Computer Support Forum

Gmail hacked twice and Ebay Account too - Malware?

Question: Gmail hacked twice and Ebay Account too - Malware?

A couple of weeks ago I found out that someone was asking sellers questions posing as me on Ebay. They changed my Ebay password and so I was locked out. I managed to verify my identity through Ebay's sytem and change my Ebay password.
Around the same time I received an e-mail to myself advertising Viagra and upon logging into Gmail via the web saw that a group e-mail to all my contacts had been sent. I also found out later that they had been forwarding a copy of all my mail to a French e-mail address and sending the original mails to my Trash. I removed the forwarding and changed my Gmail password.

Under Last account activity on Gmail it showed that my account had been accessed by a couple of rogue IP addresses abroad.

I thought that would be that but it seems that there have been a couple more attempts (according to Gmail's IP address log) since over the last week.

I am running Comodo Internet Security and scans have shown nothing.

I just ran Panda's online scan and it reported that I had the following:

W32/Gaobot.OXI.worm

Bck/Tdss.AL

Trj/CI.A

All of which it says are not disinfectable. All three are located in files downloaded from a Newsgroup andare located on a partition (not C: drive).

I had reinstalled Vista just a month ago. My partition was untouched by the reinstall. The three files which supposedly contain virus's have not been executed for over 6 months so could they still be the culprits? I have deleted the files in question but I guess that's not done a thing.

Any help greatly appreciated.

Here's my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:12:25, on 24/07/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18470)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Geoff\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Google Update] "C:\Users\Geoff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 14280 bytes

Relevance 100%
Preferred Solution: Gmail hacked twice and Ebay Account too - Malware?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Gmail hacked twice and Ebay Account too - Malware?

14 more replies
Relevance 88.45%

A couple of weeks ago I found out that someone was asking sellers questions posing as me on Ebay. They changed my Ebay password and so I was locked out. I managed to verify my identity through Ebay's sytem and change my Ebay password.Around the same time I received an e-mail to myself advertising Viagra and upon logging into Gmail via the web saw that a group e-mail to all my contacts had been sent. I also found out later that they had been forwarding a copy of all my mail to a French e-mail address and sending the original mails to my Trash. I removed the forwarding and changed my Gmail password.Under Last account activity on Gmail it showed that my account had been accessed by a couple of rogue IP addresses abroad.I thought that would be that but it seems that there have been a couple more attempts (according to Gmail's IP address log) since over the last week.I am running Comodo Internet Security and scans have shown nothing.I just ran Panda's online scan and it reported that I had the following:W32/Gaobot.OXI.wormBck/Tdss.ALTrj/CI.AAll of which it says are not disinfectable. All three are located in files downloaded from a Newsgroup andare located on a partition (not C: drive).I had reinstalled Vista just a month ago. My partition was untouched by the reinstall. The three files which supposedly contain virus's have not been executed for over 6 months so could they still be the culprits? I have deleted the files in question but I guess that's not done a... Read more

Answer:Gmail hacked twice and Ebay Account too - Malware? Help!

hi BritishBeef,your log is a few days old. If you still need help post back.

1 more replies
Relevance 82.41%

I have recently been notified by e-bay that my account was fraudulanly accessed. They have put a block on the account. How can I protect myself from future hacking? I run AdAware & Spybot & have Zone Alarm installed.Thanks

Answer:Ebay account hacked

Can you post the email here for us to see, you may the victim of a phishing email. Telling you that your account has been hacked and blocked is a common ploy.

6 more replies
Relevance 81.18%

Hi,

Today I received an email from eBay saying that I requested my username (which I didn't), so I went onto ebay and saw that it was in My Messages folder as well, so thought it was ok.

But then while I was on msn I kept receiving emails from eBay, so I clicked on the email icon and I was prompted to enter my password for hotmail. I entered my password but it said that it was incorrect (even though I was still logged into msn messenger). I kept trying but still didn't work. I then went onto ebay to find that the exact same thing has happened, someone has changed my account for ebay as well.

I did go on the 'Forgotton your password' link for msn, but the secret question was just '????????' so I couldn't change it.

I've changed my paypal, amazon and play emails and passwords and contacted ebay, but is there anyway I can get my hotmail account back? Or anything else that I should do?

cheers
 

Answer:Hotmail & eBay account hacked

Only by trying to answer the secret question or by trying to contact Hotmail and proving that you are the rightful owner and the account has been hacked - which isn't easy and usually not successful.
 

1 more replies
Relevance 81.18%

Though I've managed to reset the password I am puzzled as to how it happened. For one, I was using a new laptop (instead of my tower) with a wireless netwrok to my Orange wireless router and I'm wondering if somehow someone (maybe nearby) has jumped onto the either the router or this laptop. Is this possible, or have I got the wrong end of the stick?

Answer:Ebay account hacked last night

Using a Wireless connection, Yes just about anything can happen, especially if the connection is not fully secured. Though don't ask me details, I am not an expert on Wireless!

7 more replies
Relevance 81.18%

A couple days ago, my ebay account got hacked into and tried to list something. ebay somehow noticed it right away and shut it down. I never ever ever click on any links in emails that seem to be from ebay due to all the fakes and my password is impossible to guess. So, I'm a little worried and would like you guys to check my HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 10:16:48 PM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files... Read more

Answer:Someone hacked into my ebay account. Check up please

* Click here to download Webroot SpySweeper.

(It's a 2 week trial.)

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.

Also post a new Hijack This log.
 

1 more replies
Relevance 77.9%

Hey,
I noticed that somebody else besides me has logged into my gmail account. When I went to log in activity yesterday it told me that someone log in with ip address 216.194.62.45(metconnect) which is Brooklyn and I live in the Bronx. I changed my password and today someone has logged in with ip 216.194.62.206(metconnect) which is Staten Island. The strange thing that has also happened is that I couldn?t log in today with the new password that I made yesterday. The password was changed backed to the old one.

Any ideas on what might be going on and what can I do?
Thanks

Answer:My gmail account hacked?

Contact Google about it. Only they can help you out. If changing the password didnt help.

1 more replies
Relevance 77.9%

Hey,

About six weeks ago, both my Gmail and WoW accounts were hacked. I recovered my accounts and changed my passwords on a clean computer, and ran Avast, Malwarebytes, and Microsoft Security Essentials. They found a few viruses and they were deleted, and I received no more trouble.

However, just a few days ago my Gmail and WoW account were hacked again. I once again recovered my accounts, changed my passwords on a clean computer, and ran the same three anti-viruses. This time, however, they didn't find any viruses.

I very strongly doubt that someone got a hold of my passwords because a) no one knows my passwords, and I change them regularly, and b) the accounts were accessed from China both times (and I live in Canada). Both times, the hacker changed my passwords, and despite having access to a lot of other information, only used my WoW account to sell in-game items.

I would greatly appreciate any assistance in helping me find what I assume is some sort of keylogger. Thanks!


DDS (Ver_10-12-12.02) - NTFSx86
Run by Windows at 23:07:12.10 on Mon 02/21/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.355 [GMT -5:00]

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\... Read more

Answer:Gmail and WoW Account Hacked

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

A guide and tutorial on using ComboFix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

Please re-enable your antivirus before posting the ComboFix.txt log.

------------------------------------------------------

9 more replies
Relevance 77.9%

Sorry if i am posting in the wrong topic...i had my gmail account hacked last night.I got phone number changed,and verification email change...completed a recovery gmail form,but i keep geting mails back that i need to provide more info.I provide all the info they asked...i always log from same IP(HOME)and work also,but usualy same IPs for some years now.They can check easily that i only log from same country....city....has anyone had any experience with this?Can you give me some ideeas on how to recover my email back..
any ideeas are apreciated.
thanks
 

Answer:GMAIL account hacked

That's awful .....was your pw very simple? How did they get in? Was your chrome account still safe? That would be a huge problem
 

5 more replies
Relevance 77.9%

I was unfortunate enough to have my personal Google gmail account hacked this morning by one of these spammers that resets your password and then sends an email to everyone in the address book that you've been robbed in London and need the recipient to wire money so you can make it home. I haven't been able to access the account and I guess it is gone for good because Google keeps rejecting my account recovery pages. So far, apart from the damage to my pride, nothing seems amiss. I have some annoyed and some amused customers contacting me but my main concern is is the damage limited solely to Google? I don't have a keylogger or anything like that do I? How would I know? Is there any way I can get back into that account without Google's help? I've been changing passwords and usernames all day but I'm paranoid that I've forgotten something. As an extra precaution I reset my computer to a clean restore point before all of this happened. Any help/encouragement is definitely appreciated.

Answer:Gmail account hacked...

Never mind guys. I've sorted it.

3 more replies
Relevance 77.9%

Hi

I logged on to my Gmail account this morning, and found that the vacation setting was on. I thought this was strange, as I hadn't set it, so I opened the settings and found that it was set to send some dodgy mail to anyone who wrote to me, inviting them to meet online and sending a link to some pics (obviously, I didn't click this link).

Then I checked my sent messages to see how many people it had been sent to, and found that not only had it been sent to people who wrote to me during the night, but also that a different mail had been sent to a whole list of people whose addresses were all very similar:
pers-(then some letters and numbers)@craigslist.org

The mail said only "heyy, i think we can fill each others ad " - with no link. One person actually replied to this wanting to meet up!!!

The subjects headings were replies, like "Re: Fun witty guy Looking - 26 (Central Point)" or "Re: anyone real? - 19", suggesting that they might be replies to dating posts.

I do not look at Craigslist.org, and have not looked at any dating posts anywhere.

How has this happened from my email address, and how safe am I now? It seems to be back to normal now.....

Thanks for any advice you can give.

Guy
 

Answer:Has my Gmail account been hacked??

To read: http://tech.yahoo.com/blogs/null/586...B4eB3JLpcFLZA5

E-mail spoofing

A feature of the protocol that email is based upon is that the email message itself has a number of spaces (data fields) for information like the "intended recipient", "sender's email address" and the "return email address", "CC", "BCC", etc etc. within the email datagram (think of email like a picture postcard with spaces for the sender name and address as well as name and address of the person it is being sent to).

What someone has done (or rather set up a piece of software to do) is send a spam email to so many million email addresses with the sender's FROM email address set to be the same as the "intended recipient's" TO email address. This is done for two main reasons, partly to try to get past email spam filters that filter on known spammer's FROM addresses (or email domains) and partly to hook your interest in getting an email from yourself - which it achieved.

So the spammer is not sending spam email from your email account (that is - they are not hacking into your account and typing messages), but simply using your email address to send spam email to you. Just as if you had got a picture postcard through the post addressed to you with the offer of cheap Viagra but was signed with your name.
You can also try a program like MailWasher.
 

1 more replies
Relevance 77.08%

I had the worst problem ever with a GMAIL account. Not only did the hackers change my GMAIL account password, but they setup 2-step verification so I can't get it back.    I don't care if I ever use this account again, but I want to close it so that when associates email this account they will get a bad address notification.
 
Does anyone have any advice?

Answer:I want to close my hacked GMAIL account

Contact the provider/host of said account.
 
Louis

3 more replies
Relevance 76.26%

Every time I sign out of gmail and sign back in I get the following message 'account open in 1 other location '.
The new location has the same IP.I sign out of the other session and try again, the same message.
 
I do not use gmail anywhere accept this computer.I am using Ubuntu.
I get the same message if using  other OS's such as Fedora on a Pen drive
or Windows 7 on another Home machine,though I only use my Ubuntu
machine.
 
I did the following.
 
1.Formatted the PC and reinstalled Ubuntu.
2.Changed ISP's ,one ISP goes through my Home phone/LInksys router the other ISP i use is wireless dongle
   mobile networks,[ had caught the ISP admin doing something naughty some Years ago and warned him].
   I get the same message.
3.Tried Fedora on a pen drive.Get the same message.
4.Created a VPN using zenvpn and than TOR, This showed open in two locations in a newly created gmail account...!!?
   All new locations have the same IP.
 
Any suggestions would be very helpful.

Answer:Suspected MiTM,gmail account hacked.

"The new location has the same IP.I sign out of the other session and try again, the same message."
 
Are you signing out of the session you just logged into or the one "... in the other location"?
 
The message about the other location, it has the IP of where it is, is it the same IP as where you are just logging in from?
 
You sure there is nothing running in the background that may be automatically logging in (like google apps, drive, etc?)

0 more replies
Relevance 75.44%

I would like help to ensure my computer is free of any malware, spyware etc. my gmail account was hacked and bank account used fraudulently in the last few days. I have been using avast & rapport for security. Ive already changed passwords, locked online banking etc.
Thanks guys
Black-hawk 147

Answer:Gmail account hacked / fraudulent bank payments

... still requiring help when available
 
Thanks
 
Blackhawk147

12 more replies
Relevance 68.47%

Hi all, I'm back with a new problem. My aol account was hacked into and the hacker is sending emails to all contacts in my address book with a bank or financial email. They have been able to obtain my bank information as a result! This is quite alarming, to say the least, and I was wondering if someone could help me find out if this is coming from some sort of trojan or malware on the computer. I am on a Mac now, but we also use a PC. Any help would be greatly appreciated! Thank you in advance!
 

Answer:AOL Account hacked, malware or virus??

Hello, limigator



Many times people have their email passwords stolen due to accessing their email accounts from other PCs ( a friends, a public PC like a library, hotel,..etc ) or even using their own PC in public wifi type hotspots which are not secure. When something like this happens, it is a good idea to use a different PC to change ALL passwords for all accounts, (user-accounts on your PC and for banks, credit cards, online accounts,..... etc). You should also take the time to check with all financial institutions to make sure no illegal activity has been occurring, continue to check for a few months since stolen information is not always used immediately..Click to expand...

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and then attach the requested logs to your next reply when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe... Read more

1 more replies
Relevance 68.47%

I'm not sure if I have any malware but I've had my Google AdWords account hacked - I haven't got any phising e-mail or something like that so somehow my login information has been compromised. Google has looked into it & they told me to check for malware on my computer. Does anyone know how this may have happened. I've seen several threads regarding hacked accounts on Google & I wonder if someone knows anything about this. I have ZoneAlarm, ESET antivrius & AdAware installed on my computer & I haven't really found anything suspicous when I run scans. I do however got some warnings in my browser a couple of times (firefox) when visiting google - what's happening is it warns me that something or someone is trying to hide their identity by looking like google or somthing like that - never seen that kind of warnings before & that really made my start to suspect something...together with the AdWords hack of course.
If someone have some time I would appreciate some help with this.

All the best, Niklas
Here is my HiJackThis log-file.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:10, on 2008-09-03
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Pr... Read more

Answer:Hacked google account - possible malware..?

An update...
I did a scan of my computer using AdAware.
I found this trojan: win32 trojan proxy horst that is stored on my external harddrive...might this be the problem? I've removed it with AdAware.

Niklas
 

1 more replies
Relevance 67.65%

My webhosting account was hacked.

The awesome security staff at HostGator removed the malware and fixed the entry point.

They suggested I run ComboFix to determine if malware was installed on the PC I use to access my sites before alerting my users that their systems may have been compromised.

Below is the log file. Many thanks in advance for reviewing my log file.

ComboFix 12-07-16.01 - Mike 07/17/2012 18:40:44.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8136.6060 [GMT -4:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Mike\AppData\Local\assembly\tmp
c:\users\Mike\AppData\Local\Temp\{126FAC1B-AABA-494E-9C45-72D440BDB226}\fpb.tmp
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-11 02:55 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win3... Read more

Answer:Web Hosting Account Hacked - Malware Installed

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461162 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 67.65%

Hi,

I seem to have malware on my computer that I can't get rid of. My computer has been running slow for a few weeks so I ran Spybot and Adaware and thought I had got rid of the problem. However yesterday my facebook account was hacked (a message was sent to all of my friends telling them to click on a link). Today, I keep getting pop ups saying 'My Computer - alert'. Also, if I google something and click on one of the links, I will be redirected to different sites (This is only happening in IE, not Firefox).

My brothers have been using my computer recently and they do quite a lot of online gaming so I don't know whether they've downloaded something dodgy by mistake.

I did an AVG scan today and it found 3 threats (which have been moved to the virus vault), but that doesn't seem to have helped.

Here is my hijack this log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:38:26, on 20/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mo... Read more

More replies
Relevance 67.65%

Hi guys,

I was wondering if anyone could help me with a little problem I have with my computer and hotmail account at the moment. I have a basic knowledge of computers and the internet, so I hope I have followed the instructions in the 'sticky note' above correctly. I apologise in advance if I haven't :-)

On Thursday night I visited a website called Mediafire to view some photos and videos that a group of friends had set up from a weekend workshop. I downloaded 4 videos from this site that my friends had taken. As I downloaded each one, I noticed two pop-ups would open on my computer advertising other sites and musicians. After this happened I ran an AVG scan, Malware scan and Adaware scan on my computer, all found no infections.

However, since then, my computer has been running very slowly and my hotmail account was hacked Friday morning and spam sent to all the contacts in my address book. (The email contained a link to a site selling v *****).

I ran Spybot Search and Destroy this morning and it found the following 'infections': adviva, casale media, coremetrics, doubleclick, fastclick, mediaplex, statcounter and webtreads live. I have also changed my hotmail and facebook passwords.

Due to the latest media attention of the vulnerability of Internet Explorer, I started to use Firefox last week. I haven't had any problems with IE for over 10 years, but already have had a problem with Firefox within the first week. It didn't seem to block the pop-ups like IE ... Read more

More replies
Relevance 67.65%

Hi,

I had my hotmail account hacked last night and it sent spam to all my contacts. I changed the password but when I tried to log in, it said too many attempts were made. I filled out the Microsoft form to get it reset, but still waiting on them. I use MSN Messenger and run Avast but apparently it didn't catch the attack. I want to make sure there is no malware program or something that is remembering my keystrokes. Is there a way to check this? I downloaded Hijack this. There do not appear to be any problems in surfing, etc. One odd thing, I can check my hotmail account but not on any pc's. Anybody have any ideas? Thanks!
 

Answer:Hotmail Account Hacked - How to check for Malware?

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.
After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a different user account (if you have on... Read more

7 more replies
Relevance 65.6%

Hi, recently my Gmail account sent out the following email to everyone in my contacts list.***************Dear friend:i would like to introduce a good company who trades mainly in electornic products.Now the company is under sales promotion,all the products are sold nearly at its cost.Original Products + Best Quality + Brand New + Warranty + Quick Shipping + 100% Secure . the price is a surprising happiness to you! It is realy a good chance for shopping, please contact them as soon as possible!!!!The web address: <hxxp://www.electronics-brand.com>**************I am concerned that my computer might be infected or hijacked (I have changed all the passwords, etc. on that account but am not sure if the computer itself is infected. As you can probably tell, I am not very informed about these things and got here via several other links on this topic...apologies if it's not the appropriate place to post it!).Here's the DDS log.I'd really appreciate any information or advice you could offer. Thank you!DDS (Ver_09-05-14.01) - NTFSx86Run by Dr. Josh at 17:32:56.44 on Sat 05/16/2009Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13Microsoft® Windows Vistaâ„¢ Home Basic 6.0.6001.1.1252.1.1033.18.3545.1744 [GMT -5:00]AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}SP: Windows Defender *enabled* (Updated) {... Read more

Answer:possibly infected with malware, has hijacked my gmail account

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

16 more replies
Relevance 60.68%

Hi guys. Recently someone from Bosnia bought a camera using my ebay account.I have no protection at this time, so I guess I have been keylogged.I also saw a few unfamiliar .exes running in my task manager. Backing up and reformatting is probably not an option.. cause the virus/malware might still be in one of my files?Here's my HJT LOGQUOTELogfile of Trend Micro HijackThis v2.0.2Scan saved at 7:26:11 PM, on 5/6/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\System32\rundll32.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Documents and Settings\miansc\osr\osr.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exeC:\Program Files\E-Mail Verifier\EMVerifServ.exeC:\Program Files&... Read more

Answer:Ok so my ebay acc. got hacked..

Sorry, wasn't sure what to put in the title as I believe I'm infected with many things.

6 more replies
Relevance 59.45%

Hi I ve just had a couple of rejections when trying to share files on onedrive.
The recipient has a gmail account and I have been able to share with them previously

More replies
Relevance 59.04%

Hello, Nov. 1st/2nd 2011 I was hacked into by a ebay scammer, I think. I think they came through my gmail acct. but am not sure. I think they may still have access. to my pc. There are a lot of files thaat look suspicious and can 't be removed. I have norton software and malware bytes. I block almost every tracking cookie I get but still think something is wrong . Thanks you for any advice nd will donate to your site if possible, for your help.

Answer:Hacked by a ebay/paypal scammer?

Hello and welcome, I moved thos to the Am I Infected forum from Windows 7.Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1 <<<== Use this one first.Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checke... Read more

21 more replies
Relevance 59.04%

http://www.theglobeandmail.com/technology/ebay-asks-all-users-to-change-passwords/article18771622/





E-commerce company eBay Inc. said a database was compromised in a hacking attack between late February and early March, and clients’ non-financial information was stolen.

EBay said the compromised database contained customer names, encrypted passwords, e-mail addresses, birth dates, physical addresses and phone numbers. It said it would ask users to change their passwords.Click to expand...

Probably good idea to change that password everywhere if you reuse it.
 

Answer:Ebay hacked... change your passwords

Second source http://www.usatoday.com/story/tech/2014/05/21/ebay-breach/9368969/
 

7 more replies
Relevance 58.63%

Gmail Customer Service Support for solving Gmail account not working , Internal Microphone not working in GMail Voice-Solved, Gmail Notifier not working? Email forwarding to Gmail not working, Fixing Mac OS X 10.10 Yosemite Gmail Bug, Use Gmail? Not working with Outlook?
 

More replies
Relevance 58.63%

Today I found someone has been accessing my yahoo, ebay and paypal accounts. They stole $3000 bucks from my checking account! How could this happen? I have Mcafee Antivirus protection and also run adaware and spybot. There we no problems found. Ebay suggested I run Housecall and it found a couple medium threat items and fixed them. Could it be remote access?

I would appreciate a review of my HJT log below...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 820 PM, on 4/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\SigmaTel\C-Major Audio\WDM\Stacsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Tech... Read more

More replies
Relevance 58.63%

Hi guys. Im new to this forum, Hope you can help. My ebay and hotmail accounts where hacked and my pw changed on my ebay. I have managed to get control back but im worried i might have a virus. I have used hack this but it means nothing to me. COuld someone plase have a look and tell me what to do to stop it happening again, Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:26:50, on 30/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\ntl\b... Read more

Answer:Ebay and hotmail has been hacked. think i might have a keylogger virus

please someone???
 

2 more replies
Relevance 58.63%

Different computer than my other post,,,Today I found someone has been accessing my yahoo, ebay and paypal accounts. They stole $3000 bucks from my checking account! How could this happen? I have Mcafee Antivirus protection and also run adaware and spybot. There we no problems found. Ebay suggested I run Housecall and it found a couple medium threat items and fixed them. Could it be remote access?I would appreciate a review of my HJT log below...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 820 PM, on 4/19/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\mcshield.exeC:\Program Files\Network Associates\VirusScan\vstskmgr.exeC:\Program Files\Visi... Read more

Answer:I've Been Hacked My Email, Ebay And Paypal Passwords!

Hello ucmeflynWelcome to BleepingComputer ========================Download GMER from here:http://www.gmer.net/files.phpUnzip it to the desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results (if any) into this thread.

15 more replies
Relevance 57.81%

In the past I made the mistake to use my Gmail account to create a new Microsoft account (previously known as Microsoft Passport). At that moment everything worked like a charm. Reading mails on my WP8 was easy and worked as expected.
Then Google decided to boycott Microsoft. They made sure that it was almost impossible to connection to a Gmail account from a WP device. Luckily MS gave us a way to connect your Gmail to a Outlook.com account (as described here http://windows.microsoft.com/en-us/outlook/gmail). Because my MS account used the same login (ex. [email protected]) as my Gmail account, this was a very easy way to fix things. I immediately did this and at first it did what it had to.
After a while I found it frustrating that my emails were now synced on 2 mailboxes using the same login. On my desktop (where I use Outlook 2015) I connect directly to the Gmail account and on my phone (now WM10) I can only connect to the Outlook.com one. This is annoying because when I read mails on my phone, they are still unread on my PC.
I read that it is now possible again to connect directly to Gmail on WM10. So I tried to add my Gmail account again. I then found out that this wasn't possible because there was already an account with the same login ([email protected]). Normally you can just delete the old account (Outlook.com) before adding the new one. But since my [email protected] is also known as my MS account, I can't delete it. It is tied to the account and will always connect to... Read more

More replies
Relevance 57.4%

My WoW account was recently hacked into. After dealing with blizzard i had my password changed and my account restored. The hacker then hacked my account again and this time changed my Battle.net address along with the password. He also attempted to steal my hotmail at this point in time. I then began to look for keyloggers and viruses with hijackthis and various virus programs including Spybot, Kaspersky, Microsoft Security Essentials, and MalwareBytes. I deleted a bunch of toolbars using hijackthis and am stumbling across various files that i am unsure of. I do not want to mess up my new computer so i am going to stop deleting things until further notice.

Answer:My WoW account was hacked along with my email. am i still hacked?

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

1 more replies
Relevance 56.58%

My windows 8.1 mail app always gave me an option to add additional google/gmail accounts. It gives option to add Outlook and exchanger sever and "add other" but not gmail or google account. When I choose other and put in address it can not find
t.  I now have to go in thru google browser to open that account. Anybody no what happened here?

More replies
Relevance 56.58%

Hello.
I'm having difficulties signing in using both Firefox and IE.
Each time I try to sign on to Yahoo, Amazon, Ebay or GMail (these are the ones I've attempted so far.) I get a "Problem loading page"/"Unable to connect" error.
Can anyone help diagnose this problem?

Logfile of HijackThis v1.99.1
Scan saved at 11:47:38 AM, on 5/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\S... Read more

Answer:Problems signing in (Yahoo, Amazon, Ebay, Gmail, etc.)

You have two anti-virus programs running, which will cause trouble. Uninstall one of them.

Please update your version of Hijackthis:
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Please download Malwarebytes Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy the entire report and paste it in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process... Read more

1 more replies
Relevance 56.58%

Hi;

I have created a new account in Gmail. When i enable the system to import mails from old yahoo account, system accepts the user name but for password of Yahoo, it shows an error of password missmatch of that account while i daily logs in with same user name and password of Yahoo. I changed my password of Yahoo but results are the same. Please help.
 

More replies
Relevance 56.58%

hello
How do i move my email with all my runs from a GMAIL account to a OUTLOOK.COM account?
thanks in advance

Answer:How do I move my email with all my runs from a GMAIL account to a OUTLOOK.COM account?

Hi... I think we need more details. Could you join the site so you can reply in this thread?
What App was used to capture the runs? What device did the tracking?
Where are you trying to view the runs? What output (Google Maps, App "X", printout maps)???
On the surface it looks like you are asking about an email... Which you could forward. I think what you really want is how to move a service to a new email address as the reporting default without loosing all your stored data, yes?
So more details are critical.

2 more replies
Relevance 56.17%
Question: hacked gmail

If I have posed this in the wrong place, advice as to where to post it is welcome.

My gmail account was hacked. I advised gmail they cancelled it, I went through the process to get back the account name with a new password. Today, gmail returned an email that I never wrote as undeliverable leading me to believe that my account is still being used by someone. The gmail account is attached to many things including my blog, so I would like to keep the name.

However, it seems I still have the problem and don't know what to do.

Can anyone offer advice?

Answer:hacked gmail

This does not necessarily mean someone has hacked into your account. You can log in to Gmail and go to sent items and see if that specific email was sent from your account (although this is not a foolproof method). You can also see at the bottom of the Gmail screen when your last activity was.
For interest sake anybody can set up their email account but use your Gmail address as the "reply to" address. In fact this is what a lot of spammers and bots do. The spammer can then send unsolicited email to people and the recipients think the emails come from you.

6 more replies
Relevance 56.17%
Question: Gmail Hacked

My Gmail account was hacked recently. I think it was a cross site request forgery method was used but apparently thats been fixed http://www.gnucitizen.org/blog/google-gmail-e-mail-hijack-technique/. Any other know reasons. Below is what happened

i received an email from warez-bb.org saying please confirm your registration but i though it was a mistake and thought nothing of it. i then received an email saying i was banned from warez-bb forums for a certain post so out of curiosity i decided to have a look as to why i was banned from a site i never registered or posted on. turns out i couldn't log on using the user name and password they had previously sent me because i was blocked.

I decided I'd check my gmail log on history to see if i could find anything. Turns out i was logged in from 121.96.217.98 and was logged in at 3:30am when i was sound asleep in bed. Somebody hacked my account, they were chating to a friend in the states too. First thing i did was change the password to something even stronger than the previous and change the secret question, changed the hotmail one too as they linked and other passwords too. Restricted pop and imap access and disabled a few google labs gadgets.

My first thought was because my email address was all over recruitment sites with my C.V. but not my password obviously, i thought they might have got the email address and cracked the secret question or something. Next thing i thought was that linked in was hacked and as its t... Read more

More replies
Relevance 56.17%
Question: Gmail Hacked?

My Gmail account was temporarily disabled after a "suspicious" login occurred. The login was through a Windows computer, which I don't have, so evidently something was wrong. I changed my password after re-activating th account. However, my email address is no longer displayed at [email protected] but [email protected] with no period separating. Also, when I send emails the address that I am sending from (and what people see) says "Match.com". I have absolutely no idea how to fix this short of deleting my whole account (which I don't really want to do).
 

Answer:Gmail Hacked?

6 more replies
Relevance 56.17%
Question: Gmail Hacked

My Gmail account was hacked recently. I think it was a cross site request forgery method was used but apparently thats been fixed http://www.gnucitizen.org/blog/googl...ack-technique/. Any other know reasons. Below is what happenedi received an email from warez-bb.org saying please confirm your registration but i though it was a mistake and thought nothing of it. i then received an email saying i was banned from warez-bb forums for a certain post so out of curiosity i decided to have a look as to why i was banned from a site i never registered or posted on. turns out i couldn't log on using the user name and password they had previously sent me because i was blocked.I decided I'd check my gmail log on history to see if i could find anything. Turns out i was logged in from 121.96.217.98 and was logged in at 3:30am when i was sound asleep in bed. Somebody hacked my account, they were chating to a friend in the states too. First thing i did was change the password to something even stronger than the previous and change the secret question, changed the hotmail one too as they linked and other passwords too. Restricted pop and imap access and disabled a few google labs gadgets.My first thought was because my email address was all over recruitment sites with my C.V. but not my password obviously, i thought they might have got the email address and cracked the secret question or something. Next thing i thought was that linked in was hacked and as its the only website i ever let conn... Read more

Answer:Gmail Hacked

Don't know how your email was hacked, but I will offer some advice from personal experience:Check all of your online activity -- especially anything associated with financials like your banking and credit card accounts. Immediately change the password to your online bank account and credit card access and inform them that you may be a victim of identity theft.If you are in the United States, you can easily put a 90 day fraud alert on your social security number. You may think this is being a bit melodramatic and over the top, but I assure you that if someone accessed your email and it was linked to recruitment sites, whoever did this could possibly have access to all that is needed to steal your identity.Go to: Experian. At the bottom of the page under the Additional Products & Services section - Credit Report Assistance, click on Fraud Alert. This will bring you to a page where your first option will be to click on Initial Security Alert (90 days). Click on that link. It's a secure site. Once you fill out that information, your information will be provided to TransUnion and Equifax (the other two credit bureaus). You can then print out a credit report if you wish. This 90 day alert can be renewed every 90 days forever if you desire.Be proactive. If someone has accessed any of your personal information, don't let them walk away with any more of it. You may think I'm an alarmist, but ask anyone who has had their identity stolen and they'll tell you that it all ... Read more

1 more replies
Relevance 56.17%
Question: Gmail hacked

Hello, I hope I am just being paranoid but on Aug. 1st I couldn't access my gmail account for three days. And when I finally was able I got a meesage saying my account may have been comprimised. I scolled down to the bottom of the Gmail page where you can see past ip addy's your account has been accessed from and one or two were unknown to me and google. I immediately changed all my passwords and thought I was ok.
Well, a few minutes ago my wireless printer turned itself on and really freaked me out. I ran the tcp view and notice a lot of red highlighted entries. I have included the log as requested.

Windows 7 Home Prem. 64 bit
356 HDD
4 gig memory
Dell studio laptop.
Any other info you may need is available if told to do so. Thank you in advance.
 tcpview.txt   7.38KB
  15 downloads

Answer:Gmail hacked

Tcpview log looks clean. Red highlighted entries are just connections that are being closed. They do not necessarily indicate anything bad.

If you go onto your Gmail account and look at the Sent folder, do you see emails that you did not personally send?

1 more replies
Relevance 56.17%

I am having problems with eBay and hotmail.
Whenever i click the signin button it says this page cannot be displayed. it says the same thing for hotmail and gmail aswell.
I am running Microsoft Internet Explore SP2, Cipher Strength 128-bit.
i've also tried clearing the Secure Sockets Layer (SSL) slate and AutoComplete history, deleting temporary internet files and ive checked my firewall settings, checked time and date settings and the SSL port (port 443) is open..i need urgent help as i need to check my Hotmail and eBay account!!! Please Help!!!!!!!!!!

Answer:Internet Explorer/eBay/Hotmail/Gmail/Yahoo Problems

Plz do not post multplie threads

This will be taken care of in this thread
http://www.techsupportforum.com/showthread.php?t=117035

1 more replies
Relevance 55.76%

I have just changed third-party Internet Providers for another company. I lost my email addresses in the transaction. It was a very small company so I could not transfer my email addresses to new account. So I won't have to go through that hassel again I opened gmail accounts.

My question is can I set up my gmail accounts as our default email accounts we access through Outlook? If I can, how do I do that? I have never even set up email on my new laptop, I just went through IP's server which was a hassel. I usually use one account on one computer and my husband uses one on another computer. I hate having to go to the gmail page. No I don't want all the bells and whistles Google is offering. I just want to turn on my computer, click on a link and open my email in a program I know how to use? I can't find any help through Gmail. Everything I found cost me. That leads to a second question. Does Google have a technical support phone number? One that does not cost?

Anyway, my computer OS is Windows 7 and I am using Outlook from Office 2003 on one computer the other computer uses Windows XP and Outlook from Office 2003.
 

Answer:Solved: Setting up Gmail account as default account

6 more replies
Relevance 55.76%

So, one of my friend's gmail account was hacked. Dont know how that hacker did it but that good for nothing chickenwuss has now added the security layer like phone verification as well.

What can i do to recover that account. Is there some gmail support number so that I can talk to. I have few infos like the activities that my friend performed through his account. Like where he signed up and send mails and what was his previous recover email and phone numbers.

Any help or suggestion is highly appreciated...
 

Answer:Gmail Hacked any solution

You will need to contact Google's Technical Support Team for further assistance with this. We have no access to Google's servers. You will need to tell them what happened and they will let you know of your options.
 

1 more replies
Relevance 55.76%

Someone has managed to access all my contacts on googlemail and my Facebook account. They are sending messages from a site called NETLOG asking people to view my photo's. Everyone is receiving this message. I do not belong to NETLOG. I also received invitations from friends to join NETLOG, and on enquiring, none of these friends had even heard of netlog. How has this happened? I thought having a MAC prevented this type of thing. As you can guess, I am not very IT savvy! Any suggestions and advice would be greatly appreciated! Thanks, Kim

Answer:Someone has hacked all contacts on Gmail and

Hacking Internet email accounts has nothing to do with your PC or type of machine. Opening emails from unknown sources is potentially dangerous to anyone. Chances are someone has either guessed or found your passwords to these sites. Logging on and changing the passwords may re-secure those accounts. If they have changed the password, you may need to send lots of emails to prove you're the original owner. Worse case, you have to create new accounts. " I do not belong to NETLOG" ...your account does, now....If you run into a problem, post it. Someone will give you insight to the problem.

3 more replies
Relevance 55.76%

Hi!
My android phone suddenly lost all network connection.
When I came home in two hours time and tried to log into my gmail, I got message: your password has been changed. I managed to log in and change password to a new one.
I saw the recovery email was changed to some unknown to me; which I briefly changed back.
I also saw that this activity was from somewhere London (I live near London, but for my activity gmail shows my town).
No emails in inbox and in sent folder, but in trash bin I saw two emails from Vodafone: (1) we got your call that you lost your phone and we blocked your phone (2) we got your call for swapping your SIM card.
I called Vodavone and cancelled all this.
Once I got my SIM unblocked, I change gmail authentication to 2-step.
I realize that my gmail was hacked because I use it for about 10 years without changing password and I used same password very long ago on some other sites :( I also find my email was leaked when LinkedIn was hacked and my home address and phone could be available to hackers.
My question is what to expect next?
It is very difficult to find any information on my gmail, because first, I write to myself tons of very long emails and if I search words like 'bank' it brings hundreds pages of results; second, I try to keep all sensible information using hints known only to myself.
But could the hackers manage to copy all my gmail box during those two hours? As far as I remember, Google showed there was a login to gmail from Internet Explore... Read more

More replies
Relevance 55.76%

This past summer in May, I had my Battle.net account hacked and they had also gotten the registered e-mail information and kept changing the password. I contacted Blizzard and had the email changed and password changed and then ran AVG antivirus (free) as well as Malware Bytes. It found quite a bit and removed everything but it seems it has happened again. My gmail account was hacked and this morning woke up to a changed password and mass spamming of all my contacts with an email advertising something. I ran Malware again and it found 1 file and AVG found nothing. I also per recommendation downloaded Comodo Firewall. Just wanted to get some "professional" help to make sure I'm clean and what I can do in the future to prevent this. Thanks for your help!

EDIT: Running Windows 7 Home Premium

Answer:Gmail/Battle.net/Aol Hacked

I'm sorry for the bump...but it just got a bit more serious. Whoever is doing this got into my college stuff this morning and changed my name and have tried to do stuff with my classes. I just got off the phone with the school and told them to basically freeze any activity until I clear my computer up. Can someone point me in the right direction please??

2 more replies
Relevance 55.76%

well my gmail got hacked, so a lil piece of advice...dont store passwords anywhere but on a piece of paper on your desk.
it's been fine for months and months, even years, but finally i guess i had it comin...they changed the password on it...so now im scrambling to change all my forum passwords and emails...watch it.
 

More replies
Relevance 55.76%

I was wondering if you would mind helping me (I am very anxious for my problem)Today on a computer (without any especial AntiVirus) which is in a public place for everyone I checked my Gmail account by IE and I received a bunch of strange emails. by opening of one of them I was diverted to another person's email and then when I tried to sign in with my username, gmail said you are trying to use your old password. you password has been changed for 33 days. So I was frustrated because even I did not know the security questions; I could not sign in for around 2-3 hours and after that when I tried my password (This time in my personal Computer with ESET Smart security) I could sin in; once I signed in, I changed my password and now I would like to know whether this email address is safe anymore or not? Can I still use this email address knowing I have changed my password? Also I would like to know whether there is a risk of getting a keylogger after being hacked? Is keylogger installed on the system or email? When I got hacked I was with a public computer, so this means that if any keyloggers have been installed, they have been installed in that public computer? Right?and Now that I'm using the email address in my personal computer there is no risk of having a keylogger? Am I right?In general, also could you please let me know whether using this email is safe or nor?Also, could you please confirm whether ESET Smart security is anti keylogger as well or not?Thank you very muchI lo... Read more

Answer:Gmail hacked, returned and now...

U can make your e-mail safe again by using google's Two step verification process which makes ur account very secure even in public places as it generates random numbers and sends SMS to ur regestered mobile no.Now getting to antivirus ESET is one of the best available in market but if u want more security then it would be better to for BIT defender or Norton 360 .

2 more replies
Relevance 55.76%

I use Googlemail for my email address. Today I received an email from myself but copied to practically everybody in my address book. Presumably this means that my email account has been hacked so I have immediately changed the password. However, as my password was already a mixture of numbers, lower case letters, upper case letters and symbols, whoever got hold of it is unlikely to have just had a lucky guess. Is it possible that a batch of passwords has been stolen or have I just been unlucky?

Answer:Have Gmail passwords been hacked?

I doubt that your Gmail password was hacked by brute force because it's very strong and Gmail should have blocked your account after multiple failed login attempts.
The most prevalent method to harvest login credentials is via an email supposedly sent to you from a friend or colleague who has already been hacked. You receive an email and assume it was sent by them and the email has a link that says something like "click here to view the photos/documents". You click on it and it asks for your email address and password. Because you know and trust the person who sent the email you happily enter those details.

1 more replies
Relevance 55.76%

Solved please remove

Answer:How to add secondary gmail account to my gmail?

Hi
You missed an email address on the top if you'd like to remove and edit the image
How To Combine All Your Email Addresses into One Gmail Inbox

1 more replies
Relevance 54.94%

This can be moved if its inthe wrong area.

My friend has a problem and I think its gonna cause him to kill his computer with a hammer. LOL He has called me for weeks about someone hacking his account.

Gmail was accessed by this IP addy: 24.129.121.183

The Perp goes in and changes his PW, in the Gmail, Yahoo and FB applications. I went over with my Malwarebytes and Rkill and this is on a SD card, restarted computer F8 and went to safe mode, uploaded and Ran rkill first, then full system scan with Malwarebytes... NADA. Nothing... Im lost.

How in the heck can they continually and I mean within minutes of him changing it they hack and change it LOL Its driving him crazy, hes driving me crazy so I felt that a post here might help.

The IP shows up on 5 Blacklists. How can he stop this from occurring over and over.

Thanks guys,
Steve:confused

PS.... I dont have any issues!
 

Answer:Hacked Gmail, Yahoo and FB accts

Could be someone is piggybacking on his router or there is a key logger installed. He needs to use a different computer to change all his passwords. Then he needs to come and join MG's and go through the Read and Run First instructions.
 

3 more replies
Relevance 54.94%

My gmail account got hacked. Offenders changed my pw, alternate email address, and deleted my contacts. They sent email out to all the contacts saying that I was stranded in the UK without money and asking for contacts to respond to arrange to send $2000.00. Offenders changed settings so that response email would be forwarded to their account. Friends who got these fraudulent emails called and alerted me and I contacted gmail and reset the alternate email address so they could send me a link to reset pw. Upon regaining access I discovered the extent of compromise.
I also rec'd email from facebook that my account with them has been breached. I still have not regained access to that.
I had Norton360 v 3.0 running on my computer the whole time. I have scanned my computer with it then with Norton 360 v 4.0 and with Trend Micro and no virus or malware is detectable. How did my account get hacked?????
 

Answer:gmail and facebook accounts hacked

Norton is mainly an antivirus product, maybe they include anti-spyware too now, not sure. There are many ways to steal access to your gmail. One of the ways is to install a keylogger on your pc, and steal username and passwords as you type them. But if you have accessed your gmail from another computer, like at university; public library, your friend's PC etc, then it may be that those computers are infected and not yours. Also, it may not be a technical attack. Simply being able to look over your shoulder as you enter the passwords will get you hacked just as easily. Then, there are whats called brute force attacks, where a program simply points to a login page, and tries each combination in sequence till it hits the right one. Gmail may not fall to brute force attacks, but if you use the same password on multiple sites, then there is a chance that they hacked that account first and tried to use the same password on gmail. Then there may have been phishing attempts made at your account and you mistakenly entered your password into a web site that only looks like Gmail. There should be more ways to steal your gmail, but I am not a hacker.

If you are running Trend Micro along with Norton, you might end up with them interferring with each other. You cannot run multiple real-time antivirus products together.

When you reset your Gmail, use a complex passphrase that is easy to remember. Eg. The phrase "Kirk is the rightful captain of the USS Enterprise" can be tr... Read more

3 more replies
Relevance 54.94%

My Myspace, Facebook, and email accounts are all hacked. The passwords are all changed and I cant recover them because my email is hacked as well. OMG I really dont know what to do now. Ive noticed svchost.exe taking up 99% CPU usage recently and wonder if this has something to do with it. Im really facking scared. I run scans with Avira and MBAM regularly and so far have come up clean.

Answer:Myspace, Facebook and Gmail hacked

Please download RootRepeal Rootkit Detector and save it to your Desktop. * Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan. * Click this link to see a list of such programs and how to disable them. * Create a new folder on your hard drive called RootRepeal (C:\RootRepeal) and extract (unzip) RootRepeal.zip. (click here if you're not sure how to do this. Vista users refer to this link.) * Open the folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator... * Click on the Files tab, then click the Scan button. * In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK. * When the scan has completed, a list of files will be generated in the RootRepeal window. * Click on the Save Report button and save it as rootrepeal.txt to your desktop or the same location where you ran the tool from. * Open rootrepeal.txt in Notepad and copy/paste its contents in your next reply. * Exit RootRepeal and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.Note: If RootRepeal cannot complete a scan and results in a crash report, try repeating the scan in "Safe Mode".

2 more replies
Relevance 54.94%

Hi,

My computer was recently infected by a virus known as MFC32DLL.dll.vbs and the IE bar stated it was hacked by [email protected] when i was backing up files from my flash drive to my pc's D-drive but i didnt had any anti-virus software installed. Each time i tried to open any of my drives it would deny me by stating "Can not find script file "C:\MFC32DLL.dll.vbs"

Then i scanned my whole pc with kaspersky internet security and it had removed the virus. I can open both my C and D drives by double clicking them now. But my IE bar still states: "Hacked by [email protected]"

eg: Tech Support Forum - Post New Thread - Hacked by [email protected]
-----------------
Here is my Hijack Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:53 PM, on 7/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Taha\Desktop\HiJackThis.exe

R1 - HKCU\... Read more

Answer:IE bar states Hacked By [email protected]

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 54.53%
Question: Ebay account

I used to have an ebay account but as I have change isp and got a new email address and the old email address has been suspended I cannot access the account I tryed to make a new one but all my new email address ar not so called working one what ever that means they want a credit card info is that right what if I don`t want to put a credit card info on file how can I get a new ebay account please help any info would be a great help

Answer:Ebay account

Sorry I can't help you with this particular problem, but for future reference if you setup an account with Lycos, Yahoo or one of the other sites offering web email accounts you won't have this problem in the future if you change ISP's because it won't matter you can keep the same email address.Good luck, I hope you get it sorted.

6 more replies
Relevance 54.53%

ebay doesn't log me in to My Account even though I have the correct user/password. Just circles me back to the log in screen. Is this related to Vista? How can I solve?

Answer:ebay won't log me in to My Account

Contact eBay regards login issues........

2 more replies
Relevance 54.53%

Exploits allowing hackers to break into Gmail accounts are likely to occur, if they're not already circulating, after security researchers released details of a hole that Google has reportedly declined to patch....Make sure you have a strong password Many PC users select weak passwords that consist of common names or dictionary words, leaving them susceptible to brute-force discovery and configure Gmail to use SSL by default:To benefit from encryption when accessing Gmail, you should configure the service to use SSL by default. To do so, click Settings in the top-right corner of the main Gmail window, select Always use https in the "Browser connection" section at the bottom of the General tab, and click Save Changes.http://windowssecrets.com/comp/090423/

Answer:Gmail accounts hacked via unpatched hole

Or you can stop using a browser for accessing Gmail and start using Thunderbird for having all your emails delivered to your desktop.

1 more replies
Relevance 54.53%

Check if Your Gmail is Hacked with Activity Monitor.

-- Tom
 

Answer:Check if Your Gmail is Hacked with Activity Monitor

7 more replies
Relevance 54.53%

Exploits allowing hackers to break into Gmail accounts are likely to occur, if they're not already circulating, after security researchers released details of a hole that Google has reportedly declined to patch.Click to expand...

http://windowssecrets.com/comp/090423/
 

Answer:Gmail accounts hacked via unpatched hole

Is web mail safe, or is your mail safer when retrieved to your PC ? What is your opinion?
 

2 more replies
Relevance 54.53%

Hello,
My gmail was hacked yesterday and a lot of emails were sent out in the space of half an hour (I found out it had happened when I checked my mail during that half hour) which were all - it appears - returned as spam. The person changed the sender name when he sent them out. I managed to change my security, making it much tighter, but I am somewhat paranoid about the mails (which looked to be encrypted to me, but not sure) to to nearly two thousand email addresses ending in .ru.
I considered that my email password was strong, but someone still managed to get in.
My big worry is that information about my credit card accounts, etc., was gathered, though there were no passwords or anything like that in my email account. I am in the process of changing passwords all over the place. Just very paranoid, and such a horrible feeling of someone getting into my account. Paranoid about all the encryption too.
Any suggestions as to what I should still do which I have not yet done (I have removed all the strange contacts, done two-step notification passwords, made a new account for banking only, told friends not to click on any strange links from me, and that's about it) will be much appreciated.
StarGazers

Answer:Gmail hacked - over 1800 emails sent out to Russia

I would do some general scans, and post a HJT log etc to the malware removal forum to check if you're infected with some kind of RAT / Keylogger. Change all passwords from a DIFFERENT computer if possible, try to make sure it's clean. Other than this I can't think of anything else you can do. Your mail was used to send emails that could be used for any purpose. I'd also create a new mail account, just incase.
 
- Agglomerate

1 more replies
Relevance 54.53%

Hey all, new to the forum Summary of problem: my Hotmail and/or Gmail password keeps getting hacked even though basic anti-malware scanners say I'm clean.Background: Couple of months ago my Hotmail and Gmail accounts were hacked. I scanned using half a dozen of different programs (PrevX, Spybot, Malwarebytes, etc.) but didn't find anything. As I was still using shared passwords at the time and my Hotmail and Gmail were linked to each other as security backup addresses, I figured one of them must have been leaked. I switched to unique passwords, cleaned out all the emails' security options and carefully declared myself 'safe' again.Until this morning when my Hotmail/Gmail were hacked in the exact same fashion (the fake 'security email address' added was similar and they once again went after my World of Warcraft account). Scans once again show nothing, but an hour later after changing passwords there was still evidence of them having limited access.Question: Is there any way to more thoroughly check my system? Thanks in advance Edit: I run Windows Vista, 32-bit.

More replies
Relevance 54.53%

Gmail accounts hacked via unpatched hole

By Scott Spanbauer

Exploits allowing hackers to break into Gmail accounts are likely to occur, if they're not already circulating, after security researchers released details of a hole that Google has reportedly declined to patch.

There are steps you can take to reduce the risk of using a webmail account, but it appears that the usual tricks won't solve the Gmail problem until Google fixes the software.

The weakness that researchers say afflicts Gmail, a free e-mail service hosted by Google, belongs to a class of attacks known as cross-site request forgery (CSRF, pronounced "sea surf").

Besides Gmail, CSRF holes affecting YouTube, Netflix, and NYTimes.com have also been found and repaired in the past. CSRF attacks use security flaws in cookies, password requests, and other interactive Web components to intercept communications between your browser and a Web site's server.

The first report of the Gmail problem within security circles was written by Vicente Aguilera Díaz of Internet Security Auditors (ISA) on July 30, 2007. The next day, ISA issued an alert and included a proof of concept illustrating how the exploit could be used to change a Gmail account password.

After more than a year during which, according to ISA, Google was repeatedly contacted privately about the problem researchers publicly released a detailed description of the exploit on March 3, 2009, according to a Secure Compu... Read more

Answer:Unpatched Hole in Gmail - Accounts Hacked

 

6 more replies
Relevance 53.71%

long story, but I used ebay 3 years ago to try to sell a monitor, sold it not using ebay (who then tried to charge me for advertising on their website). As I thought I'd never use ebay again, I didn;t pay, but I now need to use Ebay! How can I contact them to pay off my 1 pound debt?I've tried to log into ebay and it refuses to let me go any further, and I don;t know who to contact. Can you please advise me?

Answer:ebay - account suspended

I did...They unlocked my account after i nagged them to give a way of paying thru paypal..

1 more replies
Relevance 53.71%

From ebayIt appears your account was taken over by a third party, and used to placeseveral unauthorised listings. Additionally, the email address on youraccount may have been tampered with, which is why you may not have receivedan email about these listings. We have restored your eBay account at thistime.This as happened twice, Ive never replaied to any emails and never give out my password any where.Any ideas, whats going on ?

Answer:Ebay Account takeover

Get in touch with Ebay!!

9 more replies
Relevance 53.71%

i want to remove my account after a number of lacks of security But there is no reference on there site to how to remove a account. Does anyone now how to remove there account????RegardsBally

Answer:How to remove account of ebay?

I don't think you can - there was thread asking this last week.If you can't just change all the details to nonsense stuff and be done.

10 more replies
Relevance 53.71%

Can anyone offer any advice or help when establishing a Ebay sellers account. The problem I am having is that I simply cannot progress any further than the "create sellers account" selection before timing out. I have attempted to create an account on both a desktop and laptop without success. I am using McAfee and Avg, can these be the problem? I have had no difficulty in creating a paypal account, or establishing an account with any other site. I have e-mailed ebay, and other than the normal checks, nothing specific from them. I would be grateful for any help or advice offered.regards

Answer:How to Ebay Sellers Account?

What McAffee program? If it is an ad blocker, that may be part of the trouble. try disabling it first and see what happens.

3 more replies
Relevance 53.71%

Hello,

I just had a thread resolved about a week ago, but just today, somebody hijacked my eBay account and created an eBay auction for a car! I just happened to be checking on my account when I noticed. I contacted eBay and had this auction removed (and changed all my passwords), but I am concerned that maybe there is still a virus on my computer. The computer seems to be running great (since you guys helped me last week), but how can I be sure this didn't just happen this past week? I had a trojan virus, which I am guessing was able to read my password when I logged into my account. Should I be concerned?

Thanks again!

Answer:eBay account hijacked

Well I went ahead and ran the Kapersky online scan just to see and sure enough there is another Trojan on my computer! I just got rid of the last one a week ago and did everything suggested to keep my computer safe (except switch browsers), which makes me wonder if I got rid of them all before? I will probably have to change all my passwords again from a secure computer.

I also ran GMER Rootkit Scanner and DDS. I have attached GMER.txt and Attach.txt.

Here is my DDS log:
-----------------------------------------------------
DDS (Version 1.0) - NTFSx86
Run by HP_Administrator at 9:45:49.96 on Wed 11/26/2008
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1334 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\PROGRA~1\SBCLIG~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.ex... Read more

13 more replies
Relevance 53.71%

Is there anyway possible to delete a Ebay account as i never use it and it has my personal details on it?Regards Wizard

Answer:Way to remove account of EBAY?

click hereSend them an email.

6 more replies
Relevance 53.71%

long story, but I used ebay 3 years ago to try to sell a monitor, sold it not using ebay (who then tried to charge me for advertising on their website). As I thought I'd never use ebay again, I didn;t pay, but I now need to use Ebay! How can I contact them to pay off my 1 pound debt?I've tried to log into ebay and it refuses to let me go any further, and I don;t know who to contact. Can you please advise me?

Answer:ebay - account suspended

I don't use ebay myself (yet) but it is something on there server in your personal details it has locked onto, create another emial address if emial address is required to access them ?.Sorry if I am not helpfull though.

9 more replies
Relevance 53.71%

click hereAnyone else?

Answer:Check your eBay account......

understand the prob but the link provides no useful infojohnny.

9 more replies
Relevance 53.71%

hi! i just like to know is it possible to delete/cancel your ebay account since i found no trace of to do that anywhere on the site! its just very confusing to me lol! any help please?

Answer:cancelling ebay account?

why not just keep the account? It doesn't cost you anything to keep it and maybe after a long period, ebay made decide to cancel unused accounts.

7 more replies
Relevance 53.71%

Last week I found out that my Paypal account was being used without my permission. I contacted Paypal, and they helped me back into my account changed the password and have sent out a security card, the next day I tried to log in to Paypal and found that my password and security questions had changed. I contacted Paypal again, and they found that someone had added their email address to my account so they invalidated that email address, and changed the password again. Today I tried to log in to my email address (the one linked to my paypal) and I was unable to access it, the password had been changed. I immediately checked my paypal, and was unable to log in. I called them, and all of my information had been changed including my email address and my mailing address. At this point they locked my Paypal account so that even I could not access it until my security key card arrived. I have since recovered my gmail account as well, by filling out the account recovery form. Please help! I don't know what to do.

A few notes that may or may not be helpful:

I have updated Norton Antivirus, and Parelogic Anti-Spyware, and they both found nothing.

My computer clock started acting crazy right before all of this madness happened. The date was set forward to 2016.

The paypal representatives informed me that my Paypal account was being accessed from Pakistan. (I live in California and have never been remotely close to Pakistan)

I use a wireless router.

I use an e... Read more

Answer:My laptop was hacked big time. Paypal, and gmail compromised. Please help!

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 53.3%

I have recieved a email from ebay today asking me to update my credit card details within the next 48 hours or my service with them will be terminiated.Erh I have no Account with them and have never joined.Worrying thing is how they got my Emial address.Also friend who does have emial who I mail often has mentioned this is a scam and they who ever the people are want you to transmit details to this website by filling in the card details etc.So is there anything I can do about it or what should I do. As I often shop online for my business its a worrying thought.

Answer:dodgy emial from Ebay & I have no account

You could forward it to [email protected]. I've been getting these e-mails a lot lately and the appear to be a phishing scam. E-bay reply saying that these e-mails do not come from them, thank you for forwarding them, so they can deal with the matter. Not sure if they succeed in catching the senders though

4 more replies
Relevance 53.3%

Is anyone else having problems signing into their EBay account? I haven't been able to login for the last 3 days.

TIA
 

Answer:Solved: EBay account login

6 more replies
Relevance 53.3%

please can you advise me on the pitfalls on selling from ebay. i need to how to open a sellers account, what are the best payment methods what is paypal. how can i set a price to be resevered sold is that possible. any help with ebay please.

Answer:ebay how to open a sellers account

Go to your ebay, at the top of the page is 'Sell' click on that and follow online instructions. Most use paypal, again follow the links to setup a paypal account if you wish to.

2 more replies
Relevance 52.89%

I recently changed from gMail to a email client. Why is my email being sent to the email address I want it to, then immediately after to literally my gMail (<name>@gmail.com) account, is there any way to prevent this ?

Answer:To my email account - to gMail account ?

Very confusing post...please explain in more detail, as specific as you can. What email client are you using?

5 more replies
Relevance 52.89%

Hi all,
A few years ago I bought my son an Xbox and when I did I needed to create a microsoft account. At the time, the directions for xbox indicated that you could use any existing account. I had a gmail account, so I signed up for the xbox account using my gmail account.
Afterwards, I tried a windows phone 7.5 and I used the same gmail account for my microsoft account. Since then I had to switch carriers (from att to sprint) and I lost my windows phone.
It has been a few years, and I don't remember how this all works. When I log into my microsoft account using [email protected], I use a different password than what I use when I log into my gmail account. The microsoft contains all my gmail emails (unread). I am assuming I had link the MS account to the gmail account at some point, but I don't remember how I did this???
Fast forward to know, I want to try a windows 8 phone on sprint, and I don't know if I should make a new MS account or use the old gmail account?
If somebody could help me remember what the heck I did a few years ago I would appreciate. I really don't like having my gmail account tied to my MS account...
Thanks

Answer:gmail mail account is my MS account?

It looks like you need to change the e-mail address associated with your Xbox Gamertag. I needed to do the same last year. When Microsoft launched Outlook.com, I immediately signed up for an Outlook.com e-mail address. But my Gamertag was tied to my old Hotmail address. After consulting the Xbox support site, I was able to change the e-mail address associated with my Gamertag from my Hotmail address to my Outlook.com address using the following procedure:Sign up for a Microsoft e-mail address (*.outlook.com). (NOTE: Do NOT create a Gamertag for this address. If you did, you would need to delete that Gamertag and wait 30 days for the new e-mail address to be able to accept another Gamertag.)Start the Xbox and let it log into your old account.Navigate the Xbox settings to find the option to change the e-mail address of your Xbox account. Select that option.When prompted, provide the new e-mail address (*.outlook.com) and corresponding password.
After I did that procedure, all my purchased apps, games and music transferred to my Outlook.com account.

2 more replies
Relevance 52.48%

When I turned my laptop on this evening a box came up saying a new ebay toolbar is now available and click yes to download. After doing so the account guard no longer goes green when I sign in.Have I been scamed.Ebay on my main tower computer still goes green when connecting.Both machines are connected to broadband via a wired router.Restore wont work either.I have removed the toolbar via add/remove and then re installed it but its still the same.Done all the usual scans and an online scan with Panda but they find nothing.Any ideas please.

Answer:ebay toolbar account guard problem.

Seems a scam to me, I've never heard of it.If you remove it, does the guard go green again?

2 more replies
Relevance 52.48%

I think I didn't pay some fee's or something. Anyways how do I set up a new one where ebay won't recognize its me or what do I do cause I wan't to use ebay.

Answer:ebay account suspended when I was young and stupid

Closed. This is trying to bypass a suspension already in use. Contact eBay if you wish to get this resolved correctly.

1 more replies
Relevance 52.48%

I got caught out by the paypal virus a few weeks ago and today I have received an email allegedly from Ebay customer support which reads as follows but I don't want to click on the link as I am suspicious about it not to mention all the spelling mistakes within it! I haven't copies/pasted the link as I don't want anyone to try it if I won't!We recently noticed one or more attempts to log in to your eBay account from a foreign IP address and we have reasons to belive that your account was hijacked by a third party without your authorization.If you recently accessed your account while traveling,the unusual log in attempts may have been initiated by you.However,if you are the rightfull holder of the account, click on the link below,fill the form and then submit as we try to verify your identity.If you choose to ignore our request,you leave us no choise but to temporaly suspend your account.*Please do not respond to this e-mail as your reply will not be received.Thanks for your patience as we work together to protect your account. Regards,Safeharbor DepartmenteBay Inc. Any thoughts would be appreciated, thanks Shirley

Answer:Ebay email about suspending account genuine??

and carry on with your life.

10 more replies
Relevance 52.48%

Over the past 3 weeks my battle.net and gmail accounts have been hacked on 2 major occasions. The first time the hacker seemed to always know my passwords after i changed them and i was engaged in a 30 minute battle of change-the-password before the hacker attached an authenticator to my account and locked me out. I then had to contact Blizzard to restore my account. After that i installed AVG and removed 4 infections and thought myself safe but last week i got hacked again when i was out, i didn't leave my pc on so he must have gotten my passwords earlier.I tried running DDS but it just quits and doesn't give me the logs. Tried GMER twice but both times my pc BSOD'd. All i have is a HijackThis log, hope its enough.(PS: PSMAntiKeyLogger was only installed minutes prior to this post as i only just found out about it, it was not running when i got hacked)Logfile of Trend Micro HijackThis v2.0.4Scan saved at 1:31:15 PM, on 7/13/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.21020)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9 ... Read more

Answer:Suspect Trojan and/or Keylogger - Battle.net and gmail accounts repeatedly hacked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

2 more replies
Relevance 52.07%

Hello,

After reading the original post on this subject, I ran the antivirus programs recommended to no avail.

Your help is greatly appreciated.

Attaching the log from Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
German Delgado :: LUCY [administrator]

Protection: Enabled

10/24/2012 5:14:04 PM
mbam-log-2012-10-24 (17-14-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286326
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\German Delgado\Local Settings\Temporary Internet Files\Content.IE5\8GJ83O0Q\freeeditor_1787[1].exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

Answer:Ebay: Detected Suspicious Activity. Your account has been blocked

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here.If you get crashes in normal mode,run it in safemode with networkingDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

21 more replies
Relevance 51.25%

I'm not sure when my computer was infected, but on Wednesday morning I logged into my email and saw that my eBay selling account had been hacked, and the hacker(s) made 55 transactions through my PayPal account (draining my existing PayPal funds, then my bank account, then my credit card...the latter two were attached to my PayPal account and those transactions were still pending). I made all the necessary phone calls, then changed my eBay and PayPal emails using a friend's computer (which had just been reformatted the day before and hadn't been online before I used it that day). I neglected to change the password for the email I had associated with my eBay account, and the next day, my eBay account had been hacked again, but eBay had unlinked my PayPal account due to the suspicious activity the day before so no transactions went through. I then changed all passwords again, including my email password. That seemed to do the trick. I got home today and got back on my computer, then ran a scan on avast, which found Win32-Spyware (I clicked "Move to Chest"). I also ran Malwarebytes and it found Codec-C.exe (Affiliate.Downloader), I quarantined this. And I'm not sure what else may be lurking on my computer, so I would be very grateful for any help.
DDS.txt log:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Dad at 21:47:29 on 2012-11-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033... Read more

Answer:eBay, PayPal accts hacked - avast found Win32-Spyware, Malwarebytes found Codec-C.exe (Affiliate.Downloader)

Hi nachtkitten and welcome to BC. Can you please post the resulting log of MBAM and Avast if they are still available.Download TDSSKiller.zip from Kaspersky and save it to your Desktop.Extract the zip file to its own folder.Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).Click Start scan to start scanning.If infection is detected, the default setting for "action" is Cure (Please click on it and change it to skip).Click on Report to generate a log. Please post that log when you reply.

6 more replies
Relevance 51.25%
Question: Hacked WoW Account

Dear friends!

Two days ago my World of Warcraft-account was hacked. I have now cleaned my computer from all viruses and trojans but just want to be sure that there are nothing left after the scannings. Therefore I post my log here and asking for your help with this.

Mats
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:09, on 2009-01-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe
C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\AGI\common\win32\PythonService.exe
C:\Program\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\Smartscaps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NVATray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\iid.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\QuickTime\qttask.exe
C:... Read more

More replies
Relevance 51.25%

Hi,

My World of Warcraft account has been hacked, ironically it happened within a couple of hours going on to Battle.net to suspend my account as I no longer wished to play. My biggest concern is that there is still something sitting on my PC that could get more sensitive information.

I have done many scans with McAfee, Ad-Ware, Spybot - Search & Destroy, Malwarebytes etc...

Here is my Hijackthis and Malwarebytes log file, am I possibly safe now?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:53:03, on 27/04/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/we... Read more

More replies
Relevance 51.25%
Question: Hacked WoW account

Hello, I recently had my WoW account hacked and scanned through my computer with various anti-spyware and antivirus software. My avast! antivirus found a Trojan which I deleted.

Was wondering if you could be so kind to look through this HijackThis logfile to see if there is anything suspicious looking in there. This log is from after I scanned my computer and deleted the trojan.

Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:12:20, on 2009-05-09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Hem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox... Read more

More replies
Relevance 51.25%

So my world of warcraft has been hacked or keylogged or something. i dont know much about computers but a forum said i should link my Hijackthis log and another so here it is. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:32, on 10.06.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.... Read more

Answer:wow account been hacked

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 51.25%

My isp account was recently hacked. I tried logging onto my at&t email, and it said that the account was suspended by my main email account. Later that day, my internet stopped working, and it was redirecting me to a web page saying that their was a problem with my internet account. Finally I called my service provider, and they reset my password and I was able to log on. The first thing I did was check to see my account setting, and my name was changed. Also, three of my email accounts where supspended, and three new email accounts where created by the hijacker. Is there a virus or a trojan that can give someone my information? Does anyone have any ideas of how this could have happened? I hardly ever give out my email addresses, but was my computer hijacked? Can someone please check my HijackThis Log File to see if anything looks suspicious?Thanks for any help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:38:01 PM, on 9/7/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18813)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEc:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\Dell\DellDock\DellDock.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\IDT\WDM\sttray.exeC:\Windows\System32\igfxtray.exeC:\Wi... Read more

Answer:ISP Account was hacked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 51.25%
Question: WOW account hacked

Hi there,

I have been reading through the posts and it seems I am in the same boat as a lot of people on here. My boyfriend's WOW account was hacked a week ago. I ran an AVG scan today on his computer and came up with a few tracking cookies which I removed. I also ran Malwarebytes as well as Superantispyware and neither of those came up with anything.

Upon searching through files that came up with last weeks date (around the same time he was hacked), I found an instance of a program called Carbonite (online backup tool) http://www.carbonite.com/ that had been installed. I've encountered this program before in my line of work, and I am not a fan of it at all. I uninstalled the program and rebooted the machine.

Also, via msconfig there was something in start up I am not familiar with:
Startup item- Cyberlink brs
Manufacturer- Cyberlink
Command- "c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
Location- HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

The above mentioned Carbonite was also in the startup. I disabled both of these. I cannot locate the brs.exe file mentioned above and upon searching other forums on the web, I found that it may or may not be harmful.

At this point I would like some reassurance that the computer is clean and we will not have any other issues. Thank you in advance for your help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:46:18 PM, on 4/24/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)... Read more

More replies
Relevance 51.25%
Question: WoW Account Hacked

My World of Warcraft account was recently hacked and I can't figure out how. I scanned my system with ESET (local) and Kaspersky's online scanner. I also scanned my system with Spybot Search & Destroy and Ad-Aware. Nothing was found by any of these scans. I try to keep my system clean all the time, and all the scans I've done have told me that it is clean, however someone was able to get my login info for my WoW account. There were a few times I used Firefox without the firewall on because I was gaming. I have since quit turning my firewall off EVER. There have also been a few times that my son played my account on his computer. That will NOT happen again. I tried to use your DDS script, however it won't run on Vista 64bit. Here is the log from HiJackThis. Thanks for your time.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:32:00 AM, on 3/16/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Program Files (x86)\MagicDisc\MagicDisc.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exeC:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Interne... Read more

Answer:WoW Account Hacked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any scri... Read more

9 more replies
Relevance 51.25%
Question: Hacked WoW Account

I cant seem to find the keylogger on my computer. I have run TrendMicros housecall and KL Detector and cant seem to find the problem.
Here are a few logs. I am running Malwarebytes at the moment

TCP
[System Process] 0 TCP 192.168.0.101 2226 74.125.224.28 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2252 208.43.87.4 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2254 216.34.207.177 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2250 216.34.207.177 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2225 74.125.224.28 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2235 24.143.207.10 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2227 74.125.224.28 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2228 74.125.224.28 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2239 24.143.207.112 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2240 24.143.207.112 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2237 24.143.207.112 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2241 24.143.207.112 80 TIME_WAIT
[System Process] 0 TCP 192.168.0.101 2238 24.143.207.112 80 TIME_WAIT
alg.exe 1280 TCP 127.0.0.1 1046 0.0.0.0 0 LISTENING
DivXUpdate.exe 1812 UDP 127.0.0.1 1036 * *
firefox.exe 2884 TCP 127.0.0.1 2038 127.0.0.1 2037 ESTABLISHED 10 10
firefox.exe 2884 TCP 127.0.0.1 2039 127.0.0.1 2040 ESTABLISHED
fi... Read more

Answer:Hacked WoW Account

Sorry for posting in here i did see the notice that said dont put logs but i though i was in the hacked topic. If a moderator could move that would be appreciated.
I did a KL log and got this

KL-Detector has found some suspicious files:
C:\Program Files\World of Warcraft\Logs\Downloader.log
C:\Program Files\World of Warcraft\Logs\Sound.log
C:\Program Files\World of Warcraft\Logs\connection.log

Please check; someone might have installed a keylogger on your computer!
You MAY want to take a look at:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Blizzard Installer Temporary Data - 8fbc8c9c\
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
C:\Program Files\World of Warcraft\Logs\
C:\Documents and Settings\Administrator\
C:\WINDOWS\system32\config\

1 more replies