by starting a trace session in real-time mode without having any real-time consumers Event Xml lt Event xmlns quot link removed quot gt nbsp lt System gt nbsp nbsp nbsp lt Provider Name quot Microsoft-Windows-Kernel-EventTracing quot Guid quot B EC -BDB - -BC -F FDC D CA quot gt nbsp nbsp nbsp lt EventID gt lt EventID gt nbsp nbsp nbsp lt Version gt lt Version gt nbsp nbsp nbsp lt Level gt lt Level gt nbsp nbsp nbsp lt Task gt lt Task gt nbsp nbsp nbsp lt Opcode gt lt Opcode gt nbsp nbsp nbsp lt Keywords gt x lt Keywords gt nbsp nbsp nbsp lt TimeCreated SystemTime quot - - T Z quot gt nbsp nbsp nbsp lt EventRecordID gt lt EventRecordID gt nbsp nbsp nbsp lt Correlation gt nbsp nbsp nbsp lt Execution ProcessID quot quot ThreadID quot quot gt nbsp nbsp nbsp lt Channel gt Microsoft-Windows-Kernel-EventTracing Admin lt Channel gt nbsp nbsp nbsp lt Computer gt MAXXXX lt Computer gt nbsp nbsp nbsp lt Security UserID quot S- - - quot gt nbsp lt System gt nbsp lt EventData gt nbsp nbsp nbsp lt Data Name quot SessionName quot gt NT Kernel Logger lt Data gt nbsp nbsp nbsp lt Data Name quot ErrorCode quot gt lt Data gt nbsp nbsp nbsp lt Data Name quot LoggingMode quot gt lt Data gt nbsp lt EventData gt lt Event gt

https://social.technet.microsoft.com/Forums/en-US/85bae39f-e4d0-45d9-ae5d-0fc40b53ebc6/nt-kernel-logger-reached-its-maximum-size?forum=w7itproperf
Relevancy 34.83%

Zemana Anti-Logger Free/Paid Updates Thread.

Similar and informative threads:
Zemana False Positive Report Thread
Beta Release - Zemana Anti-Malware 2.0 BETA

Spoiler: To Staff.
Can this thread please be stuck to the top of this sub-forum?

 

https://malwaretips.com/threads/zemana-anti-logger-free-paid-update-thread.57637/
Relevancy 36.98%

How data The logger useful? Dataloggers Help the Aging Process In natural cheese making life begins at At least that s the temperature at which the aging process can occur However if temperature conditions aren t just right aging will not The data logger useful? occur the right way Mileese Cheese which makes naturally aged cheese and other dairy products wanted to ensure that temperature conditions are optimal for successful aging in its automated warehouse So along those lines the company set more than Elitech rc- hc dataloggers in various sections of the facility s block storage area quot We make natural cheese not processed cheese quot Chloesaid a maintenance technician at the Mileese plant quot Part of the care and effort that goes into the process is making sure that storage temperature conditions remain at a consistent If it s a little too warm the aging happens too fast If it s too cold the aging doesn t happen at all quot The cheese maker was having a problem with intermittent drops in temperature Airflow changes had been occurring depending on how empty or full the storage area was which in turn created areas that were too cold for proper aging Thus the cheese needed continuous temperature monitoring to pinpoint the cooler areas and then take corrective action Chloe first considered retrofitting the storage area with conventional temperature sensors But a more serious look at this approach suggested installing hard-wired temperature sensors at many points in the area would be extremely time-consuming and expensive quot Since the warehouse wasn t initially set up for sensors adding them after the fact would have taken months quot Instead Chloe decided to go the datalogger route The compact battery-powered devices continuously monitor temperature relative humidity light intensity and other environmental conditions These loggers also have external sensor inputs which expand the range of measurement options and applications Chloe said the loggers represented a quick and inexpensive fix to a critical climate control problem quot The great thing about using battery-powered dataloggers was that we could deploy them immediately and start looking at temperature across all the various areas that we were concerned with quot Chloe said quot We got everything set up within a few hours and the loggers started taking readings every six seconds quot After a day of collecting data Chloe was able to retrieve the data using a pager-sized device that offloads and stores the data from each logger and is then taken back to a PC where users collect the data and then graph and analyze it quot We were able to retrieve data from all the loggers in less than an hour quot After a quick scan of the data Chloe found a temperature difference between the lower and upper regions of the storage area To bridge this gap and create even temperature conditions Chloe installed two -inch high capacity fans to circulate air across the lower region of the storage area nbsp

https://forums.techguy.org/threads/the-data-logger-useful.1168692/
Relevancy 35.26%

Since I updated Windows 10 I have noticed a large number of warnings been generated in the Event log (34 in 1 hour)

A corrected hardware error has occurred.

Component: PCI Express Root Port
Error Source: Advanced Error Reporting (PCI Express)


Bus Device:Function 0x0:0x1C:0x4
Vendor ID Device ID 0x8086:0x9D14
Class Code: 0x30400

This seems to indicate a problem with the Intel PCI express root port. I've tried updating the relevant drivers but I still get the warnings.
I have a Toshiba Satellite P50-C-18L and it seems to be working OK.

Has anyone seen this before? Or know how to fix it?

https://forum.toshiba.eu/showthread.php?89762-Satellite-P50-C-18L-Warning-WHEA-logger-event-17-after-Win-10-update
Relevancy 36.98%

I may have acquired a key logger.  I have run scans including rootlets with Norton Power Scan and Malwarebytes with no detection.  However, when doing downloads from a site claiming to be Kindle support, PUPS show up, blocking the download.  Is this an infection or just a malicious site?  Is there a better scan program to use?  I may have been using a bad site for Kindle, although, Norton says it was safe.  The support site immediately said I had a virus and could be removed for $200.  They told me to go to a site, www.99mb.org or I would never be able to use my Kindle.  This site would allow them to get into my computer.  This left me in a fury.  It turns out that my trouble with Kindle was that the download I wanted was not available for 24 hours.

A:KEY LOGGER DETECTION

It could be both, however it looks like Norton blocked the download and as such the infection wouldn't have gotten to your computer.  The only sites you should be downloading anything kindle related from would be through amazon directly, or a library etc.  I'm not personally aware of any virus that can infect the kindle.

http://en.community.dell.com/support-forums/virus-spyware/f/3522/t/19670756
Relevancy 36.98%

Hi. I think my computer, activities on net are being monitored by another third person who is not authorized to. Please tell me how I can I be sure of it that my computer is not affected with key logger.

5 years back, I posted a same kind of post in this forum. And a generous man told me to install hijackthis and paste report of hijack this.

Help to restore my privacy...

Thank you.
 

https://forums.techguy.org/threads/help-me-detect-key-logger.1170860/
Relevancy 31.82%

Hello, I own an elitebook 8540w:

Windows 7 professional 64 bit
NVIDIA QUADRO FX 1800M
RAM: 8 Gb

I have noticed some daily hang up - lasting about 30 seconds: the only thing that seemed to work was the mouse pointer.
From the event viewer I see so many events like this:


Quote:




Event 17, WHEA-Logger

A corrected hardware error has occurred.

Component: PCI Express Root Port
Error Source: Advanced Error Reporting ( PCI Express)

Bus:Device:Function: 0x0:0x3:0x0
Vendor ID:Device ID: 0x8086:0xd138
Class Code: 0x30400

The details view of this entry contains further information.




Attached are the lines of the event viewer of those events.

Fix it please.
Thank you.

A:Why so many: "Event 17, WHEA-Logger" errors and Hang ups!

Hello,

You might start with some hardware tests:

RAM - Test with Memtest86+ - Windows 7 Forums

Run all three Prime95 tests: CPU - Stress Test with Prime95 - Windows 7 Forums

http://www.techsupportforum.com/forums/f299/why-so-many-event-17-whea-logger-errors-and-hang-ups-568787.html
Relevancy 35.26%

I would like to know the list of event IDs logged in event logger when blue screen occurred. Event 41 is one of the event logged when I try to create manual crash. I need all the complete possible event ID list when the blue screens occurs.

OS is Win7 32 bit and Vista 32bit.

A:Detect blue screen occurance in Event Logger

There is no standard set of Event IDs for BSODs. Event ID 41 is not always related to a BSOD. 41 may appear if a Live Kernel Event occurs as well.

BSODs may not always be recorded by the Event Viewer logs if catastrophic hardware failure involved.

Sometimes, the Event Viewer logs will record 6008 -

Code:
The previous system shutdown at 9:58:56 PM on 8/31/2010 was unexpected.
Try these 2 places for additional information -

1. WERCON -
START | type view | "View all Problem Reports" | 2x-click on line item for additional crash info

2. Reliability Monitor -
START | type perfmon /rel

Regards. . .

jcgriff2

`

http://www.techsupportforum.com/forums/f299/detect-blue-screen-occurance-in-event-logger-534090.html
Relevancy 35.69%

Hi all first time poster why these? WHEA-Logger heat issues getting - Also, I am events on here - after all my years online I can't believe I've not come across this site before but when searching for solutions to my current problem explained below I found myself here so here goes I've just performed a clean re-install of Windows on my laptop and it seems to be running well but I would like to know what these entries are which I am seeing in the Event Viewer WHEA-LOGGER event A fatal hardware error has occurred Reported by component Processor Core Error Source Machine Check Exception Error Type Unknown Error Processor ID The details view of this entry contains further information I have seen a few of these when searching on this site but none relating to the above What is this error actually telling me Seeing as everything seems to be running normally then I am confused by this I'm wondering if it was anything to do with overheating This laptop Acer Aspire gets VERY hot and the fan seems to be going constantly My temps aren't great but it's my GPU temperature which is alarming I have had no freeze-ups and the system seems to be running at a decent speed but ideally I want to get these temperatures down so the unit is not so hot I am even using one of those laptop stands with a built-in fan but it appears WHEA-Logger events - why am I getting these? Also, heat issues to make little difference as who knows maybe it would run even faster if it was not so hot I've had the back cover off and the fan is clearly visible but also just as clearly it is not clogged with dust and nor are my vents so I am stumped on this one So basically is anyone able to offer any advice on a the WHEA-Logger error in the Windows event viewer and b how I can cool this thing down Cheers Alex

A:WHEA-Logger events - why am I getting these? Also, heat issues

High temps on most of the stuff - but it's not critically high.
If you live in a house without air conditioning in Norfolk, VA, USA this is probably normal due to the high temps and humidity at this time of year. If it's Norfolk in the UK, then that probably isn't the case.

Try aiming a house fan into the open case to see if that brings the temps down. If it does, then you'll need more work on airflow and fans within your case. A long time ago I got a 3? C decrease by putting a blowhole and fan in the top of my case.

The WHEA-Logger error is mentioning a Machine Check Exception. This is an error that's transmitted by your CPU to Windows. They're not easy to debug, but you can figure them out. Have a look at this post for some things to check: http://www.sevenforums.com/crash-loc...-what-try.html

Also, use this link to check your software and hardware for compatibility issues: http://www.microsoft.com/windows/com...s/default.aspx

http://www.techsupportforum.com/forums/f299/whea-logger-events-why-am-i-getting-these-also-heat-issues-494506.html
Relevancy 36.98%

Can someone recommend me a free software that can monitor / log an installation? I need to know what changes / files a program has done to my system, so I can manually remove everything if necessary.

I know there are lots of options on the web, but I only found low quality, there must be something good for this purpose that experts always use, right?

A:install logger

Hey Pampolin,
I don't consider myself an expert but i'm pretty sure that even if you manually remove all of the applications requirements, the install still remains in the registry (hence the word "install"). To my understanding, installers don't just copy a bunch of files, the program is put into the registry aswell.
Hope this helped,
Mattraff

http://www.techsupportforum.com/forums/f10/install-logger-865226.html
Relevancy 41.71%

Hey Team I am not to sure if this would be the right place to seek help for my issue neways GUYS i am time Idle tracker having a hard time in my organization there is a new application installed on every employees system which is Idle time tracker known as the quot time tracker quot NOw the concern is that if you do not touch the keyboard or the mouse for min it counters a idle time and then adds up to my break time i do not have admin rights to research on it and also my tried effort went in vain I created autorefresh java html script it did not work it refreshed but did not help in idle time Tried website redirect again disappointment it redirects but again did not help in idle time i would be GLAD can you guys can help me find a solution to over come the idle time OS- winxp sp i have restrictions as i am on domain group policy

A:Idle time tracker

Hi and welcome to TSF

I guess, in this day in age, be thankful you have job. I guess the "boss" expects you work since he/they are paying you.

What you are asking we can't help. You basically asking for a work around a
restriction that has been placed on you PC or a requirment of the employer.

Please take the time to review our rules again, they can be found here in case you missed it:

http://www.techsupportforum.com/rules.php

Closing this post.

BG

http://www.techsupportforum.com/forums/f10/idle-time-tracker-471292.html
Relevancy 36.12%

HEY
is there a way to log installs in xp or any other OS for that matter?.
in other words if I download a program from the internet say acrobat, or winzip, etc. is there a way to log all the places and files it puts on my computer in the reg and windows folder. It sure would be nice to really uninstall a program by manually removing all the junk a program uninstall utility that it normally comes with it that dosen't really uninstall all of the little bits it leaves behind.

Thanks
ZZ

A:program install logger software?

Search on Installation Monitor, there are hundreds of apps. Microsoft even has one:
http://www.microsoft.com/downloads/d...DisplayLang=en
Should work on XP as well as 2K, but I wouldn't bet on Vista/Win7.

I haven't used any since Windows 95/98 era, so can't recommend any one in particular.

http://www.techsupportforum.com/forums/f10/program-install-logger-software-424579.html
Relevancy 36.12%

My dual boot XP32/54 machine's event logger service will not start on the x64 system (works fine on the 32 bit version). You can't start the service, and get Error 2 or something like that. Likewise, when you try to view the logs with event viewer, it says the interface is not valid. Trying to view the logs with a shareware program reveals the logs to be empty. A 1 hour+ Google search reveals no real help on restoring the event logger service, just hints of problems with the registery.

Any suggestions or inputs on diagnostics or fixes appreciated!

A:WinXPx64 Event Logger Service is a no go

Here is a more detailed description for everyone

Drilling down through MyComputer to the Error Reporting window shows error reporting as enabled, and both Windows and Programs checked.

Deleting the existing log files had no impact on the problem.

In Component Services, clicking the START button for Event Log generates the error message "Could not start the Event Log service on Local Computer. Error 2: The system cannot find the file specified."

Trying to read the logs via the Event Viewer generates the error message "Unable to complete the operation on 'Application'. The interface is unknown." In the Event Viewer on the right pane, it says "There are no items to show in this view". This is true for all the logs. The logs are clearly visible when you look for them in Windows Explorer.

Note that this is a dual boot machine, and the XP32 system does not have this problem. Right now it is a minor annoyance in that it is preventng a newly installed program from running, plus I'd like to know why the service will not start and run. If it is a virus, it is a very obscure one. I have the x64 system protected by Avast, and then run Kaspersky on both partitions from the XP32 system, so I don't think that someone has taken the time to write a 64 bit virus that disables the Event Viewer, but I guess you can never tell.

http://www.techsupportforum.com/forums/f10/winxpx64-event-logger-service-is-a-no-go-367528.html
Relevancy 42.14%

Hi, I was wondering if any has heard of a facebook tracker that allows you to see what people have viewed your profile, and if it is out there what are the steps to get it? thanks.

Keith

A:Facebook Tracker

im almost 100% sure there is no such thing. you might be able to see the ips of the people but i dont htink so.

http://www.techsupportforum.com/forums/f10/facebook-tracker-137791.html
Relevancy 36.98%

Hi, is there such a program in existence as a connection logger? I only want something simple and basic that could log my online time in hours and minutes. And also include the times of dial-up connections and disconnections.

I have a 4 hour session limit with my ISP, but had to re-dial 8 times today in 9 hours. This is not uncommon, and I would like some sort of proof to show them.

I've phoned them about this issue previously, but they keep telling me I have spyware on my computer when I dont. They are not answering their phone this week, and are not returning calls either. Any help would be appreciated, thanks.

A:Connection Logger?

Look this over

http://www.counterslab.com/

...and this

http://www.download.com/Internet-Con...-10235839.html

http://www.techsupportforum.com/forums/f10/connection-logger-113664.html
Relevancy 36.12%

I use my laptop in a network and I suspect someone installed a keylogger in my pc. I want to know how to detect if someone is spying what I do in my pc? I run hickjackthis and have a log to check. Can anybody help me find out if such a program is installed in my pc? Thank you.

A:How do I find if a Key logger or spyware is installed in my pc?

Hello sweeper47, Keyloggers are meant to be hard to find and don't usually appear in Programs and Features. It is your pc, is it your network? It probably would show up in AutoRuns. Why don't you have the guys at TSF Virus/Trojan/Spyware Help section have a look at your system. They've got some pretty slick programs to uncover anything and are pros at it. Here's the link.
http://www.techsupportforum.com/f50/...lp-305963.html

then go here:
http://www.techsupportforum.com/f50/

http://www.techsupportforum.com/forums/f217/how-do-i-find-if-a-key-logger-or-spyware-is-installed-in-my-pc-370244.html
Relevancy 41.28%

Hi,

I'm looking for a simple Windows Vista desktop software that runs in the background that just keeps a log of the time that my laptop is on and running. I just want something to track the number of hours I work each day. I don't need to keep track of the tasks. And I don't want to have to turn on and turn off the program -- I want it to be completely automatic (but not a memory hog).

I've searched download.com. But all the software there seems quite complicated (ie, it requires me to enter in tasks, etc). Perhaps I searched the wrong thing (I searched "desktop time tracker").

Does anyone know of anything like this?

Thanks for the advice.

A:Looking for simple time tracker software

Hi, in XP it used to tell you "system uptime" now it records only "system boot time" still you can easily work out how long you have been on. Go to start accessories and right click on command prompt select "run as administrator" at the prompt type:- systeminfo press enter

http://www.techsupportforum.com/forums/f217/looking-for-simple-time-tracker-software-334151.html
Relevancy 36.55%

Ive been seeing this error alot in my event logs Im not sure whats causing the problem I do overclock but error still 19 Error WHEA-Logger exists even after I default bios settings I have ran memtest and windows vista memory diagnostics with no errors found Any insight would be greatly appreciated A corrected hardware error occurred Error Source Corrected Machine Check Error Type Memory Hierarchy Error Processor ID Valid Yes Processor ID x Bank Number Transaction Type N A Processor Participation N A Request Type N A Memory Io N A Memory Hierarchy Level Level Timeout N A - lt Event xmlns quot http schemas microsoft WHEA-Logger Error 19 com win events event quot gt WHEA-Logger Error 19 - lt System gt lt Provider Name quot Microsoft-Windows-WHEA-Logger quot Guid quot c c f c- f - e - f a- cfed quot gt lt EventID gt lt EventID gt lt Version gt lt Version gt lt Level gt lt Level gt lt Task gt lt Task gt lt Opcode gt lt Opcode gt lt Keywords gt x lt Keywords gt lt TimeCreated SystemTime quot - - T Z quot gt lt EventRecordID gt lt EventRecordID gt lt Correlation ActivityID quot CFD C FA-E - A A-B - C F A quot gt lt Execution ProcessID quot quot ThreadID quot quot gt lt Channel gt System lt Channel gt lt Computer gt Cosmos lt Computer gt lt Security UserID quot S- - - quot WHEA-Logger Error 19 gt lt System gt - lt EventData gt lt Data Name quot ApicIdValid quot gt lt Data gt lt Data Name quot ApicId quot gt x lt Data gt lt Data Name quot MCABank quot gt lt Data gt lt Data Name quot MciStat quot gt x e e lt Data gt lt Data Name quot MciAddr quot gt x lt Data gt lt Data Name quot MciMisc quot gt x lt Data gt lt Data Name quot ErrorType quot gt lt Data gt lt Data Name quot TransactionType quot gt lt Data gt lt Data Name quot Participation quot gt lt Data gt lt Data Name quot RequestType quot gt lt Data gt lt Data Name quot MemorIO quot gt lt Data gt lt Data Name quot MemHierarchyLvl quot gt lt Data gt lt Data Name quot Timeout quot gt lt Data gt lt Data Name quot Length quot gt lt Data gt lt Data Name quot RawData quot gt lt Data gt lt EventData gt lt Event gt

A:WHEA-Logger Error 19

Your error suggests that your computer components are overheating. Maybe an overclocked competent was damaged and can now not cool itself properly. Can you go into the BIOS or use some sort of program that will tell you the tempetures of components inside your PC and post them? Also please attach a system information file or a DxDiag file so I know what the system is. go HERE for info on how to make a system info file.

UPDATE: I really need to go to bed and will continue helping you tomorrow.

http://www.techsupportforum.com/forums/f217/whea-logger-error-19-a-329444.html
Relevancy 36.55%

I have an interesting problem:

I want to use a trainer for a game I'm playing. It's the only one I've been able to find but my antivirus is saying there's a key logger imbedded in it or some other kind of spyware.

If I run the trainer from a sandbox program, will it prevent the spyware from infecting my system?

A:Preventing key logger from running

I'd just not run it at all to be on the safe side. Yes you probably can get away with it using a sandbox program but, why take the risk? I'm sure there are plenty more programs like it that aren't infected.

http://www.techsupportforum.com/forums/f112/preventing-key-logger-from-running-578671.html
Relevancy 36.98%

Hi all I've recently been hacked on my WoW account and while the GM managed to recover my stuff i am certain my computer still has a key logger hidden somewhere in it after changing my acc details on a secure PC i managed to log in to my account to punch in a GM ticket after playing for a few hrs i logged off suspected pc logger on WoW key yesterday i tried to log in using that same new acc details and it said pw error somehow the acc info i typed in the WoW login screen were logged and sent to the hacker i ran a ESET NOD antivirus program but it found nothing then i decided to dl AVG but it hung twice at the WINDOWS or system folder it didnt crash but suspected WoW key logger on pc it got stuck on the same folder i have no idea which suspected WoW key logger on pc file exactly for suspected WoW key logger on pc about mins which is peculiar so i restarted the com then i dled HijackThis but i have no idea how to use it i am using vista but when i right click the icon theres no 'run as admin' button that pops out if i double click it and press scan a popup tells me for some reason the system is denying HijackThis access to the hosts file when i click 'Analyze this' it opened a tab in my IE i was writing this post and my IE hung This is the second time im writing this so after clicking 'analyze this' for a second time i clicked save log it told me log does not exist do u want to create new log i clicked yes and typed in hijackthis log as the file name and clicked save then it popped out a box that said could not find hijackthis log do u want to create a new log file at the same time a blank notepad file popped up i clicked yes and nothing happened when i checked the trendmicro folder for the log it was no where to be seen what the hell i have attached jpg files containing screenshots of the scan since i cant get the log total there are parts please help with this problem guys

Relevancy 36.98%

Hi I have just found out today that my credit card details have been stolen and suspect that I may have a keylogger or other spyware on my system I have run DDS results key logger Suspected below and attached but gmer did not run correctly I think because I have Win bit Gmer only scanned my hard Suspected key logger drive and files no processess etc and did not return any problems Thanks in advance for your help DDS txt posted below DDS Ver - - - NTFSX Run by Neil at on Internet Explorer Microsoft Windows Professional GMT SP Spybot - Search and Destroy enabled Updated ED FAF- B F- B -ACA - E C DADBE SP SUPERAntiSpyware disabled Updated A C- - e- F- E AC DA Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system nvvsvc exe C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system rundll exe C Windows system svchost exe -k NetworkService C Program Files Alwil Software Avast AvastSvc exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files x Common Files Maxtor Schedule schedhlp exe C Program Files x Lexmark Series LXDGMON EXE C Program Files x Lexmark Series LXDGAMON EXE C Program Files x Spybot - Search amp Destroy TeaTimer exe C Program Files Windows Sidebar sidebar exe C Program Files x Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Windows system taskhost exe C Program Files Alwil Software Avast setup avast setup C Program Files x Common Files Logitech LComMgr Communications Helper exe C Program Files x Common Files Logitech LComMgr LVComSX exe C Windows system taskeng exe C Program Files x Acer OrbiCam OrbiCam exe C Windows system taskeng exe C Program Files x PC Tools Firewall Plus FirewallGUI exe C Program Files x Maxtor MaxBlast MaxBlastMonitor exe C Program Files x Google Update GoogleUpdate exe C Program Files x Maxtor MaxBlast TimounterMonitor exe C Program Files x Seagate SeagateManager FreeAgent Status stxmenumgr exe C Program Files Alwil Software Avast AvastUI exe C Program Files x Adobe Reader Reader reader sl exe C Program Files x Common Files Java Java Update jusched exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system agr svc exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Program Files x Seagate SeagateManager Sync FreeAgentService exe C Program Files x Google Update GoogleUpdate exe C Windows system lxdgcoms exe C Program Files x Common Files Maxtor Schedule schedul exe C Program Files x Google Update GoogleUpdate exe C Program Files x PC Tools Firewall Plus FWService exe C Program Files Macrium Reflect ReflectService exe C Windows system svchost exe -k imgsvc C Program Files x Spybot - Search amp Destroy SDWinSec exe C Windows system SearchIndexer exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Synaptics SynTP SynTPHelper exe C Users Neil Desktop dds scr C Windows system conhost exe C Windows system wbem wmiprvse exe Pseudo HJT Report uSearch Page hxxp uk rd yahoo com customize ycomp defaults sp http uk yahoo com uStart Page hxxp ar intl acer yahoo com mLocal Page c windows syswow blank htm uSearchURL Default hxxp uk rd yahoo com customize ycomp defaults su http uk yahoo com BHO Lexmark Toolbar a c- f - -a d-edd ac f - c program files lexmark toolbar toolband dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files x common files adobe acrobat activex AcroIEHelperShim dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c program files x microsoft office office GrooveShellExtensions dll BHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files x google... Read more

Relevancy 37.41%

I have a guy that is key logging me and I have the port he is running on and ip address. How do i block it? I have a verizon actiontec router and I tried to block it from there but im not sure how

Relevancy 37.41%

DDS Ver - - - NTFSx Run by Rasmus at on - - Internet Explorer Microsoft Windows XP Home Edition GMT AV ESET NOD Antivirus On-access scanning enabled Updated E E D - - F - FB -D ACA F C Running Processes C WINDOWS system nvsvc exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Bonjour mDNSResponder exe C Program ESET ESET NOD Antivirus ekrn exe C WINDOWS system PnkBstrA exe C WINDOWS system PnkBstrB exe C WINDOWS system svchost exe -k imgsvc C Program Lavasoft Ad-Aware AAWService exe C WINDOWS Explorer EXE C Program Java a key-logger, think i :) help some need have j re bin jusched exe C WINDOWS RTHDCPL EXE C WINDOWS system RUNDLL EXE C Program Lavasoft Ad-Aware AAWTray exe C Program ESET ESET NOD Antivirus egui exe C Program iTunes iTunesHelper exe C Program Windows Live Messenger msnmsgr exe C Program DAEMON Tools daemon exe C Program Mozilla Firefox firefox exe C Program iPod bin iPodService exe C WINDOWS System svchost exe -k HTTPFilter C Program Windows Live Contacts wlcomm exe C WINDOWS system wuauclt exe C Program uTorrent uTorrent think i have a key-logger, need some help :) exe C Documents and Settings Rasmus Skrivbord dds scr Pseudo HJT Report uStart Page hxxp www apberget se uInternet Settings ProxyOverride local BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program delade filer adobe acrobat activex AcroIEHelperShim dll BHO Windows Live inloggningshj lpen d - c - abf- ecc- c - c program delade filer microsoft shared windows live WindowsLiveLogin dll uRun msnmsgr quot c think i have a key-logger, need some help :) program windows live messenger msnmsgr exe quot background uRun DAEMON Tools quot c program daemon tools daemon exe quot -lang mRun SunJavaUpdateSched c program java j re bin jusched exe mRun RTHDCPL RTHDCPL EXE mRun SkyTel SkyTel EXE mRun Alcmtr ALCMTR EXE mRun nwiz nwiz exe install mRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInit mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartup mRun Ad-Watch c program lavasoft ad-aware AAWTray exe mRun egui quot c program eset eset nod antivirus egui exe quot hide waitservice mRun Adobe Reader Speed Launcher quot c program adobe reader reader Reader sl exe quot mRun QuickTime Task quot c program quicktime QTTask exe quot -atboottime mRun iTunesHelper quot c program itunes iTunesHelper exe quot dRun CTFMON EXE c windows system CTFMON EXE IE Add to Google Photos Screensa amp ver - c windows system GPhotos scr IE FB F -F - d -BB E- C F - c program messenger msmsgs exe IE B E C - FCB- CF-AAA - C - B E C - FCB- CF-AAA - C DPF AD C - E- D -B E - F D - hxxp java sun com products plugin autodl jinstall- -windows-i cab DPF CAFEEFAC- - - -ABCDEFFEDCBA - hxxp java sun com products plugin autodl jinstall- -windows-i cab AppInit DLLs c docume rasmus lokala temp mxx dll FIREFOX FF - ProfilePath - c docume rasmus applic mozilla firefox profiles v x owo default FF - prefs js browser search defaulturl - hxxp search conduit com ResultsExt aspx ctid CT amp SearchSource amp q searchTerms FF - prefs js browser search selectedEngine - The Pirate Bay Customized Web Search FF - prefs js keyword URL - hxxp search conduit com ResultsExt aspx ctid CT amp SearchSource amp q FF - component c documents and settings rasmus application data mozilla firefox profiles v x owo default extensions a fa -d - b - b- c ecabdb components FFExternalAlert dll FF - plugin c documents and settings rasmus application data mozilla firefox profiles v x owo default extensions battlefieldheroespatcher ea com platform winnt x -msvc plugins npBFHUpdater dll FF - plugin c program google picasa npPicasa dll FF - plugin c program java j re bin NPJava dll FF - plugin c program java j re bin NPJava dll FF - plugin c program java j re bin NPJava dll FF - plugin c program java j re ... Read more

A:think i have a key-logger, need some help :)

Hi and welcome to TSF.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so.




Combofix
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

Please read all the information carefully!

You MUST disable your AntiVirus and AntiSpyware applications - please read this thread as a guide. They may otherwise interfere with our tools and interrupt the cleansing process.

Please include the log C:\ComboFix.txt in your next reply for further review.

http://www.techsupportforum.com/forums/f50/think-i-have-a-key-logger-need-some-help-423159.html
Relevancy 36.55%

I work in a network and the laptop I use is suspected having a keylogger This morning when I turn it on I only saw a blank screen and everythin in my desktop was gone I verified I login with my user ID and that was correct so I shutdown and started again This time all the icons were there and I also verified that the userid was the same I am trying to find out if the owner of the company have put a tracking or key logger device in my laptop I am sending the information as requested and also i attach the file needed to check Thank you for helping me pc? Key a spyware in or Is installed logger my there find out if my laptop has a bug in it DDS Ver - - - NTFSx Run by vav at on Sat Internet Explorer Microsoft Windows Vista Business GMT - AV Symantec Endpoint Protection On-access scanning enabled Updated FW Symantec Endpoint Protection enabled Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Is there a Key logger or spyware installed in my pc? Windows system svchost exe -k rpcss C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system AUDIODG EXE C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows RtkAudioService exe C Program Files Symantec Symantec Endpoint Protection Smc exe C Windows system svchost exe -k NetworkService C Program Files Common Files Symantec Shared ccSvcHst exe C Windows system WLANExt exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files Bonjour mDNSResponder exe C Program Files Cisco Systems VPN Client cvpnd exe C Program Files Intel WiFi bin EvtEng exe C Program Files Common Files InterVideo RegMgr iviRegMgr exe C Program Files Google Update GoogleUpdate exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Common Files Intuit QuickBooks QBCFMonitorService exe C Program Files Common Files Intel WirelessCommon RegSrvc exe C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C Program Files Sony VAIO Media plus SOHCImp exe C Program Files Sony VAIO Media plus SOHDms exe C Program Files Sony VAIO Media plus SOHDs exe C Windows system svchost exe -k imgsvc C Program Files Symantec Symantec Endpoint Protection Rtvscan exe C Program Files Sony VAIO Event Service VESMgr exe C Program Files Sony VAIO Power Management SPMService exe C Program Files Common Files Sony Shared VAIO Content Folder Watcher VCFw exe C Windows system DllHost exe C Program Files Sony VCM Intelligent Analyzing Manager VcmIAlzMgr exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Program Files Sony VAIO Event Service VESMgrSub exe C Windows system DRIVERS xaudio exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exe C Windows system WUDFHost exe C Windows system DllHost exe C Windows system igfxext exe C Windows system igfxsrvc exe C Windows system wbem wmiprvse exe C Windows system taskeng exe C Windows system taskeng exe C Program Files Sony VAIO Power Management SPMgr exe C Windows system taskeng exe C Program Files Sony VAIO Care VCsystray exe C Program Files Sony VAIO Update VAIOUpdt exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Symantec Symantec Endpoint Protection SmcGui exe C Windows System igfxpers exe C Program Files Synaptics SynTP SynTPEnh exe C Windows system igfxsrvc exe C Program Files Sony ISB Utility ISBMgr exe C Program Files Sony VAIO Wireless Wizard AutoLaunchWLASU exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Adobe Acrobat Distillr acrotray exe C Windows System rundll exe C Program Files Google Quick Search B... Read more

A:Is there a Key logger or spyware installed in my pc?

Can anyone with this problem answer to this post? Thank you.

http://www.techsupportforum.com/forums/f50/is-there-a-key-logger-or-spyware-installed-in-my-pc-370341.html
Relevancy 31.82%

Q Quick question - I did a full scan Microsoft Security Essentials on my other computer and I found a program called Simda A on it I removed it with MSE and it said that the process was complete see pictures However Internet Browser Key-logger + General Questions + Simda.A "ads" after reading on Microsoft's page about this program it said it is a key-logging program Thus I want to make sure it is completely gone Can I trust MSE that it is completely wiped off my computer Q Another issue that I have is Simda.A Key-logger + Internet Browser "ads" + General Questions with my internet browsers I do use Firefox and IE With Firefox I have AdBlock Plus installed The issue is that I get an ad down in the right corner on Simda.A Key-logger + Internet Browser "ads" + General Questions almost every page and it usually goes a little something like this quot How many squares do you see in the picture quot see picture This one I can cross out however it usually comes back There is also another one sometimes which I cannot cross out picture underneath and another one that has got a transparent background and some text which I do not have a picture of Q Also when I am browsing something in a tab the tab gets taken over by another page occasionally redirecting me to a site called GamezTour -- gt Link gameztour com Norway index php ver pacman amp offer id amp N aff id amp transaction id dbfaf f f dadb e amp source TextAds amp aff sub S S CPA NONincentive amp aff sub amp aff sub amp aff sub amp aff sub NO I broke up the link above just in case I do not know whether Q and Q are related or if Q is related to any of the other If someone knows about this stuff and can come with some pointers to help me with this problem I'd appreciate that very much For all I know these internet browser things can be really easy to get rid of They are just very annoying for a person who always is careful with content on the internet and who does not go and click on unessesary stuff on the internet Neither do I use P P programs either Thank you Steria

A:Simda.A Key-logger + Internet Browser "ads" + General Questions

Hi Seria,

Q1: No, we cannot be sure that MSE removed everything and we cannot be sure that I will be able to remove everything this trojan left behind. Because a backdoor trojan can potentially allow a hacker access to your computer, we don't know what else might have been installed. That would be the worst case scenario. However, it is likely we can clean you up.

Q2: This is likely an infection. It may or may not be related to the trojan that MSE found.

Q3: Same as Q2.

Unfortunately, even the most careful people get infected. Let me know if you would like to proceed with the cleaning process.

-NT

http://www.techsupportforum.com/forums/f284/simda-a-key-logger-internet-browser-ads-general-questions-646234.html
Relevancy 36.12%

My e-mail key Need identity logger, being help stolen cleansing and old WoW accounts have already been hacked using two different passwords I have never shared with anyone They have already tried to get into my credit card accounts Clearly someone has used a key logger to find these passwords as there is no other way they could have gotten them Unfortunately I lack the computer knowledge to find and destroy these malicious programs Please help my entire identity is in danger of being stolen DDS Ver - - - NTFSx Run by Administrator at Need help cleansing key logger, identity being stolen on Wed Internet Explorer BrowserJavaVersion Microsoft Windows Vista Home Premium GMT - SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Need help cleansing key logger, identity being stolen Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system nvvsvc exe C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system nvvsvc exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C Windows system PnkBstrA exe C Windows system PnkBstrB exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Comcast Desktop Doctor bin sprtsvc exe C Program Files NVIDIA Corporation D Vision nvSCPAPISvr exe C Windows system svchost exe -k imgsvc C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Need help cleansing key logger, identity being stolen Windows system taskeng exe C Windows system taskeng exe C Windows system Dwm exe C Windows system wbem wmiprvse exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows RtHDVCpl exe C Program Files Logitech QuickCam Quickcam exe C Program Files Adobe Reader Reader reader sl exe C Program Files Common Files Java Java Update jusched exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Users Billy Chambers Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com ig uInternet Settings ProxyOverride lt local gt BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO Skype add-on for Internet Explorer ae - e c- ed - f b-f f a - c program files skype toolbars internet explorer skypeieplugin dll BHO WOT Helper c e a- f - e -bdd -a e feb - c program files wot WOT dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll TB WOT - d- c -aae - f ec bf d - c program files wot WOT dll TB EA- A- B-ADF - D E CC - No File uRun Google Update quot c users billy chambers appdata local google update GoogleUpdate exe quot c mRun Windows Defender ProgramFiles Windows Defender MSASCui exe -hide mRun RtHDVCpl RtHDVCpl exe mRun LogitechQuickCamRibbon quot c program files logitech quickcam Quickcam exe quot hide mRun ddoctorv quot c program files comcast desktop doctor bin sprtcmd exe quot P ddoctorv mRun googletalk c program files google google talk googletalk exe autostart mRun Adobe Reader Speed Launcher quot c program files adobe reader reader Reader sl exe quot mRun Adobe ARM quot c program files common files adobe arm AdobeARM exe quot mRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot StartupFolder c users billyc appdata roaming micros windows startm programs startup logite lnk - c program files logitech quickcam eReg exe mPolicies-explorer BindDirectlyToPropertySetStorage x mPolicies-system EnableLUA x mPolicies-system EnableUIADesktopToggle x IE EA C -E... Read more

A:Need help cleansing key logger, identity being stolen

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

Nothing suspicious was found on your DDS log.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: A guide and tutorial on using ComboFix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.

How to : Disable Anti-virus and Firewall...
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click on ComboFix.exe & follow the prompts.When finished, it will produce a report for you.
Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs


For AVG antivirus and anti-spyware security software users only.

Quote:




Due to recent changes in AVG and how it interacts with CF, AVG must be uninstalled to run ComboFix. You will get a message from CF stating such.

If AVG will not uninstall, it is first recommended to uninstall it with this AppRemover by Opswat. The AVG uninstaller can be downloaded from here > AppRemover.exe Go to their homepage and you will see they have support for removal of other AV's as well AVG appremover tool.




I would also like to see the results of this security scan.

Please run this security check for my review.

Download Security Check by screen317 from here or here.Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

http://www.techsupportforum.com/forums/f284/need-help-cleansing-key-logger-identity-being-stolen-566059.html
Relevancy 42.14%

Hi,sorry for multi-posting,i did not realise that messages cannot be deleted, this is the actual post for my problem(ignore other posts by me). I received a few friend requests from an official well known chat group. These requests are being send through by its official site to my hotmail.However there are notices that pop ups when i clik accept the friend requests.These notices seek for my permission to allow access to my DNS,keyboard and mouse. I do not know whether my computer is infected. I need help in removing these tracking programs juz to make sure the information in my computer is safe.Thanks

http://www.techsupportforum.com/forums/f284/help-in-removing-dns-tracker-496721.html
Relevancy 37.41%

Hi all I downloaded Hijack this to see if I perhaps? Key logger may have a key logger I currently have avast and windows firewall My username and passwords for games are changing frequently and I have been Key logger perhaps? recommended to come to here for some advice on my hijackthis log Code Key logger perhaps? Logfile of Trend Micro HijackThis v Scan saved at on Key logger perhaps? Platform Unknown Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x Creative Shared Files CTAudSvc exe D InstallationFiles Avast aswUpdSv exe D InstallationFiles Avast ashServ exe C Program Files x Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files x Bonjour mDNSResponder exe C Windows SysWOW PnkBstrA exe C Program Files x NVIDIA Corporation D Vision nvSCPAPISvr exe C Program Files Logitech GamePanel Software Applets LCDMedia exe D InstallationFiles Avast ashMaiSv exe D InstallationFiles Avast ashWebSv exe D InstallationFiles Avast ashDisp exe D InstallationFiles Razer razerhid exe C Windows SysWOW Ctxfihlp exe D InstallationFiles Adobe CS Acrobat Acrobat acrotray exe D InstallationFiles Razer razerofa exe C Windows SysWOW CTXFISPI EXE D InstallationFiles iTunes iTunesHelper exe C Program Files x Windows Media Player wmplayer exe D InstallationFiles Digsby lib digsby-app exe D InstallationFiles Digsby lib aspell bin aspell exe D InstallationFiles Steam Steam exe C program files x ncsoft launcher NCLauncher exe D InstallationFiles Mozilla Firefox firefox exe C Program Files x Windows Live Mail wlmail exe C Program Files x Windows Live Contacts wlcomm exe C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - BHO ContributeBHO Class - C DC - - A A- D-C C - D InstallationFiles Adobe CS Adobe Contribute CS contributeieplugin dll O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - D InstallationFiles Microsoft Office Office GrooveShellExtensions dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - BHO SmartSelect - F EE -DAA - - - D EE A - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - Toolbar Contribute Toolbar - BDDE -E A - -B E- B B FC - D InstallationFiles Adobe CS Adobe Contribute CS contributeieplugin dll O - HKLM Run avast quot D InstallationFiles Avast ashDisp exe quot O - HKLM Run DeathAdder D InstallationFiles Razer razerhid exe O - HKLM Run CTxfiHlp CTXFIHLP EXE O - HKLM Run AdobeCS ServiceManager quot C Program Files x Common Files Adobe CS ServiceManager CS Service... Read more

http://www.techsupportforum.com/forums/f284/key-logger-perhaps-458314.html
Relevancy 36.98%

Mod edit Post copied from General Security thread - http www techsupportforum com f er- html I hope I did this right fyi everytime I left my husband alone with my computer I would come home and the screen would be blue and screwed logger Spouse/key up then I put a password on the computer DDS Ver - - - NTFSx at on Tue Internet Explorer Microsoft Windows XP Professional GMT - Running Spouse/key logger Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe svchost exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Symantec LiveUpdate AluSchedulerSvc exe C WINDOWS system CTsvcCDA EXE C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PifSvc exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C PROGRA NORTON NORTON NPROTECT EXE C WINDOWS system nvsvc exe C PROGRA NORTON NORTON SPEEDD NOPDB EXE svchost exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system Tablet exe C Program Files Viewpoint Common ViewpointService exe C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C WINDOWS system dllhost exe C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C WINDOWS Explorer EXE C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C WINDOWS system wscntfy exe C WINDOWS System spool Spouse/key logger DRIVERS W X E FATI SA EXE C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PifSvc exe C Program Files QuickTime Spouse/key logger qttask exe C WINDOWS system nvraidservice exe C Program Files Norton SystemWorks Basic Edition NswUiTray exe C Program Files Common Files LogiShrd LComMgr Communications Helper exe C Program Files iTunes iTunesHelper exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files iPod bin iPodService exe C WINDOWS System spool DRIVERS W X E FATI SA EXE C WINDOWS ehome ehtray exe C Program Files Ahead ODD Toolkit DVDTray exe C Program Files CyberLink PowerDVD DVDLauncher exe C WINDOWS system dla tfswctrl exe C WINDOWS CTHELPER EXE C Program Files Creative Sound Blaster X-Fi DVDAudio CTDVDDET EXE C WINDOWS System svchost exe -k HTTPFilter C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C WINDOWS eHome ehmsas exe C program files logitech quickcam quickcam exe C WINDOWS system wbem unsecapp exe C Program Files Picasa PicasaMediaDetector exe C Program Files Shutterfly Studio BIN SFlyStudio exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Messenger msmsgs exe C WINDOWS system ctfmon exe C Program Files AIM aim exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Nikon NkView NkvMon exe C WINDOWS system WTablet TabUserW exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files AIM aolsoftware exe C WINDOWS system wuauclt exe C Program Files WD WD Anywhere Backup MemeoBackup exe C Documents and Settings Amanda Hessel Desktop dds scr Pseudo HJT Report uStart Page hxxp www karavita com uSearch Bar hxxp www google com ie uSearch Page hxxp www google com uLocal Page blank htm uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp sourceid ie amp rls com microsoft en-US amp ie utf amp oe utf uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp www google com ie uURLSearchHooks AOLMAILTBSearch Class e -b fe- de- aea- a d cd - c program files aol email toolbar aolmailtb dll mURLSearchHooks AOLMAILTBSearch Class e -b fe- de- aea- a d cd - c program files aol email toolbar aolmailtb dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ... Read more

http://www.techsupportforum.com/forums/f284/spouse-key-logger-456218.html
Relevancy 34.4%

DDS Ver - - - NTFSx Run by Cheryl L Jackson at on Wed Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV COMODO Antivirus On-access scanning enabled Updated A - F - ef -AFC -F E A B AV Norton Internet Security On-access scanning enabled Outdated E A - - -B - C C F FW COMODO Firewall enabled A - F - ef -AFC -F E A B FW Norton Internet Security keyboard processes slow Suspect logger rogue a causing or installer enabled C A C -F F- AC -B -A E C F Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C Program Files COMODO COMODO Internet Security cmdagent exe C WINDOWS system svchost exe -k netsvcs C WINDOWS Explorer EXE svchost exe svchost exe C WINDOWS system spoolsv Suspect a rogue installer or keyboard logger causing slow processes exe svchost exe C WINDOWS system netdde exe C WINDOWS system HPConfig exe C Program Files HPQ Notebook Utilities HPWirelessMgr exe C Program Files Java jre bin jqs exe C WINDOWS System svchost exe -k imgsvc C WINDOWS system Pen Tablet exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C WINDOWS System dmadmin exe C WINDOWS system WTablet Pen TabletUser exe C WINDOWS system Suspect a rogue installer or keyboard logger causing slow processes Pen Tablet exe C Program Files Canon CAL CALMAIN exe C Program Files Common Files Real Update OB realsched exe C PROGRA HPQ ONE-TO OneTouch EXE C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C WINDOWS system carpserv exe C Program Files Dell Photo AIO Printer dlcxmon exe C Program Files Java jre bin jusched exe C Program Files COMODO COMODO Internet Security cfp exe C WINDOWS system ctfmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files NETGEAR WG v WG v exe C WINDOWS system dlcxcoms exe C WUTemp Movie dds scr Pseudo HJT Report uSearchMigratedDefaultURL hxxp search live com results aspx q searchTerms amp src referrer source uStart Page hxxp www motherjones com mSearch Bar hxxp red clientapps yahoo com customize ie defaults sb ymsgr http www yahoo com ext search search html mWindow Title Windows Internet Explorer provided by Comcast mSearchAssistant hxxp www shopnav com search search html mCustomizeSearch BHO D -C F - efb- B - ECA - No File BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO BAB B B- BC- B - D - FC DE A - No File BHO AF DE - D - -B FA-CE B AD D - No File BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll TB B EAC - D - B E- B -A C A A - No File TB F EAB - - D D-AAB - DBD FDC B - No File TB D A - D - D - - E A - No File TB CDD BF- FFB- - AD - DF B D - No File uRun ctfmon exe c windows system ctfmon exe uRun Aim uRun SpybotSD TeaTimer c program files spybot - search amp destroy TeaTimer exe mRun TkBellExe c program files common files real update ob realsched exe -osboot mRun srmclean c cpqs scom srmclean exe mRun Display Settings c program files hpq notebook utilities hptasks exe s mRun QT HPOT c progra hpq one-to OneTouch EXE mRun Cpqset c program files hpq default settings cpqset exe mRun AdaptecDirectCD quot c program files roxio easy cd creator directcd DirectCD exe quot mRun Microsoft Works Update Detection c program files common files microsoft shared works shared WkUFind exe mRun UserFaultCheck systemroot system dumprep -u mRun CARPService carpserv exe mRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun dlcxmon exe quot c program files dell photo aio printer dlcxmon exe quot mRun MemoryCardManager mRun FaxCenterServer quot c program files dell pc fax fm exe quot s mRun ISUSPM Startup quot c program files common files installshield updateservice isuspm exe quot -startu... Read more

http://www.techsupportforum.com/forums/f284/suspect-a-rogue-installer-or-keyboard-logger-causing-slow-processes-412661.html
Relevancy 36.55%

Hey My boyfriend knows details about my life which i only talked about in IM's and maby some in emails I did AVG and SPYBOT S amp D friend think my I a Help! boy Logger!!! installed Key Scans Help! I think my boy friend installed a Key Logger!!! but i have found nothing I noticed a SQL database thing running in Help! I think my boy friend installed a Key Logger!!! my task bar It was started and there was a box indicating to start on every system reboot I disabled the WINDOWS SQL database through the windows tray Here is my hi jack this LOG Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS ehome ehtray exe C WINDOWS RTHDCPL EXE C Program Files Launch Manager LaunchAp exe C Program Files Launch Manager PowerKey exe C Program Files Launch Manager HotkeyApp exe C Program Files Launch Manager OSDCtrl exe C Program Files Launch Manager Wbutton exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Acer Empowering Technology admtray exe C Acer Empowering Technology eDataSecurity eDSloader exe C Acer Empowering Technology eRecovery Monitor exe C WINDOWS VM STI EXE C Program Files Common Files LogiShrd LComMgr Communications Helper exe C Program Files Logitech QuickCam Quickcam exe C Program Files iTunes iTunesHelper exe C Program Files Windows Live Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files HP Digital Imaging bin hpqimzone exe C DOCUME STEPHA LOCALS Temp RtkBtMnt exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C Acer Empowering Technology admServ exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgnsx exe C Program Files Bonjour mDNSResponder exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C Program Files Microsoft SQL Server MSSQL MICROSOFTSMLBIZ Binn sqlservr exe C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system wbem wmiapsrv exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files iPod bin iPodService exe C WINDOWS system dllhost exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C WINDOWS eHome ehmsas exe C WINDOWS System svchost exe C Program Files AVG AVG avgui exe C Program Files AVG AVG avgscanx exe C Program Files AVG AVG avgcsrvx exe C Program Files Internet Explorer iexplore exe C Program Files Windows Live Toolbar wltuser exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Internet Explorer iexplore exe C WINDOWS regedit exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll file missing O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Sea... Read more

A:Help! I think my boy friend installed a Key Logger!!!

Hello and welcome to TSF.

Apologies for the delay in response. If you haven?t received help elsewhere already and still require assistance, please post the logs requested in our pre-posting process outlined below:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please note that the forum is very busy and if I don?t hear from you in three days this thread will be closed.

http://www.techsupportforum.com/forums/f284/help-i-think-my-boy-friend-installed-a-key-logger-364129.html
Relevancy 36.55%

My WoW account has been hacked twice this week I ran spy bot programs to no avail My computer is booting extremely slow and takes forever to get to any webistes Forgive me I am not a computer expert Any help is appreciated Thank you in advance ------------------------------------------------------------------------ Windows XP Verion Service Pack ------------------------------------------------------------------------ DDS Version - NTFSx Run by john at on Sat Microsoft Windows XP Professional GMT - hacked....do account WoW I got a logger? have key Running Processes C WINDOWS system svchost -k WoW account got hacked....do I have a key logger? DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe WoW account got hacked....do I have a key logger? C WINDOWS system spoolsv exe C WINDOWS system nvsvc exe C WINDOWS Explorer EXE C Program Files Apoint Apoint exe C WINDOWS system pctspk exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files Common Files Symantec Shared ccSvcHst exe C WoW account got hacked....do I have a key logger? Program Files Apoint Apntex exe C Program Files Internet Explorer iexplore exe C Documents and Settings john Desktop dds com Pseudo HJT Report uStart Page hxxp www google com uSearch Page hxxp www google com uSearch Bar hxxp www google com ie mDefault Search URL hxxp www google com ie mSearch Page hxxp www google com mStart Page hxxp www google com mSearchAssistant hxxp www google com mWinlogon Userinit c windows system userinit exe BHO CA F - F E- B -A E- E E C C - c program files avg avg avgssie dll uRun ctfmon exe c windows system ctfmon exe mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartup mRun Apoint c program files apoint Apoint exe mRun PCTVOICE pctspk exe mRun nwiz nwiz exe installquiet mRun SunJavaUpdateSched quot c program files java jre bin jusched exe quot mRun ccApp quot c program files common files symantec shared ccApp exe quot StartupFolder c docume alluse startm programs startup d-link lnk - c program files d-link airplus AirPlus exe IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger msmsgs exe IE B E C - FCB- CF-AAA - C - CAFEEFAC- - - -ABCDEFFEDCBC - c program files java jre bin ssv dll IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger msmsgs exe SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - c windows system WPDShServiceObj dll SERVICES DRIVERS R ccEvtMgr Symantec Event Manager quot c program files common files symantec shared ccSvcHst exe quot h ccCommon - - R ccSetMgr Symantec Settings Manager quot c program files common files symantec shared ccSvcHst exe quot h ccCommon - - S mferkdk VSCore mferkdk c program files mcafee virusscan enterprise mferkdk sys S wowsystemcode Remote TCP IP c windows system svchost exe -k netsvcs - - Created Last - - a------- c windows gmer ini - - a------- c windows system S EVNT DLL - - a------- c windows system drivers SYMEVENT SYS - - a------- c windows system drivers SYMEVENT CAT - - a------- c windows system drivers SYMEVENT INF - - lt DIR gt --d----- c program files Symantec - - lt DIR gt --d----- c windows system scripting - - lt DIR gt --d----- c windows l schemas - - lt DIR gt --d----- c windows system en - - lt DIR gt --d----- c windows ServicePackFiles - - lt DIR gt --d----- c windows system appmgmt - - lt DIR gt --d----- C c a a a ce a c - - lt DIR gt --d----- c windows system bits - - -------- c windows system bitsprx dll - - lt DIR gt --d-h--- C AVG VAULT - - lt DIR gt --d----- c docume alluse applic avg - - a------- c windows system mucltui dll - - a------- c windows system mucltui dll mui - - a------- c windows ini - - a------- c windows syscheck - - a------- c windows wininit ini - - lt DIR gt --d----- c docume alluse applic Symantec - - lt DIR gt --d----- c pro... Read more

A:WoW account got hacked....do I have a key logger?

Hello Cooz_Jr,

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

http://www.techsupportforum.com/forums/f284/wow-account-got-hacked-do-i-have-a-key-logger-320704.html
Relevancy 35.26%

First of all I would like to say hello and I'm really glad I found ex program Another one: logger boyfriend spyware/keystroke installed this forum While I am experienced in other hobby forums I apologize in advance if this question is asked almost daily I tried to search and read Another one: ex boyfriend installed spyware/keystroke logger program through quite a few posts but couldn't seem to find anything relating to the problem I know each forum has it's own culture as well as do's and don'ts so I hope I am not breaking any of them I did read that I need to post a quot hijack this quot log However I am at home and my girlfriends computer is at her house at the moment I will be sure to post that tomorrow So here is the story My girlfriend has a laptop that she believes has some sort of program on it that is is allowing her ex boyfriend to monitor what she is doing Because of this she has been afraid to use it for the past two years I want to help her find and remove whatever is on it I will try to be as brief as possible In the past her ex had been dumb enough to show her that he was able to monitor all of his sons computer activity using what I believe was some sort of keystroke logger although she doesn't know enough about computers to know what exactly it was In addition this guy had a friend who worked with computers for one of the local law enforcement agencies and he was the one who installed it It surprises me but shady people seem to be able to work almost anywhere I don't know whether they installed some generic program they acquired online or whether this guy was good enough to install a more powerful tool that he had access to She does know that this ex boyfriend was able to check her email and computer activity even after changing her passwords almost weekly As a test she wrote a fake email for court that was made to look like a letter to law enforcement and the FBI but she never sent it She placed it in a draft box instead Sure enough the next time she was in court this ex boyfriend was citing this email and claiming she was making threats to law enforcement about him but did not seem to be aware that she never actually sent it All of this was done after she moved out The letter was also written on another computer from another house with a different ISP So I don't know whether what he installed was tracking her emails passwords or computer itself While briefly looking at it tonight for the first time I did find that it was set up for remote access and wondered if that had something to do with it While I am fairly capable with computers I don't know much about software of this nature and would really appreciate any help or guidance in this matter I did think of just replacing the hard drive and reinstalling windows but another problem for her is that she believes there are passworded documents and zipped files on it that would help her in other matters I don't want to spill her story on the web but he was a part of some shady business deals as well where he eventually attempted to place the blame on her So far he has been able to rack up debt on her and forged her signature in order to take her house away which has worked so far The matter still has not made it's way to court so she wants to keep whatever information that may be on the laptop in case it helps her in the matter So this is sort of a two pronged issue She would like to find and keep this data All I could come up with so far was to try a quot brute force attacker quot to crack these passwords although I know nothing about them and don't know which program is reputable I thought about backing her hard drive up on my external before wiping her computer but don't know anything about these programs I wouldn't want to infect my computer obviously I commend you if you have made it through this long post I realize there are many questions here so if anyone was willing to offer advice for even one of them I would greatly appreciate it She is a wonderful per... Read more

http://www.techsupportforum.com/forums/f284/another-one-ex-boyfriend-installed-spyware-keystroke-logger-program-280338.html
Relevancy 36.98%

Hey guys I thought I got this trojan off my pc but unfortunately it is still here I get pop ups from windows firewall saying the key logger is accessing the internet but the firewall can do nothing about it BTW avast found the trojan when I scanned in safe mode and deleted it but it is still here Please help Here is the Hijack report Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files ASUS Ai Suite CpuLevelUpHookLaunch exe C Program Files x ASUS AASP aaCenter exe C Program Files x Enigma Software Group SpyHunter Spyhunter exe C Program Files ASUS Ai Suite CpuLevelUpHook exe C Program Files x GameSpy Comrade Comrade exe C ProgramData UtilAplCmd Malware Key Logger yjqlcdcl exe C Program Files x Analog Key Logger Malware Devices Core smax pnp exe C Key Logger Malware Program Files x Analog Devices SoundMAX SoundTray exe C Program Files ASUS Ai Suite AiNap AiNap exe C Program Files ASUS Ai Suite AiGear CpuPowerMonitor exe C Program Files ASUS Ai Suite CpuLevelUpHelp exe C Program Files x SAMSUNG FW LiveUpdate FWManager exe C Program Files x iTunes iTunesHelper exe C Program Files Alwil Software Avast ashDisp exe C Program Files x Mozilla Firefox firefox exe C Windows sysWow SearchProtocolHost exe C Program Files x Internet Explorer IEUser exe C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page www google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - HKLM Run SoundMAXPnP C Program Files x Analog Devices Core smax pnp exe O - HKLM Run SoundTray quot C Program Files x Analog Devices SoundMAX SoundTray exe quot O - HKLM Run Ai Nap quot C Program Files ASUS Ai Suite AiNap AiNap exe quot O - HKLM Run CPU Power Monitor quot C Program Files ASUS Ai Suite AiGear CpuPowerMonitor exe quot O - HKLM Run Cpu Level Up help C Program Files ASUS Ai Suite CpuLevelUpHelp exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files x Adobe Reader Reader Reader sl exe quot O - HKLM Run RoxWatchTray quot C Program Files x Common Files Roxio Shared SharedCOM RoxWatchTray exe quot O - HKLM Run Name of App quot C Program Files x SAMSUNG FW LiveUpdate FWManager exe quot r O - HKLM Run QuickTime Task quot C Program Files x QuickTime QTTask exe quot -atboottime O - HKLM Run AppleSyncNotifier C Program Files x Common Files Apple Mobile Device Support bin AppleSyncNotifier exe O - HKLM Run iTunesHelper quot C Program Files x iTunes iTunesHelper exe quot O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun O - HKCU Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter O - HKCU Run Comrade exe C Program Files x GameSpy Comrade Comrade exe O - HKCU Run BgMonitor E - C C- d f- C - D A B AA quot C Program Files x Common Files Ahead Lib NMBgMonitor exe quot O - HKCU Run ehTray exe C Windows ehome ehTray exe O - HKCU Run lphca j el m C Windows system lphca j el... Read more

A:Key Logger Malware

Name: Trojan-Spy.Win32.KeyLogger.aa

Another one named: Trojan-Spy.HTML.Bankfraud.dq

Whichever error I get it links me to buy some antispyware programs.

That is the message the windows firewall tells me. It just detects activity of harmful software.

http://www.techsupportforum.com/forums/f284/key-logger-malware-279299.html
Relevancy 34.83%

Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe sure key Pretty too a was have my fiancee's of keylog world i logger account warcraft C WINDOWS system svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe Pretty sure i have a key logger too my fiancee's world of warcraft account was keylog C WINDOWS system LVCOMSX EXE C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C WINDOWS Pretty sure i have a key logger too my fiancee's world of warcraft account was keylog system RUNDLL EXE C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system ctfmon exe C Program Files DNA btdna exe C WINDOWS system rundll exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Microsoft Small Business Business Contact Manager BcmSqlStartupSvc exe C Program Files CA eTrust EZ Armor eTrust EZ Antivirus ISafe exe C WINDOWS system CTsvcCDA exe C WINDOWS system lxddcoms exe C WINDOWS system nvsvc exe c Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe C Program Files CA eTrust EZ Armor eTrust EZ Antivirus VetMsg exe C WINDOWS system MsPMSPSv exe C PROGRA Yahoo MESSEN ymsgr tray exe C WINDOWS System svchost exe C Program Files Ventrilo Ventrilo exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run nwiz nwiz exe install O - HKLM Run LVCOMSX C WINDOWS system LVCOMSX EXE O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run CTXFIREG CTxfiReg exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKCU Run Power GoExpress C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - HKCU Run LogitechSoftwareUpdate quot C Program Files Logitech Video ManifestEngine exe quot boot O - HKCU Run LDM C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - HKCU Run Yahoo Pager quot C PROGRA Yahoo MESSEN YAHOOM EXE quot -quiet O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run msnmsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run... Read more

http://www.techsupportforum.com/forums/f284/pretty-sure-i-have-a-key-logger-too-my-fiancees-world-of-warcraft-account-was-keylog-252769.html
Relevancy 35.69%

For security I run McAfee Security Suite Spybot S amp D and Ad-Aware Often McAfee real-time scanning and email IM scanning gets disabled Was unable to open certain web pages from within IE intermittant Possible password hijacking from key logger Possible toolbar corruption I have updated Java and deleted temp files amp cookies and followed the steps installing software detected; disables; logger Trojans possible key McAfee as needed Panda Active scan and Kapersky revealed Trojans that McAfee did not pick up Software run Panda Activescan DSS ComboFix Kapersky scanner Logs to follow Thank you for your generous help Deckard's System Scanner v Run by RJ Garrett on Trojans detected; McAfee disables; possible key logger - - Computer is in Normal Mode -------------------------------------------------------------------------------- Backed up registry hives Performed disk cleanup Percentage of Memory in Use more than Total Physical Memory MiB MiB recommended -- HijackThis run as RJ Garrett exe ------------------------------------------ Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Boot Trojans detected; McAfee disables; possible key logger mode Normal Running processes C WINNT System smss exe C WINNT system csrss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass Trojans detected; McAfee disables; possible key logger exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System svchost exe C WINNT system hidserv exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c program files common files mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee mcproxy mcproxy exe C WINNT Explorer EXE c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C PROGRA McAfee MPS mps exe c PROGRA mcafee com agent mcagent exe C WINNT system regsvc exe C WINNT system MSTask exe C WINNT system stisvc exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C Program Files McAfee MPS mpsevh exe C WINNT system pctspk exe C Program Files eBay eBay Toolbar eBayTBDaemon exe C Program Files TrojanHunter THGuard exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Internet Explorer iexplore exe C PROGRA TRENDM HIJACK RJ Garrett exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Comcast F - REG system ini UserInit C WINNT system userinit exe C WINNT system ntos exe O - BHO no name - D -C F - EFB- B - ECA - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO eBay Toolbar Helper - D E - A E- DFB- E-AAB F BD - C Program Files eBay eBay Toolbar eBayTB dll O - BHO Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - C PROGRA COMCAS COMCAS DLL O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptcl dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dl... Read more

A:Trojans detected; McAfee disables; possible key logger

This is not a bump, but an edit (The edit box is gone). I have gone back over my McAfee logs for previous problems.

Trojans previously found by McAfee: Malformed Archive, Backdoor-AWQ (quarantined and removed), Trojan-Spy.Win (quarantined), New.Malware.hi (locked recycler nprotect), VTool/rych (can not be completely removed)

Viruses/trojans found by Kapersky: Trojan-Downloader.Win32.Agent.avz, catchme 2007_12_29 (quarantined)

Questions:
How can you rid your system completely of quarantined viruses?
As we go through the steps, can you give me a BRIEF explanation as to what that step will do for future reference?

Thank you very much.

http://www.techsupportforum.com/forums/f284/trojans-detected-mcafee-disables-possible-key-logger-206806.html
Relevancy 36.55%

Hi guys,

I have noticed recently while starting my computer a message appear windows default installer and there is something installing....I scan my pc and here are the results:

1 invisible key logger
C:\Documents and Settings\Administrator\LocalSettings\Temp\WZSE0.tmp

5 adware.chiem.b

hkey_current_user\software\microsoft\windows\curre
ntversion\internetsettings\3p3\history\linksynergy.com\\
ntversion\internetsettings\3p3\history\fastclick.net\\
ntversion\internetsettings\3p3\history\commission_junction.com\\
ntversion\internetsettings\3p3\history\blast.com\\

but cannot clean them, they are reappearing

and I am using mozilla, but internet explorer is opening by itself all the time

A:adware and key logger problem

I have followed the five steps and here is the log

main.txt:

Deckard's System Scanner v20070905.67
Run by Administrator on 2007-09-07 12:18:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
54: 2007-09-07 00:18:32 UTC - RP158 - Deckard's System Scanner Restore Point
53: 2007-09-06 09:12:09 UTC - RP157 - Installed Ad-Aware 2007
52: 2007-09-05 0556 UTC - RP156 - Installed AVG 7.5
51: 2007-09-05 04:26:40 UTC - RP155 - Removed Kaspersky Anti-Virus 7.0.
50: 2007-09-04 04:45:47 UTC - RP154 - Installed Kaspersky Anti-Virus 7.0.


-- First Restore Point --
1: 2006-10-08 19:18:08 UTC - RP105 - Unsigned driver install


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 447 MiB (512 MiB recommended).


-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:56, on 2007.09.07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Samurai] "C:\Program Files\Samurai\Samurai.exe" samurai.dat
O4 - HKLM\..\... Read more

http://www.techsupportforum.com/forums/f284/adware-and-key-logger-problem-179437.html
Relevancy 36.12%

At the botom youll find my HJTHIS log Also this is what SPYBOT found Should I Panic or not Please if anyone can put some light on this How to find the files logs if there are any Thanks keylogger Company Next Generation Count Product NGC PC amp Internet Monitor Threat Keylogger Company product URL http www nextgen dk Functionality Monitors keystrokes internet activity applications Description Stealth sends log by email or file network NGC PC amp Internet Monitor NGC PC amp Internet Monitor Root class Registry key nothing done HKEY LOCAL MACHINE Software Classes LockX Lock NGC PC amp Internet Monitor Class ID Registry key nothing done HKEY LOCAL MACHINE Software Classes CLSID E E-E - D - B D- F A C NGC PC amp Internet Monitor Interface Lock Registry key nothing done HKEY LOCAL MACHINE Software Classes Interface B D- - CFC-A C-D EAE E NGC PC amp Internet Monitor Interface Lock Registry key nothing done HKEY LOCAL MACHINE Software Classes Interface B FACD- C C- A- B - C NGC PC amp Internet Monitor Type library LockX Registry key nothing done HKEY LOCAL MACHINE Software Classes TypeLib Logger Panic not or NGC ?? I & Internet - PC Monitor Should E C-E - D - B D- F A C

A:Should I Panic or not ?? Logger - NGC PC & Internet Monitor

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:40:16, on 03.04.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Alati\Zashtita\Nod32\nod32krn.exe
C:\Alati\Perfect Disk\PDAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Alati\Logitech\iTouch\iTouch.exe
C:\Alati\Zashtita\Nod32\nod32kui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Dizajn\PDF\Print2PDF\PrnPack.exe
C:\Link\DUmeter\DUMeter.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Alati\TClock\tclock.exe
C:\Link\Skype\Phone\Skype.exe
C:\Link\Trillian\trillian.exe
C:\Link\mIRC\mirc.exe
C:\Media\Winamp\winamp.exe
C:\Alati\totalcmd\TOTALCMD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
c:\Link\Download\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\dizajn\pdf\Acrobat Reader\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Alati\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Alati\Zashtita\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PrintPack dispatcher] "C:\Dizajn\PDF\Print2PDF\PrnPack.exe" /server
O4 - HKLM\..\Run: [DU Meter] C:\Link\DUmeter\DUMeter.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: tclock.lnk = C:\Alati\TClock\tclock.exe
O8 - Extra context menu item: Download with GetRight Pro - C:\Link\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Link\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} ... Read more

http://www.techsupportforum.com/forums/f284/should-i-panic-or-not-logger-ngc-pc-and-internet-monitor-148490.html
Relevancy 35.69%

Please find my hijack log below i found a few nasty key loggers malwares on my machine can you please help and Malware logger key - HDP trojans attack hack take a look at the log below to advice if i have any more key loggers monitors or logger on my machine How can i tell if some one is connected HDP - Malware trojans key logger hack attack to my HDP - Malware trojans key logger hack attack machine remotely monitoring activity Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT HDP - Malware trojans key logger hack attack MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C WINDOWS System svchost exe C AdventNet ME OpUtils jre bin javaw exe C AdventNet ME OpUtils firebird bin fbserver exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Xerox One Touch OneTouchMon exe C Program Files Java jre bin jusched exe C PROGRA Grisoft AVGFRE avgcc exe C Program Files ATI Technologies ATI HYDRAVISION HydraDM exe C Program Files PowerISO PWRISOVM EXE C Program Files QuickTime qttask exe C Program Files Filseclab xfilter xfilter exe C Program Files Messenger msmsgs exe C Program Files MSN Messenger msnmsgr exe C Program Files Common Files Filseclab FilMsg exe C WINDOWS system NOTEPAD EXE C Program Files Internet Explorer IEXPLORE EXE C PROGRA YAHOO COMPAN INSTALLS cpn YTBSDK exe C WINDOWS System notepad exe C WINDOWS System cmd exe C WINDOWS System cmd exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Spybot - Search amp Destroy SpybotSD exe C Program Files Yahoo NSS NSS exe D installation HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Search URL http uk rd yahoo com customize ie arch yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Page http uk rd yahoo com customize ie arch yahoo com R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS System NvMcTray dll NvTaskbarInit O - HKLM Run OneTouch Monitor quot C Program Files Xerox One Touch OneTouchMon exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run SmcService C PROGRA Sygate SPF Smc exe -startgui O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run HydraVisionDesktopManager C Program Files ATI Technologies ATI HYDRAVISION HydraDM exe O - HKLM Run PWRISOVM EXE C Program Files PowerISO PWRISOVM EXE O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run Athan C Program Files Athan Athan exe O - HKLM Run KeyStone Version Control C Program Files Keystone Learning MeasureUp cdtpUpdater exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run PaperPort PTD C Program Files Scansoft PaperPort pptd nt exe O - HKLM Run IndexSearch C Program Files Scansoft PaperPort IndexSearch exe O - HKLM Run XFILTER quot C Program Files Filseclab xfilter xfilter exe quot -a O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot backgro... Read more

http://www.techsupportforum.com/forums/f284/hdp-malware-trojans-key-logger-hack-attack-138919.html
Relevancy 34.83%

I am massively under attack and seemed to have unknown connection to my machine with key loggers Please find below my hijack log I need help to make sure i don t have any malicious ware on my machine Is their any way to make sure i don t have a connection from a hacker on to my machine Would you recomment any software to monitor the current connections I have got Fileclab as a fire wall and trojan/ with malware unknown remote Infected access logger. key / previously used sygate firewall Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINXP System smss exe C WINXP system winlogon exe C WINXP system services exe Infected with trojan/ malware unknown remote access / key logger. C WINXP system lsass exe C WINXP System Ati evxx exe C WINXP system svchost exe C Program Files Sygate SPF smc exe C WINXP System svchost exe C WINXP system spoolsv exe C Program Files Grisoft AVG Anti-Spyware guard exe C Program Files CA SharedComponents iTechnology igateway exe C Program Files CA eTrustITM InoRpc exe C Program Files CA eTrustITM InoRT exe C Program Files CA eTrustITM InoTask exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINXP System PGPsdkServ exe C Program Files CA eTrustITM eaps exe C WINXP Explorer EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files CA eTrustITM realmon exe C Program Files Filseclab xfilter xfilter exe C Program Files SysTree SysTree exe C Program Files Grisoft AVG Anti-Spyware avgas exe C WINXP System ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Common Files Filseclab FilMsg exe C Program Files PGP Corporation PGP PGPtray exe C MSSQL Binn sqlmangr exe C Program Files WinZip WZQKPICK EXE C PROGRA MICROS OFFICE OUTLOOK EXE C WINXP System svchost exe C Program Files Internet Explorer iexplore exe C PROGRA Yahoo COMPAN Installs cpn YTBSDK exe C WINXP System svchost exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files Microsoft SQL Server Tools Binn isqlw exe C WINXP System cmd exe C WINXP System cmd exe C WINXP System cmd exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C WINXP system NOTEPAD EXE C WINXP system NOTEPAD EXE C WINXP System notepad exe C Program Files Adobe Acrobat Reader AcroRd exe C WINXP system mstsc exe C WINXP System notepad exe C Program Files Vantive vantiv exe C WINXP Downloaded Program Files CONFLICT VANLITERAL EXE C WINXP Downloaded Program Files CONFLICT VANMESSAGE EXE C Program Files Microsoft Office OFFICE EXCEL EXE C Program Files Spybot - Search amp Destroy SpybotSD exe C Program Files Adobe Acrobat Reader AcroRd Info exe C Documents and Settings ahsanu CONCUR My Documents installations sec pat HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer threshold R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride www webmessenger director R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD ... Read more

A:Infected with trojan/ malware unknown remote access / key logger.

Please also find a dump of netstat -a for your reference



Active Connections

Proto Local Address Foreign Address State
TCP AhsanU-C640:epmap AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:microsoft-ds AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:1025 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:1026 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3261 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3617 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3754 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3762 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3763 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3764 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3765 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3980 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4494 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4501 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4510 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4511 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4514 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4515 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4517 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4518 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4521 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4532 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4535 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4536 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4537 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:5000 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:5250 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:42510 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:netbios-ssn AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:3188 AhsanU-C640.concur.concurtech.org:0 LISTENING
TCP AhsanU-C640:4493 exchange.concur.com:epmap TIME_WAIT
TCP AhsanU-C640:4494 by1msg4246214.phx.gbl:1863 ESTABLISHED
TCP AhsanU-C640:4496 exchange.concur.com:1393 TIME_WAIT
TCP AhsanU-C640:4497 exchange.concur.com:1393 TIME_WAIT
TCP AhsanU-C640:4498 exchange.concur.com:1123 TIME_WAIT
TCP AhsanU-C640:4500 seacorp01.concurtech.net:epmap TIME_WAIT
TCP AhsanU-C640:4501 seacorp01.concurtech.net:1025 ESTABLISHED
TCP AhsanU-C640:4505 seacorp01.concurtech.net:microsoft-ds TIME_WAIT
TCP AhsanU-C640:4507 seacorp01.concurtech.net:netbios-ssn TIME_WAIT
TCP AhsanU-C640:4510 a209-247-153-136.deploy.akamaitechnologies.com:http ESTABLISHED
TCP AhsanU-C640:4511 a209-247-153-136.deploy.akamaitechnologies.com:http ESTABLISHED
TCP AhsanU-C640:4514 207.68.178.61:http ESTABLISHED
TCP AhsanU-C640:4515 207.68.178.61:http ESTABLISHED
TCP AhsanU-C640:4517 unknown.level3.net:http ESTABLISHED
TCP AhsanU-C640:4518 unknown.level3.net:http ESTABLISHED
TCP AhsanU-C640:4521 etrav-2k3-0706.concurtech.net:42510 ESTABLISHED
TCP AhsanU-C640:4525 exchange.concur.com:1393 TIME_WAIT
TCP AhsanU-C640:4526 exchange.concur.com:1393 TIME_WAIT
TCP AhsanU-C640:4531 exchange.concur.com:epmap TIME_WAIT
TCP AhsanU-C640:... Read more

http://www.techsupportforum.com/forums/f284/infected-with-trojan-malware-unknown-remote-access-key-logger-138849.html
Relevancy 35.69%

Hello folks I am getting sluggish performance from my PC I periodically check the processes Sluggish Info Key Possible posted, PC..Hijackthis Logger in Windows Task Sluggish PC..Hijackthis Info posted, Possible Key Logger manager and the CPU utilization is and higher with no programs running Here is my hijack this info Also I must have a key logger program running as one of my accounts on a game got hacked Thanks in advance System Specs Dell Inspiron Notebook Mobile Intel P ghz Processor GB Ram MB ATI Radeon display card - built in DirectX c Mb Page file with available Windows XP Home Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com vso mcshield exe c PROGRA mcafee com agent mctskshd exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files McAfee com VSO mcvsshld exe C Program Files McAfee com VSO oasclnt exe C PROGRA mcafee com agent mcagent exe c progra mcafee com vso mcvsescn exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files ATI Technologies ATI HYDRAVISION HydraDM exe C Program Files Java jre bin jusched exe C Program Files NETGEAR WG SCU Utility Gear exe C Program Files Messenger msmsgs exe C Program Files Google GoogleToolbarNotifier Go ogleToolbarNotifier exe C WINDOWS system ctfmon exe c progra mcafee com vso mcvsftsn exe C Program Files Java jre bin jucheck exe C WINDOWS system taskmgr exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run VSOCheckTask quot C PROGRA McAfee com VSO mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online C Program Files McAfee com VSO mcvsshld exe O - HKLM Run OASClnt C Program Files McAfee com VSO oasclnt exe O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe c PROGRA mcafee com agent mcupdate exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run HydraVisionDesktopManager C Program Files ATI Technologies ATI HYDRAVISION HydraDM exe O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run AS Gear C Program Files NETGEAR WG SCU Utility Gear exe -hide O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run swg C Program Files Google GoogleToolbarNotifier Go ogleToolbarNotifier exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Ext... Read more

http://www.techsupportforum.com/forums/f284/sluggish-pc-hijackthis-info-posted-possible-key-logger-128796.html
Relevancy 36.55%

My computer has been sluggish of late and I have suspicions that a keystroke or screenshot logger has found its way onto my computer Windows Antivirus keystroke logger or screenshot software anti-adware and anti-spyware software are up to date Full scan show no infection Below are the results of the HiJackThis Scan Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS keystroke or screenshot logger system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files HP hpcoretech hpcmpmgr exe C WINDOWS System spool drivers w x hpztsb exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA VERIZO HELPSU VERIZO EXE C WINDOWS system nvsvc exe C Program Files Common Files Symantec Shared SNDSrvc exe C PROGRA VERIZO HELPSU SMARTB MotiveSB exe C Program Files verizon Servicepoint VerizonServicepoint exe C Program Files Java jre bin jusched exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Verizon Online ConnMgr cmisrv exe C Program Files Common Files Verizon Online AppMgr vzOpenUIServer exe C Program Files Common Files MotiveBrowser MotiveBrowser exe C Program Files Common Files Symantec Shared Security Console NSCSRVCE EXE C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www gtczone com R - HKCU Software Microsoft Internet Explorer Main Start Page http www cnn com R - HKLM Software Microsoft Internet Explorer Main Start Page http www gtczone com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Verizon Broadband Toolbar - E BD F- B D- E-D FC-E AF D FA D - C WINDOWS DOWNLO vzbb dll file missing O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Norton Internet Security - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - A F D D-E - D -B A - BB FDD - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar Norton Internet Security - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - C E A- F - E-B E- B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar Verizon Broadband Toolbar - E BD F- B D- E-D FC-E AF D FA D - C WINDOWS DOWNLO vzbb dll file missing O - HKLM Run HP Component Manager quot C Program Files HP hpcoretech hpcmpmgr exe quot O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run HP Software Update quot C Program Files Hewlett-Packard HP Software Update HPWuSchd exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run A Verizon App C PROGRA VERIZO HELPSU VERIZO EXE O - HKLM Run Motive SmartBridge C PROGRA VERIZO HELPSU SMARTB MotiveSB exe O - HKLM Run VerizonServicepoint exe quot C Program Files verizon Servicepoint VerizonServicepoint exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched C Pr... Read more

A:keystroke or screenshot logger

Is this the right place for this question?

Thanks.

http://www.techsupportforum.com/forums/f284/keystroke-or-screenshot-logger-115506.html
Relevancy 37.41%

I believe im infected with a keylogger that my Key logger virus scanners arent catching Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes Key logger C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system savedump exe C WINNT system lsass exe C WINNT system Ati evxx exe C WINNT system svchost exe C WINNT System svchost exe C WINNT system Ati evxx exe C WINNT Explorer EXE C WINNT system spoolsv exe C WINNT ATKKBService exe C WINNT System drivers CDAC BA EXE C Program Files Analog Devices SoundMAX SMAgent exe C WINNT system svchost exe C Program Files QuickTime qttask exe C Program Files Common Files Real Update OB realsched exe C WINNT SOUNDMAN EXE C PROGRA MUSICM MUSICM mm tray exe C Program Files Winamp winampa exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C PROGRA MUSICM MUSICM MMDiag exe C Program Files iTunes iTunesHelper exe C Program Files ahead InCD InCD exe C Program Files D-Tools daemon exe C WINNT system wscntfy exe C Program Files MUSICMATCH Musicmatch Jukebox mim exe C Program Files iPod bin iPodService exe C Program Files AIM aim exe C program files steam steam exe C Program Files Google Google Talk googletalk exe C FRAPS FRAPS EXE C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files GetRight getright exe C Program Files GetRight getright exe C Program Files Logitech SetPoint SetPoint exe C Program Files WinZip WZQKPICK EXE C Program Files Common Files Logitech KHAL KHALMNPR EXE C WINNT system wuauclt exe E Downloads HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer cia O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO FlashFXP Helper for Internet Explorer - E A B-D - -AD - B EE - C PROGRA FlashFXP IEFlash dll O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run SiSUSBRG C WINNT SiSUSBrg exe O - HKLM Run Cmaudio RunDll cmicnfg cpl CMICtrlWnd O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run MMTray C PROGRA MUSICM MUSICM mm tray exe O - HKLM Run MimBoot C PROGRA MUSICM MUSICM mimboot exe O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run ViewMgr C Program Files Viewpoint Viewpoint Manager ViewMgr exe O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run Pop trap exe quot C Program Files Trend Micro PC-cillin Pop trap exe quot O - HKLM Run pccguide exe quot C Program Files Trend Micro PC-cillin pccguide exe quot O - HKLM Run PCCClient exe quot C Program Files Trend Micro PC-cillin PCCClient exe quot O - HKLM Run NeroCheck C WINNT system NeroCheck exe O - HKLM Run iTunesHelper C Program Files iTunes iTunesHelper exe O - HKLM Run InCD C Program Files ahead InCD InCD exe O - HKLM Run hplampc C WINNT system hplampc exe O - HKLM Run DAEMON Tools- quot C Program Files D-Tools daemon exe quot -lang O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run ASUS Probe C Program Files ASUS Probe AsusProb exe O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - HKCU Run Steam quot c program files steam steam exe quot -silent O - HKCU Run googletalk quot C Program Files Google Google Talk googletalk exe quot autostart O - HKCU Run Fraps C FRAPS FRAPS EXE O - HKCU Run LDM C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - HKCU Run ASUSDVCRAgent C Program Files ASUS ASUS Digital VCR Schedule exe O - HKCU Run ASUS SmartDoctor C Program Files ASUS SmartDoctor SmartDoctor exe start O - Startup Xfire lnk C Pro... Read more

A:Key logger

Hello an Welcome to TSF!! All apologies for the delay.........


Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below. Also if you have any programs that may prevent system changes (like Spybot's TeaTimer program, Ad-aware's Ad-Watch, and others), make sure you disable them before doing any of the fixes (or accept the changes for the fix we give you when asked by the programs).

Go to My Computer->Tools (or View)->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders (it's Show all files for Windows 98).
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Make sure you downloaded, installed, updated and ran these programs (run in Safe Mode) already - Ad-aware, Spybot and Ewido (only if you have Windows 2000 or XP). If you didn't, do them now. For more information, go to http://www.greyknight17.com/spyware.htm

Download CWShredder at http://www.greyknight17.com/spy/CWShredder.exe and run it. Click on 'I Agree' button if you agree. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Restart your computer and boot into Safe Mode (if you don't know how, go to http://www.bleepingcomputer.com/foru...howtutorial=61 ). Make sure to close any open browsers.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if found:

Viewpoint

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you check the last one:

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O18 - Protocol: bw+0 - {A65B88E6-9949-419B-9658-BBDDDC314001} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll Click all instances of this entry except for 1.

Locate the following Files/Folders and delete them if they exist (if no location given, just do a search for them):

C:\Program Files\Viewpoint

? Reboot your system in Normal Mode.


Perform an online scan with Internet Explorer with Panda ActiveScan

Click on the "Free To Use ActiveScan" located on the top right hand corner Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
Enter your e-mail address, country, and state & click Scan Now * The download of the 8 MB Panda's ActiveX control will take place *
Begin the scan by selecting My Computer If it finds any malware, it will offer you a report.
Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
Click on See report then click Save report
*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan

Paste the Panda Scan report here together with a new HiJack This log.

http://www.techsupportforum.com/forums/f284/key-logger-90410.html
Relevancy 42.14%

I feel that someone is monitoring me I have a couple of emails address that I can not log into from yahoo I was wondering if there is some type of software that can track someone tracking tracker monitioring my computer For example win-spy is a monitoring spyware that allows the remote tracking tracker user into your computer when you are online It has keylogging snapshots email tracking and other things for a person to track you For now I have keylogg hunter and spy cop installed on my computer But win-spy states it can stop anti-spyware What can I do I am just average user HIJACJTHIS LOG Logfile of HijackThis v Scan saved at tracking tracker AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C tracking tracker WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system winlogon exe C WINDOWS Explorer EXE C WINDOWS system rundll exe C Program Files CA eTrust Internet Security Suite caissdt exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe C WINDOWS System spool DRIVERS W X LMPDPSRV EXE C Program Files Common Files AOL ee AOLSoftware exe C Program Files Messenger msmsgs exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files Lexmark X LEX SU exe C Program Files Keylogger Hunter KeyloggerHunter exe C DOCUME David LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run CaISSDT quot C Program Files CA eTrust Internet Security Suite caissdt exe quot O - HKLM Run CaAvTray quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVTray exe quot O - HKLM Run CAVRID quot C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus CAVRID exe quot O - HKLM Run LMPDPSRV C WINDOWS System spool DRIVERS W X LMPDPSRV EXE O - HKLM Run HostManager C Program Files Common Files AOL ee AOLSoftware exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Startup Keylogger Hunter lnk C Program Files Keylogger Hunter KeyloggerHunter exe O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Global Startup Lexmark X Settings Utility lnk C Program Files Lexmark X LEX SU exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF A E - F C- DD -ADE - FAB ctlProductChecker ProductChecker - http bcontractors safeguardpropert uctChecker cab O - DPF AB CE -AC F- F- -D ABCA EC Get ActiveX Control - https h www hp com ewfrf-JAV oadManager ocx O - Service CAISafe - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrust EZ Antivirus ISafe exe O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service VET Message Service VETMSGNT - Computer Associates International Inc - C Program Files CA eTrust Internet Security Suite eTrus... Read more

A:tracking tracker

Download WinPFInd http://www.bleepingcomputer.com/file...r/WinPFind.zip and extract it to your C:\ folder. This will create a folder called WinPFind in the C:\ folder.

Download Track qoo http://www.geekstogo.com/downloads/Trackqoo.zip
Save it somewhere you will remember like the Desktop. Unzip the Track qoo.vbs inside to your desktop. DO NOT run it yet!

Reboot into Safe Mode
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.!


Inside C:\WinPFind is a file called WinPFind.exe. Double-click on this file to launch the program. Once it is launched, click on the Start Scan button and wait for it to finish. This program will scan large amounts of files on your computer for known patterns so please be patient while it works as it can take a while, upwards to 30 minutes or more.! Once the Scan is Complete it will make a txt file (log) of what was found.

1. Go to the WinPFind folder
2. Locate WinPFind.txt
3. Please post those results in your next post!

REBOOT to normal mode.

Double Click on "Track qoo.vbs"

Note - If you Antivirus has Script Blocking, you will get a Pop Up Windows asking you what to do. Allow this Entire Script to Run, its harmless!

Wait a few seconds and a notepad page will pop up, Copy & Paste those results and place them in the next post along with the results of WinPFind!

So I need the following tool logs..

WinPFind.txt log
Track qoo.vbs log

http://www.techsupportforum.com/forums/f284/tracking-tracker-89396.html
Relevancy 36.98%

my live-in girlfriend of years and I are splitting up and i wanted to make sure she wont know what my passwords will be to all of my accounts after i change then Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C Program Files CA eTrust EZ Armor eTrust EZ Antivirus ISafe exe C Program Files CA eTrust EZ Armor eTrust EZ Antivirus VetMsg exe C WINDOWS SYSTEM ZoneLabs vsmon exe C Program Files RealVNCxp VNC WinVNC exe C WINDOWS Explorer EXE C Program Files CA eTrust EZ Armor eTrust EZ Antivirus CAVTray exe C Program Files CA eTrust EZ Armor eTrust EZ Antivirus CAVRID exe C Program Files CA eTrust EZ Armor eTrust i have a logger? password do EZ Firewall ca exe C Program Files CA eTrust EZ Armor eTrust Anti-Spam QSP- QOELoader exe C Program Files Microsoft IntelliPoint point exe C Program Files Java jre bin jusched exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Adobe Acrobat Reader reader sl exe C Program Files Sony Corporation Image Transfer SonyTray exe C WINDOWS system wuauclt exe C Documents and Settings father Desktop hijackthis HijackThis exe O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - do i have a password logger? FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run CaAvTray quot C Program Files CA eTrust EZ Armor eTrust EZ Antivirus CAVTray exe quot O - HKLM Run CAVRID quot C Program Files CA eTrust EZ Armor eTrust EZ Antivirus CAVRID exe quot O - HKLM Run Zone Labs Client quot C Program Files CA eTrust EZ Armor eTrust EZ Firewall ca exe quot O - HKLM Run QOELOADER quot C Program Files CA eTrust EZ Armor eTrust Anti-Spam QSP- QOELoader exe quot O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Image Transfer lnk C Program Files Sony Corporation Image Transfer SonyTray exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Yahoo Search - file C Program Files Yahoo Common ycsrch htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Yahoo amp Dictionary - file C Program Files Yahoo Common ycdict htm O - Extra context menu item Yahoo amp Maps - file C Program Files Yahoo Common ycmap htm O - Extra context menu item Yahoo amp SMS - file C Program Files Yahoo Common ycsms htm O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Yahoo Services - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs... Read more

A:do i have a password logger?

I don't see anything in that log which would indicate that.

Sorry to hear about a split-up. Why not password protect your user account on the computer, so no access can be granted.

http://www.techsupportforum.com/forums/f284/do-i-have-a-password-logger-87632.html
Relevancy 36.98%

Hi guys do forgive me for not posting in the right format as i am new here Recently I have had my pw on emails facebook and a few other accounts changed The problem did not end with resetting the password and conducting proper virus scans as the hacker still managed to gain access into the said accounts This leads me to think that my computer have a malicious keylogger i was able to retrieve the process log from hijack this and it is as follow so can you all tech savvy guys out there manage to spot the keylogger adn also provide some instructions on removing Threat Possible Logger Key it Thanks a million to all of u Running processes C WINDOWS System Possible Key Logger Threat smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C Possible Key Logger Threat WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C Possible Key Logger Threat Program Files COMODO COMODO Internet Security cmdagent exe C WINDOWS system svchost exe C WINDOWS system Ati evxx exe C Program Files Alwil Software Avast AvastSvc exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Blue Coat K Web Protection k filter exe C WINDOWS system HPSIsvc exe C Program Files IObit IObit Security IS srv exe C Program Files Java jre bin jqs exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C WINDOWS Explorer EXE C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system PnkBstrA exe C WINDOWS system ScsiAccess EXE C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS system svchost exe C WINDOWS system LVCOMSX EXE C Program Files ATI Technologies ATI ACE Core-Static MOM exe C Program Files Logitech Logitech WebCam Software LWS exe C Program Files Common Files Java Java Update jusched exe C Program Files Canon CAL CALMAIN exe C Program Files COMODO COMODO Internet Security cfp exe C Program Files Alwil Software Avast avastUI exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files Windows Live Messenger msnmsgr exe C Program Files IObit Advanced SystemCare AWC exe C Program Files Microsoft ActiveSync WCESCOMM EXE C WINDOWS system wscntfy exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files DAEMON Tools Lite DTLite exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files Logitech SetPoint SetPoint exe C Program Files Xfire xfire exe C Program Files Common Files Logitech KHAL KHALMNPR EXE C Program Files Mozilla Firefox firefox exe C Program Files Windows Live Contacts wlcomm exe C Program Files ATI Technologies ATI ACE Core-Static ccc exe C Program Files Mozilla Firefox plugin-container exe C Documents and Settings Ian Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page yahoo ca R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - URLSearchHook no name - EF BD -C FB- D - F- D F - no file O - BHO no name - D -C F - efb- B - ECA - no file O - BHO HP Print Enhancer - C E- - -BF - C - C Program Files HP Digital Imaging Smart Web Printing hpswp printenhancer dll O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Softonic-Eng Toolbar - b d d- a - e d-b b - dd d bb - C Program Files Softonic-Eng tbSoft dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files Microsoft Search Enhancement Pack Search Helper SearchHelper dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google ... Read more

A:Possible Key Logger Threat

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/possible-key-logger-threat-549088.html
Relevancy 41.28%

Hi, recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web. I'm not sure whether my computer is affected by it but i would like to know how to remove these so as to make sure that my computer is safe. Thanks.

A:Help in removing mouse and screen tracker sent by others

Hello and welcome to TSF.


Quote:




recently i came across a few notices on asking me for permission to access my mouse and screen when i accept buddy request from an online chatgroup web.




You should not allow anybody to access your computer remotely unless you know and trust the person 100%.

If you suspect that they may have infected your computer , we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f100/help-in-removing-mouse-and-screen-tracker-sent-by-others-510807.html
Relevancy 36.98%

I think I may have a virus...possibly a key stroke logger. Here's the deal:

I've been working on my computer to try to resolve some issues with a game I've been playing. As I've tried to Add/Remove delete some programs, I keep getting a message that says "Other users are logged into this computer." I'm the only user of this computer.

Additionally, when I tried to reconfigure Startup through the msconfig function, I wasn't allowed as it said I needed administrator authority. Once again, I AM THE ADMINISTRATOR. I'm the only account on this computer.

So, does this sound like something is going on? If so, how do I find out and what do I do about it?

I have run various spyware and virus programs to check my computer and they've come back relatively clean (some spyware stuff, but nothing big). I have Microsoft Security Essentials running as well as Ad-Aware.

A:Key stroke logger??

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/key-stroke-logger-448732.html
Relevancy 36.98%

Hi I have had a security breach with I believe key logger software I have run ATF Cleaner AD-aware Spybot S amp D MalwareBytes Anti-Malware Hijackthis I attach a copy of the Hijackthis log Logfile problem Key Logger of Trend Micro HijackThis v Scan saved at on Key Logger problem Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon Key Logger problem exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C Key Logger problem WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS Explorer EXE C Program Files CheckPoint ZAForceField IswSvc exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files CheckPoint ZAForceField ForceField exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS system bgsvcgen exe C Program Files Java jre bin jqs exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files TomTom HOME TomTomHOMEService exe C Program Files Yahoo SoftwareUpdate YahooAUService exe C WINDOWS system wscntfy exe C Program Files Java jre bin jusched exe C WINDOWS stsystra exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system Rundll exe C Program Files Common Files InstallShield UpdateService issch exe C DOCUME FREDKE LOCALS Temp clclean C WINDOWS System DLA DLACTRLW EXE C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C WINDOWS system rundll exe C Program Files Creative Shared Files CAMTRAY EXE C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C Program Files Common Files Creative Labs Shared Service CreativeLicensing exe C Program Files Corel Corel Photo Album MediaDetect exe C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe C Program Files Ascentive ActiveSpeed AS exe C Program Files Zone Labs ZoneAlarm zlclient exe C WINDOWS system ctfmon exe C WINDOWS system wuauclt exe C Program Files Windows Live Messenger MsnMsgr Exe C Program Files TomTom HOME TomTomHOMERunner exe C Program Files Ascentive Performance Center ApcMain exe C Program Files Panasonic VideoCam Suite VideoCamSuiteAutoStart exe C Program Files Zone Labs ZoneAlarm MailFrontier mantispm exe c WINDOWS Microsoft NET Framework v dfsvc exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Java jre bin jucheck exe C PROGRA MICROS Office OUTLOOK EXE C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http mysearch myway com jsp dellsidebar jsp p DK R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com O - BHO no name - D -C F - EFB- B - ECA - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS System DLA DLASHX W DLL O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO ZoneAlarm Toolbar Re... Read more

http://www.techsupportforum.com/forums/f100/key-logger-problem-441166.html
Relevancy 36.98%

HJT Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Windows Defender MSASCui exe C Program Files Analog Devices Core smax pnp exe C Windows System rundll exe C or Trojan. key-logger Possible Program Files Alwil Software Avast ashDisp exe C Program Files Sony Ericsson Mobile Application Launcher Application Launcher Possible key-logger or Trojan. exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files Windows Sidebar sidebar exe C Users Tyrra AppData Local Google Update GoogleCrashHandler exe C Possible key-logger or Trojan. Program Files OpenOffice org program soffice exe C Program Files OpenOffice org program soffice bin C Program Files Common Files Teleca Shared Generic exe C Program Files Sony Ericsson Mobile Mobile Phone Monitor epmworker exe C Program Files Lavasoft Ad-Aware AAWTray exe C Windows System mobsync exe C Program Files Skype Phone Skype exe C Program Files Skype Plugin Manager skypePM exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Program Files Spotify spotify exe C Windows system conime exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Users Tyrra AppData Local Google Chrome Application chrome exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google se R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer erh llet fr n Komplett R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO L nkhj lp till Adobe PDF Reader - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInit O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run Sony Ericsson PC Suite quot C Program Files Sony Ericsson Mobile Application Launcher Application Launcher exe quot startoptions O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun O - HKCU Run Google Update... Read more

A:Possible key-logger or Trojan.

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/possible-key-logger-or-trojan-432749.html
Relevancy 40.85%

Hello please disregard or delete my tracker-blue screen Trojan-cookies previous post as I don't think I followed your procedures correctly as I posted from work and was rushing I am experiencing vista blue screen which Trojan-cookies tracker-blue screen I guess is from downloading Photoshop not the one that's installed now though through LIMEWIRE now uninstalled and possibly accepting an end user agreement by accident called 'netnucleus' which I think transferred a TROJAN I ran Mcafee and it picked this trojan up and I deleted it but forgot the name of the trojan Ran mcafee again and it said clean Still blue screened Ran Windows Defender and it said clean still blue screened so I ran dumpchk on the minidump with debugging tools and it gave me probably caused by Mpfp sys Mpfp seems to be a mcafee driver as in - c pograms mcafee FWdriver Mpfp sys amp in - drivers c windows system I uninstalled Mcafee Still blue screened Ran debugging tool dumpchk on the new minidump file and it gave me probably caused by ntoskrnl exe nt e b Which I have been advised is a legitimate program I then downloaded SPYBOT and it picked up 'webtrends' a cookie collecting application removed ran Spybot and said clean Still blue screened System does seem to be alot more stable but still blue screens now and then PLEASE HELP I have attached the correct zip files now and here's the DDS log DDS Ver - - - NTFSx Run by Dan at on Internet Explorer Microsoft Windows Vista Home Premium GMT SP Spybot - Search and Destroy disabled Updated ED FAF- B F- B -ACA - E C DADBE SP Windows Defender enabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system WLANExt exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system agrsmsvc exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Microsoft Small Business Business Contact Manager BcmSqlStartupSvc exe C Program Files Bonjour mDNSResponder exe C Windows system svchost exe -k bthsvcs C Program Files Intel WiFi bin EvtEng exe C Program Files Common Files LightScribe LSSrvc exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Common Files Intel WirelessCommon RegSrvc exe C Program Files CyberLink Shared Files RichVideo exe C Program Files Microsoft SQL Server Shared sqlbrowser exe C Program Files Microsoft SQL Server Shared sqlwriter exe C Windows system svchost exe -k imgsvc C Windows system taskeng exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Program Files Spybot - Search amp Destroy SDWinSec exe C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Samsung Easy Display Manager dmhkcore exe C Windows system taskeng exe C Windows System igfxpers exe C Windows RtHDVCpl exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files SAMSUNG EasySpeedUpManager EasySpeedUpManager exe C Program Files Samsung Samsung Magic Doctor MagicDoctorKbdHk exe C Program Files Samsung EBM EasyBatteryMgr exe C Windows system igfxext exe C Windows system igfxsrvc exe C Program Files iPod bin iPodService exe C Program Files Synaptics SynTP SynTPHelper exe C Program Files Mobile Broadband Connect AutoUpdateSrv exe C Users Dan AppData Local Google Chrome Application chrome exe C Windows TEMP xktvuldwto exe C Windows system UI Detect exe C Windows sy... Read more

A:Trojan-cookies tracker-blue screen

I just though I'd update this post.

I understand it may push back it being looked at though.

Just ran updated Windows Defender and it found this.


Trojan:Win32/winwebsec

Alert Level: Severe

Category:
Trojan

Description:
This program is dangerous and executes commands from an attacker.

Advice:
Remove this software immediately.

Resources:
file:
C:\Windows\Temp\ xktvuldwto.exe

file:
C:\ProgramData\19214044\19214044.exe



Also this file tried/caused this window pop up...

***********************************************************
interactive secrices dialog detection.

a program can't display a mssage on your desktop.
the program may need information or permission to complete a task.

*show me the message

*remind me in a few minutes


program(s) or device(s) requesting attention...

Message title: Crytical Error!
Program Path: c:\windows\temp\xktvuldwto.exe
received 35th July 2009, 14:01:27
This problem happened because of a partial incopatibility with windows.
please contact the program or device manufacturer(s) for more information.


***********************************************************

The trojan it found is also in the dds log..

xktvuldwto can be found in 'Running Processes' near the bottom.

And

19214044 can be found in 'Created Last 30' at the top.

Which you guys already probably spotted!

Sorry if this update has upset anyone as it may been seen as a bump but i understand that it the older posts that seen to first. I really appreciate what you guys do and hope you can still resolve this as I'm sure my registry has damage.


Thanks all!

http://www.techsupportforum.com/forums/f100/trojan-cookies-tracker-blue-screen-398428.html
Relevancy 36.98%

Here are the attached scans as directed by my previous thread DDS Ver - - logger.. key possible of my (Scans) - NTFSx Run by Jeremy's PC at on Tue Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV Bitdefender Antivirus On-access scanning disabled Outdated AV avast antivirus VPS - On-access scanning disabled Updated FW Bitdefender Firewall disabled Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C PROGRA ALWILS Avast ashDisp exe C Program Files Razer Diamondback G razerhid exe C WINDOWS system RUNDLL EXE C WINDOWS system spoolsv exe C WINDOWS system svchost exe -k hpdevmgmt C WINDOWS System svchost exe -k HPZ C Nexon MapleStory npkcmsvc exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe -k HPZ C WINDOWS system PnkBstrA exe C WINDOWS system svchost exe -k imgsvc C Program Files Razer Diamondback G razertra exe C Program Files Razer Diamondback G razerofa exe C Program Files Mozilla Firefox firefox exe C Program Files Xfire xfire exe C WINDOWS system PnkBstrB exe C Program Files AIM aim exe C Program Files AIM aolsoftware exe C Documents and Settings Jeremy's PC Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com uURLSearchHooks Yahoo Toolbar ef bd -c fb- d - f- d f - c progra yahoo companion installs cpn yt dll BHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - c progra yahoo companion installs (Scans) of my possible key logger.. cpn yt dll BHO NoExplorer - No File BHO HP Print Enhancer c e- - -bf - c - c program files hp digital imaging smart web printing hpswp printenhancer dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO RealPlayer Download and Record Plugin for Internet Explorer c (Scans) of my possible key logger.. e -b - bc - - c ca - c program files real realplayer rpbrowserrecordplugin dll BHO SSVHelper Class bb-d f - c-b eb-d daf d d - (Scans) of my possible key logger.. c program files java jre bin ssv dll BHO Burn Free Toolbar Helper d a b-a f- cbe- d - fc bae - c program files burn free toolbar v Burn Free Toolbar dll BHO HP Smart BHO Class ffffffff-cf e- f b-bdc - e e a - c program files hp digital imaging smart web printing hpswp BHO dll TB Yahoo Toolbar ef bd -c fb- d - f- d f - c progra yahoo companion installs cpn yt dll TB Burn Free Toolbar f acbb- f- c -a -ff d d cc - c program files burn free toolbar v Burn Free Toolbar dll uRun AOL Fast Start quot c program files aol AOL EXE quot -b mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartup mRun nwiz nwiz exe install mRun hpqSRMon c program files hp digital imaging bin hpqSRMon exe mRun KernelFaultCheck systemroot system dumprep -k mRun RTHDCPL RTHDCPL EXE mRun Alcmtr ALCMTR EXE mRun avast c progra alwils avast ashDisp exe mRun Diamondback c program files razer diamondback g razerhid exe mRun TkBellExe quot c program files common files real update ob realsched exe quot -osboot mRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInit mRunOnce Malwarebytes' Anti-Malware c program files malwarebytes' anti-malware mbamgui exe install silent StartupFolder c docume jeremy startm programs startup xfire lnk - c program files xfire xfire exe IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger msmsgs exe IE B E C - FCB- CF-AAA - C - CAFEEFAC- - - -ABCDEFFEDCBC - c program files java jre bin ssv dll IE DDE - C - c - - F B AA - DDE - C - c - - F B AA - c program files hp digital imaging smart web printing hpswp BHO dll DPF B-B - D-A D -FCFDF E C - hxxp www update microsoft com windowsupdate v V Controls en x client wuweb site cab DPF AD C - E- D -B E - F D - hxxp java sun com update jinstall- -windows-i cab DPF FFBE D-... Read more

A:(Scans) of my possible key logger..

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

No malware is showing in your logs. We'll do a scan to look for remnants shortly.

------------------------------------------------------

It appears that you have two antivirus programs installed and running, avast! and BitDefender. While this may seem like better protection, they can actually conflict with one another and cause system instability or even system hangs. Please choose one to keep and uninstall the other via Add or Remove Programs in your Control Panel. I suggest you uninstall BitDefender as it is outdated.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

Viewpoint Media Player<<This is considered foistware instead of malware since it is installed without users approval, but doesn't spy or do anything "bad". Please read here and here

------------------------------------------------------

I see you have P2P software ( LimeWire and Vuze ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

References for the risk of these programs are here, here, and here.

I would strongly recommend that you uninstall it, however that choice is up to you. If you choose to remove this program, you can do so via Control Panel >> Add or Remove Programs.

------------------------------------------------------

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update. Download the latest version of Java Runtime Environment (JRE) 6 and Save it to your Desktop.
Scroll down to where it says Java Runtime Environment (JRE) 6 Update 12 The Java SE Runtime Environment (JRE) allows end-users to run Java applications.
Click the Download button to the right.
Select the Windows platform from the dropdown menu.
Read the License Agreement and then check the box that says: I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement
Click Continue The page will refresh.
Click on the link to download Windows Offline Installation and Save the file to your Desktop.
Close any programs you may have running - especially your web browser.
Go to Start(or My Computer) > Control Panel and double-click on Add or Remove Programs and remove all older versions of Java.
Click (highlight) any item with Java Runtime Environment (JRE, J2SE, Java(TM) SE or Java(TM) 6) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u12-windows-i586-p.exe to install the newest version.
After the install is complete, go back to your Control Panel(using Classic View) and click the Java icon. (looks like a coffee cup)On the General tab, under Temporary Internet Files, click the Setti... Read more

http://www.techsupportforum.com/forums/f100/scans-of-my-possible-key-logger-349556.html
Relevancy 36.55%

Jason,

Thank you for the warm welcome. I was just in Tampa last weekend. I live in Orlando and I am new to this type of forum. I have a very smart (smart alec) 15 year old son that hacked my Win XP password and put at least one keylogger (tiny keylogger) on my computer. He is far more advanced with computers than I am. I think I have removed it. However, I still see some suspect things in hijackthis. Will you please look at the HJ logfile? I have ran AdAware, Spybot S&D, AVG Anti spyware, C Cleaner, Attack Shield WS, Bazooka Scanner, Spyware terminator, and Snoopfree Privacy Shield. I may eventually let him back on my network but for now he is off and I have am also using a deadbolt since he did it from my computer.

Thank you,
Charles

A:Son put key logger on dads computer

thanks can you or someone please look at my Hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 12:03:37 PM, on 3/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\BlueGene\Bluetooth-programvara\bin\btwdins.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Sana Security\Attack Shield\AttackShieldAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sana Security\Attack Shield\AttackShield.exe
C:\Program Files\EarthLink\spamBlocker\ELSBLaunch.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HIJACKTHIS\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Ac... Read more

http://www.techsupportforum.com/forums/f100/son-put-key-logger-on-dads-computer-143758.html
Relevancy 37.41%
Q: logger

please can i have my log checked Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS SYSTEM winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C Program Files Panda Software Panda Platinum Internet Security PavProt exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C logger WINDOWS system svchost exe C WINDOWS SYSTEM Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C WINDOWS System svchost logger exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files JC Software Omni Net Manager ONMAgent exe C Program Files JC Software Omni Net Manager ONMManager exe C Program Files Panda Software Panda Platinum Internet Security PaSSrv exe C Program Files Panda Software Panda Platinum Internet Security Firewall PavFires exe C Program Files Panda Software Panda Platinum Internet Security PavFnSvr exe C Program Files Panda Software Panda Platinum Internet Security Pavkre exe C Program Files Common Files Panda Software PavShld pavprsrv exe C Program Files Panda Software Panda Platinum Internet Security pavsrv exe C Program Files Panda Software Panda Platinum Internet Security AVENGINE EXE C Program Files Panda Software Panda Platinum Internet Security prevsrv exe C Program Files Panda Software Panda Platinum Internet Security PsImSvc exe C WINDOWS ehome RMSvc exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS system svchost exe C Program Files Alcohol Soft Alcohol StarWind StarWindService exe c program files transcode transcode exe C WINDOWS ehome McrdSvc exe C Program Files Windows Media Connect wmccds exe C WINDOWS system wuauclt exe C WINDOWS system dllhost exe C WINDOWS system wbem wmiprvse exe C Program Files Panda Software Panda Platinum Internet Security apvxdwin exe C WINDOWS System alg exe C WINDOWS ehome ehtray exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C WINDOWS eHome ehmsas exe C Program Files logger Analog Devices SoundMAX SMax PNP exe C Program Files Analog Devices SoundMAX Smax exe C Program Files Panda Software Panda Platinum Internet Security SRVLOAD EXE C Program Files Windows Media Connect WMCCFG exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C Program Files MSN Messenger MsnMsgr Exe C Program Files BitComet BitComet exe C WINDOWS ehome RMSysTry exe C Program Files Neuston Media Centre app Neuston-server exe C Program Files Dun VLC vlc exe C Program Files Panda Software Panda Platinum Internet Security WebProxy exe C Program Files JC Software Omni Net Manager ONMPing exe E Backed Up Programes HijackThis exe O - BHO XBTP - F A-BBAF- d -B - F A B - C PROGRA ALCOHO ALCOHO a tb dll O - Toolbar Alcohol Soft - Alcohol Toolbar - CE EE - D C- -AF B-D AB - C Program Files Alcohol Soft Alcohol Toolbar a tb dll O - HKLM Run ehTray C WINDOWS ehome ehtray exe O - HKLM Run ATIPTA quot C Program Files ATI Technologies ATI Control Panel atiptaxx exe quot O - HKLM Run SoundMAXPnP C Program Files Analog Devices SoundMAX SMax PNP exe O - HKLM Run SoundMAX quot C Program Files Analog Devices SoundMAX Smax exe quot tray O - HKLM Run Windows Media Connect quot C Program Files Windows Media Connect WMCCFG exe quot StartQuiet O - HKLM Run NeroFilterCheck C Program Files Common Files Ahead Lib NeroCheck exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run SCANINICIO quot C Program Files Panda Software Panda Platinum Internet Security Inicio exe quot O - HKLM Run APVXDWIN quot C Program Files Panda Software Panda Platinum Internet Security APVXDWIN EXE quot s O - HKLM RunServices PANDA ANTISPAM SERVER SERVICE quot C Program Files Panda Software Panda Platinum Internet Security... Read more

A:logger

That log is clean, are you having any issues with this PC or were you just looking for a routine checkup?

http://www.techsupportforum.com/forums/f100/logger-97882.html
Relevancy 42.14%

Besides these two I also seem to have Elite toolbar and Sasser last nite as well I have done spybot Adaware Adaware is coming up clean Spybot cannot seem to finish quarantining the files found above I am on different machine currently Sex Adaware and A Tracker as my IE cannot work I'm not even running IE and I'm getting popups sounds like Elite is back ARRRRGHHHH Please review HJT Sex Tracker and A Adaware Log and give me some help pleeeeaaase I'm in China on business and Laptop is my only link to work etc Logfile of Sex Tracker and A Adaware HijackThis v Scan saved at AM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes Sex Tracker and A Adaware C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System Ati evxx exe C PROGRA SYMANT SYMANT DefWatch exe C WINNT System svchost exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C PROGRA SYMANT SYMANT Rtvscan exe C WINNT system regsvc exe C WINNT system MSTask exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT system userinit exe C WINNT system Atiptaxx exe C PROGRA SYMANT SYMANT vptray exe C WINNT system ctfmon exe C Program Files EarthLink TotalAccess TaskPanl exe C WINNT DvzCommon DvzMsgr exe C Program Files WinZip WZQKPICK EXE C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe C Program Files Palm HOTSYNC EXE C WINNT explorer exe C Program Files Microsoft Office Office WINWORD EXE C WINNT system cmd exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http start earthlink net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www earthlink net partner mor on search html R - HKCU Software Microsoft Internet Explorer Main Search Bar http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Search Page http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www earthlink net partner mor on search html F - REG system ini UserInit userinit exe userinit exe O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run vptray C PROGRA SYMANT SYMANT vptray exe O - HKCU Run ctfmon exe ctfmon exe O - HKCU Run E TaskPanel quot C Program Files EarthLink TotalAccess TaskPanl exe quot -winstart O - Startup HotSync Manager lnk C Program Files Palm HOTSYNC EXE O - Global Startup Dataviz Messenger lnk C WINNT DvzCommon DvzMsgr exe O - Global Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPICK EXE O - Global Startup Wireless-B Notebook Adapter Utility lnk C Program Files Linksys Wireless-B Notebook Adapter WPC Cfg exe O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF BAC - DD- - D- A E D A Yahoo Photos Easy Upload Tool Class - http us dl yimg com download yaho opper us cab O - DPF E E E - AA - D -ABA - AA C GpcContainer Class - https partminer webex com client v ex ieatgpc cab O - Service Ati HotKey Poller - Unknown owner - C WINNT System Ati evxx exe O - Service CWShredder Service - Unknown owner - D CWShredder exe file missing O - Service DefWatch - Symantec Corporation - C PROGRA SYMANT SYMANT DefWatch exe O - Service Logical Disk Manager Administrative Service dmadmin - VERITAS Software Corp - C WINNT System dmadmin exe O - Service Symantec AntiVirus Client Norton AntiVirus Server - Symantec Corporation - C PROGRA SYMANT SYMANT Rtvscan exe O - Service Remote Administrator Service r server - Unknown owner - C WINNT system r server exe qu... Read more

A:Sex Tracker and A Adaware

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro http://uk.trendmicro-europe.com/ente...all_launch.php. Just follow the instructions on the site to run the online scan. If any viruses/trojans are detected, try to delete or clean them in that site. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Go to Start->Run and type in services.msc and hit OK. Then look for Remote Administrator Service (r_server) and double click on it. Click on the Stop button and under Startup type, choose Disabled.

Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\WINNT\system32\userinit32.exe

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
F2 - REG:system.ini: UserInit=userinit.exe,userinit32.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINNT\system32\userinit32.exe - delete the file exactly as shown here
C:\WINNT\system32\r_server.exe

Reboot into Normal Mode and run new HijackThis scan. If there were some entries that didn't show up in Safe Mode, you may check and fix those that appear now in normal mode (if you do that, make sure to run a new scan again). Save the log file and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in the forum.

http://www.techsupportforum.com/forums/f100/sex-tracker-and-a-adaware-49119.html
Relevancy 33.97%

Hello everyone this is my first post and its about ERRORS I have a few regular re-occurring errors in my event viewer which seem to be linked to logging upon boot and shutdown I am running Windows x professional Event ID The maximum file size for session Circular Kernel Context Logger has been reached As a result events might be lost not logged to file C WINDOWS system WDI LogFiles BootCKCL etl The maximum files size is Context Kernel BootCKCL.etl stopped & file ?Circular Logger? size Session currently set to bytes Event ID Session Circular Kernel Context Logger stopped BootCKCL.etl file size & Session ?Circular Kernel Context Logger? stopped due to the following error xC I have tried renaming the BootCKCL etl file and restarting but a new one is created which is the same file size The current file size is Mb I have also edited the following which has made no difference and the error still appears HKEY LOCAL MACHINE SYSTEM CurrentControlSet Control WMI Autologger Circular Kernel Context Logger increasing the the value MaxFileSize to I also see this error a lot but I am unsure if it related Custom dynamic link libraries are being loaded for every application The system administrator should review the list of libraries to ensure they are related to trusted applications Please visithttp support microsoft com kb for more information The support article didnt really provide much help Is this a problem with booting shutting down or is it an issue with logging and the file sizes Does anyone have any ideas on how to fix this I opened up the BootCKCL etl file in Windows Performance Analyzer and it gave me a warning Performance Analyzer noticed that events and buffers were lost in this trace This is usually created by insufficient bandwidth for ETW logging Please try increasing the minimum and maximum number of buffers and or the buffer size Doubling these values would be a good first attempt Please note though that this action increases the amount of memory reserved for ETW buffers increasing memory pressure on your scenario See xperf -help start for the associated command line operations Windows Performance analyzer might not be able to provide reliable data in this situation Would you like to continue analyzing this trace Also when I try to open Performance monitor I get this error Unable to add these counters Memory Available MBytes Memory committed bytes in use Memory cache faults sec Physical Disk idle time Physical Disk Avg Disk Queue length Network interface bytes total sec Does anyone know how to rebuild performance counters in windows Are all these errors with logging linked I have a boot trace etl file and performance monitor logs if anyone needs to see them Any help on fixing any of these issues would be much appreciated

http://www.bleepingcomputer.com/forums/t/510471/bootckcletl-file-size-session-circular-kernel-context-logger-stopped/
Relevancy 31.82%

I ve had this problem for a long time When I put my computer in hibernation sometimes when I wake it it hangs at the user select screen or it just shows 18 fails. works when hibernation randomly, Event Hibernation Logger WHEA a black screen Sometimes I can reset the computer after it has hanged and try again resuming from hibernation and many times it will work after a couple of tries Other times after resetting I won t get the prompt to try again with resuming the other option is to delete hibernation data and reboot the system but I will get the usual screen that says that Windows was not shut down correctly with all the options for safe mode etc If I cannot resume and I get the screen with safe mode and all the other crap I finally log in I get a notice that there was a critical error in the details I see BlueScreen and other data but I actually never get a blue screen In the dump folder there are no dmp files related to the hibernation hanging Anyway when it happens I see several Event WHEA-Logger in the event viewer about of them every time What s weird though is that I literally have NO problems Hibernation works randomly, WHEA Logger Event 18 when hibernation fails. with this computer other than this The only times it hangs is when I resume it from hibernation I can play games or run stress tests with or without overclock and the system is stable But there is some problem that prevents it from resuming from hibernation correctly so every time I use it is basically a gamble because it has like chance of working PLEASE help me fix this problem I tried EVERY SINGLE solution I found with google related to hibernation problems and it s still there I even formatted and reinstalled Windows from scratch and it s still there I m positive I updated every single driver for every hardware I have and nope no solution I know the WHEA error is related to the hardware but like I said everything works PERFECTLY once the system starts up properly or when it resumes from hibernation properly I am desperate I m even willing to give you remote access to my computer if you need I AM DESPERATE Current System specs and installed hardware Windows Ultimate x I do not remember if this problem happened when I had Vista Intel Core Quad Q Asus Rampage Formula Motherboard Gb DDR OCZ Gigabyte GTX Ti Western Digital Caviar Black Gb as system drive CoolerMaster Realpower W PSU Hauppauge WinTV HVR capture card A Philips IDE DVD burner Some USB stuff Over the last years I ve had this problem I replaced the following hardware but the problem has always been there Gb DDR generic OEM Sapphire Radeon HD Seagate Barracuda Gb

A:Hibernation works randomly, WHEA Logger Event 18 when hibernation fails.

Nobody knows anything about this problem? Any way to troubleshoot it?

http://www.bleepingcomputer.com/forums/t/477848/hibernation-works-randomly-whea-logger-event-18-when-hibernation-fails/
Relevancy 36.98%

SQM Logger
Can any one tell me what this is.
I can't find anything about it.
Thanks in advance !!

A:(vista) Sqm Logger

Rather interesting reading. Another way for M$ to stick their nose in your businesshttp://dotwhat.net/sqm/8672/

http://www.bleepingcomputer.com/forums/t/166120/vista-sqm-logger/
Relevancy 37.41%

Hi Gang...

I'm almost certain I have a PC with Web Watcher installed on it & would like to remove it..

Any help would be appreciated

lsz

A:key logger

I suggest you speak with the person you suspect installed it.

http://www.bleepingcomputer.com/forums/t/415788/key-logger/
Relevancy 36.12%

My dual boot XP machine will not start the event logger service on the x operating system and I cannot start it it works fine on the bit OS In Component Services clicking the START button for Event Log generates the error message quot Could not start the Event Log service on Local Computer Error The system cannot find the file specified quot Drilling down running in not Logger Event service XP through My Computer to the Error Reporting window shows error reporting as enabled and both Windows and Programs checked Deleting the existing log files had no impact on the problem Trying to read the logs via the Event Viewer generates the error message quot Unable to complete the operation on Application The interface is unknown quot In the Event Viewer on the right pane it says quot There are no items to show in this view quot This is true for all the logs The windows system config folder has full access rights for both Adminstrator and System A full Repair install of the system did not fix anything Any suggestions

A:Event Logger service not running in XP

Worth a look, http://www.annoyances.org/exec/forum/winxp/t1078935546Louis

http://www.bleepingcomputer.com/forums/t/226333/event-logger-service-not-running-in-xp/
Relevancy 36.55%

hiiii please help me get rid of the virus naming logger.pcap.a which is in the location c:\windows\drivers\svchost.exe

A:Infected With Logger.pcap.a

You need to post in our virus and malware forum. It's further down the main forum page
Good luck
Mark

http://www.bleepingcomputer.com/forums/t/117712/infected-with-loggerpcapa/
Relevancy 36.55%

After finally removing Spy Falcon and other associated files from my PC, I ran a Spybot scan and found more crud. In that scan a file was found called 007 Spy Ware. I was told that is a key logger program. The Spybot program deleted it then I purged it. Hopefully it is gone forever.

My questions are: can a key logger program like that get placed on my PC via an email, hidden attachment, virus, spy ware, or does it have to be manually installed????? Is there any way it can be traced to see where it came from or where the collected info was sent to?

Thanks, Dave

A:Found 007 Spy Ware (key Logger?)

Hi Davexx1Here is some info. from Symantec.comhttp://www.symantec.com/avcenter/venc/data...are.007spy.htmlBehaviorSpyware.007Spy is a commercial spyware program that logs keystrokes, Web sites visited, programs used, and files and folder activity. It also has the ability to capture screenshots and can use FTP or email to send all the logs to a remote server or email address.This spyware can be run automatically in a silent, undetectable mode and it cannot be accessed until it is brought out of silent mode. This can be done with a hot-key combination (the default combination is Ctrl+Alt+7).SymptomsThe files are detected as Spyware.007Spy.TransmissionThis spyware must be manually installed.

http://www.bleepingcomputer.com/forums/t/46703/found-007-spy-ware-key-logger/
Relevancy 35.26%

my laptop is infected with a key logger Avira detected it at first with a notification and a voice not sure what program the voice was from that stated a key logger Infected with Emsisoft running having a and key issues logger; Antivir was installed I followed the manual remove of malware by installing malwarebytes and Emsisoft and ran them with Avira Avira scan kept stopping halfway Emsisoft completed a full scan and found nothing but now says it can't open as it's waiting for a service to start perhaps I turned something off during the Autoruns tutorial Malwarebytes found PUP Optional Showpass x Infected with a key logger; Antivir and Emsisoft having issues running and PUP Optional BestPriceNinja x Avira is working now but doesn't report anything else -------------------------- Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by drea administrator on NUKE - - Running from C Users drea Downloads frst Loaded Profiles drea amp Available Profiles drea amp Administrator Platform Windows Home X Language English United States Internet Explorer Version Default browser Chrome Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved NVIDIA Corporation C Windows System nvvsvc exe Intel Corporation C Windows System igfxCUIService exe Softex Inc C Program Files Hewlett-Packard SimplePass OmniServ exe C Program Files Hewlett-Packard SimplePass cachesrvr exe NVIDIA Corporation C Program Files NVIDIA Corporation Display nvxdsync exe NVIDIA Corporation C Windows System nvvsvc exe Hewlett-Packard Company Infected with a key logger; Antivir and Emsisoft having issues running C Windows System hpservice Infected with a key logger; Antivir and Emsisoft having issues running exe Realtek Semiconductor C Program Files Realtek Audio HDA RtkAudioService exe Wacom Technology Corp C Program Files Tablet Pen WTabletServiceCon exe Realtek Semiconductor C Program Files Realtek Audio HDA RAVBg exe Avira Operations GmbH amp Co KG C Program Files x Avira AntiVir Desktop sched exe Apple Inc C Program Files Bonjour mDNSResponder exe Avira Operations GmbH amp Co KG C Program Files x Avira AntiVir Desktop avguard exe Autodesk Inc C Program Files x Common Files Autodesk Shared AppManager R AdAppMgrSvc exe Microsoft Corporation C Program Files Microsoft Office ClientX officeclicktorun exe Avira Operations GmbH amp Co KG C Program Files x Avira Launcher Avira ServiceHost exe NVIDIA Corporation C Program Files NVIDIA Corporation GeForce Experience Service GfExperienceService exe Google Inc C Program Files x Google Chrome Remote Desktop remoting host exe Side Effects Software Inc C Windows System sesinetd exe Hewlett-Packard Development Company L P C Program Files x Hewlett-Packard HP System Event HPWMISVC exe Google Inc C Program Files x Google Chrome Remote Desktop remoting host exe Side Effects Software Inc C Windows System hserver exe Malwarebytes C Program Files x Malwarebytes Anti-Malware mbamservice exe NVIDIA Corporation C Program Files x NVIDIA Corporation NetService NvNetworkService exe Synaptics Incorporated C Program Files Synaptics SynTP SynTPEnhService exe Intel Corporation C Program Files x Intel Bluetooth ibtrksrv exe Intel reg Corporation C Program Files Intel iCLS Client HeciServer exe Malwarebytes C Program Files x Malwarebytes Anti-Malware mbamscheduler exe C Program Files Intel Intel reg Smart Connect Technology Agent iSCTAgent exe C Program Files Autodesk ds Max Design NVIDIA raysat dsmax server exe Sierra Wireless Inc C Program Files x Sierra Wireless Inc Common SwiCardDetect exe NVIDIA Corporation C Program Files NVIDIA Corporation NvStreamSrv NvStreamService exe Reprise Software Inc C Program Files x The Foundry LicensingTools bin RLM rlm foundry exe Reprise Software Inc C Program Files x The Foundry LicensingTools bin RLM rlm foun... Read more

A:Infected with a key logger; Antivir and Emsisoft having issues running

Sorry, there were time out issues while posting, so I had no confirmation that it had posted already.

http://www.bleepingcomputer.com/forums/t/598554/infected-with-a-key-logger;-antivir-and-emsisoft-having-issues-running/
Relevancy 36.55%

I've been having a few strange computer things going on and believe someone is intercepting traffic from my laptop A year ago I was looking at some postings on Craigslist and then the next day someone with a Yahoo email address with a variation of my name forwarded those Craigslist postings to my wife's email A few weeks later I posted something on a travel web forum and someone responded using the same screen name that I use on another website The poster also revealed some additional personal info about myself I scanned my desktop and laptop with two virus scanners and also used Kapersky to make a boot CD and scan for rootkils and viruses outside of windows - all systems were clean I also bought a new router and beefed up my wireless security creating new complex passwords using special characters and using WPA At home I connect to the internet through the router and Comcast cable modem I use windows remote desktop to access my desktop computer ?? with my infected a logger Is key or computer from Is my computer infected with a key logger or ?? my laptop over the wireless network So everything was fine and nothing weird was happening until yesterday I'm traveling out of town using the hotel's wifi with my laptop I visited Craigslist and later that day someone again using an email with a variation of my name sent links from the CL pages I visited to my wife I'm currently running Avast Antivirus on my laptop and it scans clear Is it possible someone is intercepting traffic form my laptop What can I do to prevent this I ran FRST and the log is attached Thanks in advance for any help

A:Is my computer infected with a key logger or ??

Hello gasgousegorillaz  and welcome to BleepingComputer!                     
 
My name is Sirawit and I'm here to help you.
 
Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.
 
If I don't reply after 3 days, feel free to PM me.                      
==========================================================================Some points for you to keep in mind:
Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
Do not attach logs or use code boxes, just copy and paste the text.
Periodically update me on the condition of your computer, and provide detail in every post.
In the upper right hand corner of the topic you will see the  button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
If you do not reply to your topic after 3 days I will bump the topic, if you didn't reply in next 3 days we assume it has been abandoned and I will close it.
Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.
==========================================================================
 
Please post addition.txt log located in the same folder as FRST.exe and FRST.txt.
 
Thank you.

http://www.bleepingcomputer.com/forums/t/593103/is-my-computer-infected-with-a-key-logger-or/
Relevancy 36.98%

I have an overzealous person in the family/house that tries to monitor everything I do because they have no other existence...I Have removed spyware before, but this time I need to make sure I'm clean.  Please help....

A:Problem with Key-logger?!? Help please?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(http://www.ruby-lang.org/) C:\Users\Jared Schulz\AppData\Local\Temp\ocr6FB9.tmp\bin\rubyw.exe
(http://www.ruby-lang.org/) C:\Users\Jared Schulz\AppData\Local\Temp\ocrECF8.tmp\bin\rubyw.exe
CHR NewTab: Default -> "chrome-extension://nohbdifokmdgjcbbeobglcbaifinhfip/go.html"
CHR Extension: (New Tab Redirect) - C:\Users\Jared Schulz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-10-03]
CHR Extension: (Evernote Web) - C:\Users\Jared Schulz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-10-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\Jared Schulz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
C:\Users\Jared Schulz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
C:\Users\Jared Schulz\AppData\Local\Temp\ocr6FB9.tmp
C:\Users\Jared Schulz\AppData\Local\Temp\ocrECF8.tmp

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.The location is listed in the 3rd line of the Farbar log you have submitted.Run FRST and click Fix only once and wait.Restart the computer normally to reset the registry.The tool will create a log (Fixlog.txt) please post it to your reply.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the LogFile button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleanerCx.txt (x is a number).===Reset Chrome...Open Google Chrome, click on menu icon which is located right side top of the google chrome. Click "Settings" then "Show advanced settings" at the bottom of the screen. Click "Reset browser settings" button. Clear your cache and cookieshttps://support.google.com/chromebook/answer/183083?hl=enSelect "From the beginning of time"Restart Chrome.====How is the computer running now?

http://www.bleepingcomputer.com/forums/t/593864/problem-with-key-logger-help-please/
Relevancy 41.71%

What is Tracker.Marinsm.com?  Everytime I search for something everything slows down and I see that in the Address Bar.
 
Malware doesn't get rid of it.
 
Help!

A:http://tracker.marinsm.com?

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

http://www.bleepingcomputer.com/forums/t/589703/httptrackermarinsmcom/
Relevancy 42.14%

I am running windows vista. I have ran multiple different virus scans and spyware/malware scans and still have this "piece of paper image" that shadows my cursor every so often. (picture attached). It happens mainly on facebook. I do not play any games, etc and I keep my virus scanner up to date etc. I am thinking it is some kind of tracker????? but I ran rootkit scanners and it didnt solve my problem. Please help. Thanks.

A:Tracker? Virus?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.To attach a file select the "More Reply Option" and follow the instructions.Let me know what problem persists.

http://www.bleepingcomputer.com/forums/t/540477/tracker-virus/
Relevancy 40.85%

Greetings First time poster here at BC affiliate conduit, potential others. tracker, diysimplify, com having some issues affiliate tracker, diysimplify, conduit, potential others. with browser trackers and toolbar hijacks and possably some malware issues related to conduit or other unhealthy services When I open firefox my default browser I get tabs that open showing the diysimplfy toolbar instructions and constant firefos has prevented a page from opening error with an occasional blank affiliate tracker, diysimplify, conduit, potential others. page that opens with the affiliate tracker, diysimplify, conduit, potential others. affiliate mintracker address that pops up I've done some preperatory fix attempts using MBAM and Anti-rootkit as well as some logs As per the BC com preperation guide I've posted the DDS log below and attatched the attatch zip as well noticing familure known malwar hijacks - conduit visualbee Unsure of punkbuster and jetpack Or how to remove these issues It's been many years since I've been forced to clean up this bad of a mess Thanks in advance for your time and effort in looking over my log and I look forward to further instructions Cheers DDS Ver - - - NTFS x Internet Explorer BrowserJavaVersion Run by josie hoyt at on - - Microsoft Windows Vista Home Basic GMT - SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system SLsvc exe C Windows system WLANExt exe C Windows System spoolsv exe C Program Files Common Files Adobe ARM armsvc exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Malwarebytes' Anti-Malware mbamservice exe C Windows system PnkBstrA exe C Windows system rpcnet exe C ProgramData Skype Toolbars Skype C C Service c c service exe C Windows system SearchIndexer exe C Windows system RUNDLL EXE C Windows System WUDFHost exe C Windows system taskeng exe C Windows System alg exe C Windows system SearchProtocolHost exe C Windows system wbem wmiprvse exe C Program Files Malwarebytes' Anti-Malware mbamgui exe C Windows system Dwm exe C Windows Explorer EXE C Windows system SearchFilterHost exe C Program Files DellTPad Apoint exe C Program Files Common Files Java Java Update jusched exe C Windows System rundll exe C Windows System rundll exe C Program Files McAfee Security Scan SSScheduler exe C Program Files TimeLeft TimeLeft exe C Windows system taskeng exe C Windows system wbem unsecapp exe C Windows system wbem wmiprvse exe C Windows system taskeng exe C Program Files DellTPad ApMsgFwd exe C Program Files IObit Game Booster gbtray exe C Program Files DellTPad Apntex exe C Program Files DellTPad HidFind exe C Windows system igfxsrvc exe C Windows system wbem WMIADAP EXE C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k secsvcs C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system svchost exe -k imgsvc C Windows System svchost exe -k WerSvcGroup C Windows system svchost exe -k LocalServiceAndNoImpersonation Pseudo HJT Report uStart Page hxxp www google com uSearch Bar hxxp www google com uURLSearchHooks D D D - F D- C-B C -E F B - lt orphaned gt BHO MSS Identifier E A AD- D - EB- D D- EF A - c program files mcafee security scan McAfeeMSS IE dll BHO Java Plug-In SSV Helper BB-D F - C-B EB-D DAF D D - c program files java jre bin ssv dll BHO Skype Browser Helper AE - E C- ED - F B-F F A - c program files skype toolbars internet explorer skypeieplugin dll BHO Office Document Cache Handler B F A - E - -BA - B E FF - c... Read more

A:affiliate tracker, diysimplify, conduit, potential others.

Hello jingbadguy I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.-AdwCleaner-Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Scan.After the scan is complete click on "Clean"Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[S1].txt as well.-Junkware-Removal-Tool-Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.When they are complete let me have the two reports and let me know how things are running.Gringo

http://www.bleepingcomputer.com/forums/t/510676/affiliate-tracker-diysimplify-conduit-potential-others/
Relevancy 37.41%

Hi Boopme Please find below results of the reports as requested MiniToolBox by Farbar Version - - Ran by Administrator administrator on - - at Running from C Documents and Settings Administrator Desktop Microsoft Windows XP Service Pack X Boot Mode Normal Flush DNS Windows IP Configuration Successfully flushed the DNS Resolver Cache IE Proxy Settings Proxy is not enabled No Proxy Server is set Reset IE Proxy Settings IE Proxy Settings were reset FF Proxy Settings Reset FF Proxy Settings Firefox Proxy settings were reset Hosts content localhost IP Configuration Net Adapter Connection Connected Intel reg PRO Wireless ABG Network Connection Wireless Network Connection Connected Broadcom x Integrated Controller Local Area Connection Media disconnected ---------------------------------- Interface IP Configuration ---------------------------------- pushd interface ip Interface IP Configuration for Local Area Connection set address name Local Area Connection source dhcp set dns name Local Area Connection source dhcp register PRIMARY set wins name Local Area Connection source dhcp Interface IP Configuration for Wireless Network Connection set address name Wireless Network Connection source dhcp set dns name Wireless Network Connection source dhcp register PRIMARY set wins name Wireless Network Connection source dhcp popd End of interface IP configuration Windows IP Configuration Host Name me Primary Dns Key Logger Suffix Node Type Unknown IP Routing Enabled No WINS Key Logger Proxy Enabled No Ethernet adapter Local Area Connection Media State Media disconnected Description Broadcom x Integrated Controller Physical Address Key Logger - C- -AB-B -EB Ethernet adapter Wireless Network Connection Connection-specific DNS Suffix Description Intel reg PRO Wireless ABG Network Connection Physical Address - C-BF- - - E Dhcp Enabled Yes Autoconfiguration Enabled Key Logger Yes IP Address Subnet Mask Default Gateway DHCP Server DNS Servers Lease Obtained Wednesday March a m Lease Expires Thursday March a m Server dslrouter Address Name google com Addresses Pinging google com with bytes of data Reply from bytes time ms TTL Reply from bytes time ms TTL Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Server dslrouter Address Name yahoo com Addresses Pinging yahoo com with bytes of data Reply from bytes time ms TTL Request timed out Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Pinging with bytes of data Reply from bytes time lt ms TTL Reply from bytes time lt ms TTL Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Interface List x MS TCP Loopback interface x c ab b eb Broadcom x Integrated Controller - Packet Scheduler Miniport x c bf e Intel reg PRO Wireless ABG Network Connection - Packet Scheduler Miniport Active Routes Network Destination Netmask Gateway Interface Metric Default Gateway Persistent Routes None Winsock entries Catalog C Windows System mswsock dll Microsoft Corporation Catalog C Windows System winrnr dll Microsoft Corporation Catalog C Windows System mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system rsvpsp dll Microsoft Corporation Catalog C Windows system rsvpsp dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C ... Read more

A:Key Logger

Hello, You have multiple duplicates that have been deleted. You only need one topic which is here: http://www.bleepingcomputer.com/forums/t/489107/keylogger/The Malware Removal team has a queue they can access so your topic won't get lost. It's not necessary to keep reposting it. Your topic will get picked up and responded to by one of our volunteer helpers. You might want to subscribe to your original topic so you will be notified when you get a reply. Boopme is not a Malware Removal team member who works this forum. He is a Global Moderator who helps in The Am I Infected forum. You will be assisted here by someone else. Thank you for your patience. To avoid confusion I am closing this topic.

http://www.bleepingcomputer.com/forums/t/489160/key-logger/
Relevancy 36.98%

When I open Explorer or Word sometimes a message winow pop ups with an error Key Hook as message and could not create file mapping object I've ran diagnostics but to no key of logger kind Some avail catchme from gmer is reporting some kind of hooks detected NTDLL code modification ZwEnumerateKey ZwQueryKey ZwOpenKey ZwClose ZwEnumerateValueKey ZwQueryValueKey ZwOpenFile ZwQueryDirectoryFile ZwQuerySystemInformation Initialization error Combofix log ComboFix - - - AP - - - x Microsoft Windows Professional GMT Uruchomiony z c users AP Downloads ComboFix exe AV Microsoft Security Essentials Disabled Updated B BF E- BB- - AB-A A C A C SP Microsoft Security Essentials Disabled Updated A EAA- - E -AA B- E E EC SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF Usuni to c users AP AppData Local unins exe c windows pkunzip pif c windows pkzip pif F install exe Pliki utworzone od - - do - - - - - - ----a-w- c programdata Microsoft Microsoft Antimalware Definition Updates E A - CF- AF-A AC- Some kind of key logger B E C F mpengine dll - - - - ----a-w- c programdata Microsoft Microsoft Antimalware Definition Updates Backup mpengine dll Some kind of key logger - - - - -------- d-----w- c programdata Apple Computer - - - - ----a-w- c windows SysWow QuickTimeVR qtx - - - - ----a-w- c windows SysWow QuickTime qts - - - - ----a-w- c windows SysWow QTCF dll - - - - -------- d-----w- c program files x QT Lite - - - - -------- d-----w- c users AP AppData Local Apple Computer - - - - -------- d-----w- c programdata Apple - - - - -------- d-----w- C contig - - - - ----a-w- c windows SysWow Contig exe - - - - ----a-w- c program files Common Files Microsoft Shared VGX VGX dll - - - - ----a-w- c program files x Common Files Microsoft Shared VGX VGX dll - - - - ----a-w- c windows system ntoskrnl exe - - - - ----a-w- c windows SysWow ntkrnlpa exe - - - - ----a-w- c windows SysWow ntoskrnl exe - - - - ----a-w- c windows system win k sys - - - - ----a-w- c windows system winsrv dll - - - - ----a-w- c windows SysWow wow dll - - - - ----a-w- c windows SysWow setup exe - - - - ----a-w- c windows SysWow instnm exe - - - - ----a-w- c windows SysWow ntvdm dll - - - - ----a-w- c windows SysWow user exe - - - - ----a-w- c windows system drivers tcpip sys - - - - ----a-w- c windows system drivers FWPKCLNT SYS - - - - -------- d-----w- c programdata PDF Architect - - - - ----a-w- c windows SysWow FlashPlayerInstaller exe - - - - -------- d-----w- c users AP AppData Roaming Orbit - - - - ----a-w- c windows SysWow WindowsAccessBridge- dll - - - - -------- d-----w- c users AP AppData Roaming inkscape - - - - -------- d-----w- c program files x Inkscape - - - - -------- d-----w- c users AP AppData Roaming Malwarebytes - - - - -------- d-----w- c programdata Malwarebytes - - - - -------- d-----w- c program files x Malwarebytes' Anti-Malware - - - - ----a-w- c windows system drivers mbam sys - - - - -------- d-----w- c program files x Common Files Skype - - - - -------- d-----r- c program files x Skype - - - - -------- d-----w- c programdata ATI - - - - -------- d-----w- c program files x AMD AVT - - - - -------- d-----w- c users AP AppData Roaming skypePM - - - - -------- d-----w- c programdata Skype Extras - - - - -------- d-----w- c users AP AppData Roaming Skype - - - - -------- d-----w- c programdata Skype Sekcja Find M - - - - ----a-w- c windows SysWow FlashPlayerCPLApp cpl - - - - ----a-w- c windows SysWow FlashPlayerApp exe - - - - ----a-w- c windows system MRT exe - - - - ----a-w- c windows SysWow npDeployJava dll - - - - ----a-w- c windows SysWow deployJava dll - - - - ------w- c windows system MpSigStub exe - - - - ----a-w- c windows system pdfcmon dll - - - - ----a-w- c windows apppatch acwow dll - - - - ----a-w- c programdata Microsoft IdentityCRL production wlidui dll - - - - ----a-w- c programdata Microsoft IdentityCRL production ppcrlconfig dll - - - - ----a-w- c windows system atmlib dll - - - - ----a-w- c windows system atmfd dll - - - -... Read more

A:Some kind of key logger

Today i got the same poppup in skype but with "CBT Hook" in the message and the process name was ielowutil. I'm wondering if this is a key logger or something broken with explorer but I tried resetting the settings, however it didn't help.

http://www.bleepingcomputer.com/forums/t/486528/some-kind-of-key-logger/
Relevancy 36.55%

Hi all keystroke logger Possible infection? I think I may be infected with a keystroke logger I first noticed that my typing would skip letters like Possible keystroke logger infection? if I was searching Google for something the first letter wouldn t go in the search box Then I had my antivirus Avast stop working it froze up and I couldn t restart it Changed to AVG ran full scan Possible keystroke logger infection? - found nothing Got a call from credit card company Visa on - they had unusual activity on my account and put a hold on it Had to close account and open new one On got a call from my other credit card company Mastercard same deal Now no credit cards and many questions Ran Spybot - found problem Ran MalwareBytes found problems Possible keystroke logger infection? ran Spyware Terminator found problems Fixed each problem after each scan Not sure what to do now I had to do a Hijack This about years ago to take care of a different issue Trojan if I remember correctly So here is my Hijack This Log any and all help is greatly appreciated nbsp hijackthis log nbsp nbsp KB nbsp nbsp downloads

A:Possible keystroke logger infection?

Hi MarkinConneaut and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.I am Oh My! and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.In the upper right hand corner of the topic you will see a button called Watch this topic. Click on this then choose Immediate E-Mail notification and then Proceed and you will be advised when I respond to your topic by email.If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.==========Please take note:If you have since resolved the original problem you were having, I would appreciate you letting me know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and I will guide you. Please tell me if you have your original Windows CD/DVD available.If you are unable to perform the steps I have recommended please try one more time and if unsuccessful alert us of such and I will design an alternate means of obtaining the necessary information.Upon completing the steps below I will review your topic an do my best to resolve your issues.Use the 'Add Reply' and add the new log to this thread.==========I need to see some information about what is happening in your machine. Please perform the following scan again:Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

DDS.scr
DDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE==========I also need a log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.Please first disable any CD emulation programs using the steps found in this topic:Why we request you disable CD Emulation when receiving Malware Removal AdviceThen create a GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:How to create a GMER log===================================================Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachme... Read more

http://www.bleepingcomputer.com/forums/t/441164/possible-keystroke-logger-infection/
Relevancy 36.55%

Last week my AV software pcTools Spyware Doctor Antivirus found a Maljava trojan file quot fixed quot it then found Key Logger, Maljava.trojan possible another one probably the same one the next day and quot fixed quot it as well I ve been running full scans regularly to be sure that it s really gone and today when I started the scan I happened to look Key Logger, possible Maljava.trojan up just as quot solid key logger exe quot flashed across the scan Of course the AV software ignored this file but I m definitely worried that this could Key Logger, possible Maljava.trojan be something related to the trojan I searched all the hidden files the registry and examined all of the processes but no sign of any key logger Upon finding this site I ran defogger and then produced this DDS log DDS Ver - - - NTFSAMD Internet Explorer Run by Beano at on - - Microsoft Windows Home Premium GMT - AV PC Tools Spyware Doctor with AntiVirus Enabled Updated F A -D E - DF -A AE-CB F AB SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF SP PC Tools Spyware Doctor with AntiVirus Enabled Updated BB -F DA- F- A E-F FF F Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Windows system atiesrxx exe C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system atieclxx exe C Windows SYSTEM WISPTIS EXE C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files x Adobe Elements Organizer PhotoshopElementsFileAgent exe C Program Files x Common Files Adobe ARM armsvc exe C Program Files x AMD RAIDXpert bin RAIDXpertService exe C Program Files x AMD RAIDXpert bin RAIDXpert exe C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Windows system conhost exe C Program Files Bonjour mDNSResponder exe C Program Files x Spyware Doctor BDT BDTUpdateService exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Program Files x Hewlett-Packard HP Easy Backup HPBtnSrv exe C Windows SysWOW svchost exe -k hpdevmgmt c Program Files x Common Files LightScribe LSSrvc exe C Windows System svchost exe -k HPZ C Windows System svchost exe -k HPZ c Program Files x Common Files Protexis License Service PsiService exe C Program Files x Spyware Doctor pctsAuxs exe C Program Files x Spyware Doctor pctsSvc exe C Windows system svchost exe -k imgsvc C Windows system Wacom Tablet exe C Program Files x StartNow Toolbar ToolbarUpdaterService exe C Windows system WUDFHost exe C Program Files x Spyware Doctor pctsGui exe C Windows system Dwm exe C Windows Explorer EXE C Windows system taskhost exe C Program Files Hewlett-Packard HP MediaSmart SmartMenu exe C Program Files x hp Digital Imaging bin hpqtra exe C Program Files x Hewlett-Packard HP Odometer hpsysdrv exe C Program Files x hp HP Software Update hpwuschd exe C Program Files x Common Files Java Java Update jusched exe C Program Files x Citrix ICA Client concentr exe C Program Files x Common Files Adobe ARM AdobeARM exe C Program Files x Epson Software Event Manager EEventManager exe C Program Files x Citrix ICA Client wfcrun exe C Windows SYSTEM WISPTIS EXE C Program Files Common Files microsoft shared ink TabTip exe C Program Files x Common Files Microsoft Shared Ink TabTip exe C Program Files x iTunes iTunesHelper exe C Program Files Windows Media Player wmpnetwk exe C Windows system WTablet Wacom TabletUser exe C Program Files iPod bin iPodService exe C Windows system Wacom Tablet exe C Program Files x HP Digital Imaging bin hpqSTE exe C Program Files x HP Digital Imaging bin hpqbam exe C Program Files x HP Digital Imaging bin hpqgpc exe C Windows system taskeng exe c Program Files x Hewlett-Packard Media DVD DVDAgen... Read more

A:Key Logger, possible Maljava.trojan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
wininit.exe
hlp.dat
/md5stopPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt<--Will be minimizedIn the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

http://www.bleepingcomputer.com/forums/t/440051/key-logger-possible-maljavatrojan/
Relevancy 41.71%

Hello -- my brand new XPS with Windows and McAfee is infected with malware The symptom is a browser window will Redirector or with Infected Tracker automatically open randomly Infected with Tracker or Redirector and redirect me to some strange site like quot s histats com quot quot v a com quot quot forex-brokers com quot etc I ve put each in my hosts file to prevent this but I still would like to remove the malware I ve already downloaded or run many antivirus software packages including Kaspersky Eset Ad-Aware Spybot Malwarebytes and some of the custom-written apps from this site Each one either does not detect anything or reports a different name or type of malware virus MBAM calls it quot Trojan Agent quot and quot Malware Trace quot and can t remove it upon numerous reboots Kaspersky calls it quot Trojan Spy HTML Fraud quot Eset calls it quot Variant of Worm Ainslot aa quot and can t remove it Nothing seems to work In each case I can run a bunch of tools and things appear better in Safe Infected with Tracker or Redirector Mode but after restarting into quot regular quot mode I see the random browser window try to open and new scans with MBAM show the malware is back The worst part is my paid installation of McAfee doesn t report a thing During one scan I think Kaspersky found a trojan in my inbox so I deleted my inbox and uninstalled Thunderbird and even that didn t work so here I am Saying you guys are busy is probably the understatement of the year but I am stuck I wanted to fix this on my own and I still have one bullet in the gun where I can wipe the disk and start over but I d rather not as I would need to back up several gigs of personal stuff first then of course put all that stuff back -- and those files may be infected too If you can help me out I would sincerely appreciate it

A:Infected with Tracker or Redirector

I ended up wiping my disk and starting all over.For those interested, I had what I believe to be two infections. One was a Trojan that somehow arrived from an "Amazon 20% off" coupon or offer in my Thunderbird inbox; Kaspersky seemed to get rid of that one.The other one was a spyware tracker that was logging my keystrokes and putting them in various files named "nnn" or "o". It was also attached to an executable named, "svhost.exe" which lived in a few places, at least two were "C:\Users\<user_name>\AppData\Roaming\microft" and "C:\Users\<user_name>\AppData\Roaming\sohft". There was also a process that would run which was linked to this tracker. I don't remember the name exactly but it was something like "nc1rtrc1.exe" with no additional info and a couple of keys that lived in my registry in a folder named "VB and VBA ..." something and a couple of other places.This piece of crap could not be removed by any software tool but was reliably detected by Malwarebytes as "Malware.Trace", but only when MBAM was run from standard mode (Safe Mode did not produce reliable scan results). Eset could also detect it but could not remove it either. This is all for Windows 7 on a PC, too. XP and other systems may be different.I was hoping the team at MBAM would have an update to get rid of it. I'm sure after a short time they will but anyway I chose the extreme option. I did lose some data but that's okay. It was disappointing not to see this elevated to a "current threat" on some of the more popular A/V websites but I suppose since it's not "destructive" per se it won't be given a lot of attention. Also, I uninstalled McAfee because I found it virtually useless, annoying with its reappearing desktop icon and pop-up messages, restricted configuration scanning and updating options and buggy interface when operating in Safe Mode -- and I paid for it. I will be buying MBAM and Avast; hopefully that combo will keep the system protected.Hope this helps anyone needing more info.

http://www.bleepingcomputer.com/forums/t/438540/infected-with-tracker-or-redirector/