Computer Support Forum

I think I'm being Keylogged - Emails hacked into multiple times.

Question: I think I'm being Keylogged - Emails hacked into multiple times.

My emails have been hacked into multiple times now. Normally from the same location. I've changed my password several times, created recovery questions and everything, but whoever it was still managed to get through. I have proof I've been hacked by my mail sign in location log. I think someone has planted a keylogger. In honesty I don't have an anti-virus software, I'm not sure what to do...
 
Heres the log:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.11.2
Run by Austinaj6688 at 14:28:31 on 2013-04-22
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8070.5890 [GMT -4:00]
.
AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\windows\system32\dashost.exe
C:\windows\SysWOW64\schtasks.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\SysWOW64\schtasks.exe
C:\windows\system32\dwm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhostex.exe
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\Beats64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\windows\SysWOW64\DllHost.exe
C:\Program Files\WindowsApps\Microsoft.Reader_6.2.9200.20623_x64__8wekyb3d8bbwe\glcnd.exe
C:\Windows\System32\RuntimeBroker.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchnu.com/405
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit = userinit.exe,
BHO: Savevid Toolbar powered by Search-Results: {13be918c-a6b4-40d3-9b2a-04920e8755ed} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll
BHO: DataMngr: {34DEE7AD-47D7-45e9-91FC-3E511083493F} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: PricePeep: {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coieplg.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Savevid Toolbar powered by Search-Results: {13be918c-a6b4-40d3-9b2a-04920e8755ed} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Google Update] "C:\Users\Austinaj6688\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleChromeAutoLaunch_04BBDA3855B7778D88D7F0C3FC8B719D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
mRun: [BATINDICATORHL] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
mRun: [OSDTool] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
StartupFolder: C:\Users\AUSTIN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
IE: Save video on Savevid.com - C:\Program Files (x86)\SavevidPlug-in\redirect.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{AD4D5FCA-0F9F-4BBB-9EE2-B6991CDE172B} : DHCPNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~3\Wincert\WIN32C~1.DLL c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: DataMngr: {34DEE7AD-47D7-45e9-91FC-3E511083493F} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Austinaj6688\AppData\Roaming\Mozilla\Firefox\Profiles\6mm3ksjo.default\
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Austinaj6688\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Austinaj6688\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Austinaj6688\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Austinaj6688\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Austinaj6688\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-03-21 12:10; [email protected]; C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\14.2.0.1
FF - ExtSQL: !HIDDEN! 2013-02-22 11:58; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2012-9-14 40800]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2012-11-26 208736]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2012-8-27 92536]
R2 BrowserProtect;BrowserProtect;C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-1-1 2547816]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-2-22 100864]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-15 85504]
R2 HPConnectedRemote;HP Connected Remote Service;C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-7-19 35232]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-8-27 128896]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-27 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-28 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-28 682344]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccsvchst.exe [2013-2-27 144520]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-27 364416]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-3-21 968880]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-3-28 24176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\Drivers\netr28x.sys [2012-8-27 1951304]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-6-20 683664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2012-10-26 20912]
S1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2012-10-2 185696]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [2013-1-15 1388120]
S3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\Drivers\NISx64\1403000.024\ccsetx64.sys [2013-2-27 168096]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-25 138912]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130124.001\IDSviA64.sys [2013-1-24 513184]
S3 SymDS;Symantec Data Store;C:\windows\System32\Drivers\NISx64\1403000.024\symds64.sys [2013-2-27 493656]
S3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\NISx64\1403000.024\symefa64.sys [2013-2-27 1139800]
S3 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\NISx64\1403000.024\ironx64.sys [2013-2-27 224416]
S3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\NISx64\1403000.024\symnets.sys [2013-2-27 432800]
S4 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\NISx64\1403000.024\symelam.sys [2013-2-27 23448]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-04-22 04:44:04    4041728    ----a-w-    C:\windows\System32\win32k.sys
2013-04-22 04:43:56    6991592    ----a-w-    C:\windows\System32\ntoskrnl.exe
2013-04-22 04:39:57    375808    ----a-w-    C:\windows\SysWow64\ReAgent.dll
2013-04-22 04:39:57    1011200    ----a-w-    C:\windows\System32\reseteng.dll
2013-04-14 06:14:08    --------    d-----w-    C:\Program Files (x86)\Common Files\McAfee
2013-04-14 06:13:39    --------    d-----w-    C:\Program Files\Common Files\McAfee
2013-04-14 06:13:32    --------    d-----w-    C:\ProgramData\Internet Content Filter
2013-04-12 00:33:36    --------    d-----w-    C:\Users\Austinaj6688\AppData\Roaming\uTorrent
2013-04-07 19:08:05    --------    d-----w-    C:\Program Files (x86)\FreeDocumentsViewer
2013-04-06 18:24:38    --------    d-----w-    C:\ProgramData\Blizzard Entertainment
2013-04-06 18:24:38    --------    d-----w-    C:\Program Files (x86)\World of Warcraft
2013-04-06 18:24:38    --------    d-----w-    C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-04-06 18:23:15    --------    d-----w-    C:\ProgramData\Battle.net
2013-03-28 21:46:21    --------    d-----w-    C:\Program Files (x86)\Microsoft XNA
2013-03-28 20:23:07    --------    d-----w-    C:\Users\Austinaj6688\AppData\Roaming\Malwarebytes
2013-03-28 20:22:48    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-03-28 20:22:47    24176    ----a-w-    C:\windows\System32\drivers\mbam.sys
2013-03-28 20:22:47    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-28 20:22:40    --------    d-----w-    C:\Users\Austinaj6688\AppData\Local\Programs
.
==================== Find3M  ====================
.
2013-04-02 22:08:01    78176    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 22:08:01    692576    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2013-03-21 16:09:31    39768    ----a-w-    C:\windows\System32\drivers\avgtpx64.sys
2013-03-02 10:57:48    337128    ----a-w-    C:\windows\System32\drivers\USBXHCI.SYS
2013-03-02 10:57:46    77544    ----a-w-    C:\windows\System32\drivers\storahci.sys
2013-03-02 10:57:46    332520    ----a-w-    C:\windows\System32\drivers\storport.sys
2013-03-02 10:57:46    283880    ----a-w-    C:\windows\System32\drivers\spaceport.sys
2013-03-02 10:45:20    148712    ----a-w-    C:\windows\System32\drivers\tpm.sys
2013-03-02 10:45:19    194792    ----a-w-    C:\windows\System32\drivers\sdbus.sys
2013-03-02 10:45:10    125160    ----a-w-    C:\windows\System32\drivers\dumpsd.sys
2013-03-02 10:39:39    495336    ----a-w-    C:\windows\System32\drivers\vhdmp.sys
2013-03-02 10:39:38    69864    ----a-w-    C:\windows\System32\drivers\pdc.sys
2013-03-02 10:39:32    327912    ----a-w-    C:\windows\System32\drivers\Classpnp.sys
2013-03-02 09:59:37    2231528    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2013-03-02 09:59:36    411880    ----a-w-    C:\windows\System32\drivers\FWPKCLNT.SYS
2013-03-02 08:24:08    34304    ----a-w-    C:\windows\SysWow64\wuapp.exe
2013-03-02 08:23:43    83968    ----a-w-    C:\windows\SysWow64\wudriver.dll
2013-03-02 08:23:43    125952    ----a-w-    C:\windows\SysWow64\wuwebv.dll
2013-03-02 08:23:30    893952    ----a-w-    C:\windows\SysWow64\winmde.dll
2013-03-02 08:23:30    1338880    ----a-w-    C:\windows\SysWow64\WindowsCodecs.dll
2013-03-02 08:23:28    601088    ----a-w-    C:\windows\SysWow64\Windows.Globalization.dll
2013-03-02 08:23:28    504320    ----a-w-    C:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
2013-03-02 08:23:19    8857088    ----a-w-    C:\windows\SysWow64\twinui.dll
2013-03-02 08:23:19    246784    ----a-w-    C:\windows\SysWow64\ubpm.dll
2013-03-02 08:23:04    356352    ----a-w-    C:\windows\SysWow64\SettingSync.dll
2013-03-02 08:23:04    100864    ----a-w-    C:\windows\SysWow64\SettingSyncInfo.dll
2013-03-02 08:22:36    357888    ----a-w-    C:\windows\SysWow64\netcfgx.dll
2013-03-02 08:22:32    5091840    ----a-w-    C:\windows\SysWow64\mstscax.dll
2013-03-02 08:22:18    361984    ----a-w-    C:\windows\SysWow64\MFMediaEngine.dll
2013-03-02 08:22:17    850944    ----a-w-    C:\windows\SysWow64\mfasfsrcsnk.dll
2013-03-02 08:21:56    550912    ----a-w-    C:\windows\SysWow64\drvstore.dll
2013-03-02 08:21:52    36352    ----a-w-    C:\windows\SysWow64\DevDispItemProvider.dll
2013-03-02 08:21:40    309760    ----a-w-    C:\windows\SysWow64\BCP47Langs.dll
2013-03-02 08:21:39    2033664    ----a-w-    C:\windows\SysWow64\authui.dll
2013-03-02 08:21:32    145408    ----a-w-    C:\windows\SysWow64\powercfg.cpl
2013-03-02 02:44:59    448512    ----a-w-    C:\windows\System32\SettingSync.dll
2013-03-02 02:44:59    128512    ----a-w-    C:\windows\System32\SettingSyncInfo.dll
2013-03-02 02:44:41    455168    ----a-w-    C:\windows\System32\netcfgx.dll
2013-03-02 02:44:41    117248    ----a-w-    C:\windows\System32\NdisImPlatform.dll
2013-03-02 02:44:38    5978624    ----a-w-    C:\windows\System32\mstscax.dll
2013-03-02 02:44:30    468992    ----a-w-    C:\windows\System32\MFMediaEngine.dll
2013-03-02 02:44:29    1048576    ----a-w-    C:\windows\System32\mfasfsrcsnk.dll
2013-03-02 02:44:08    703488    ----a-w-    C:\windows\System32\drvstore.dll
2013-03-02 02:44:07    150016    ----a-w-    C:\windows\System32\discan.dll
2013-03-02 02:44:05    49152    ----a-w-    C:\windows\System32\DevDispItemProvider.dll
2013-03-02 02:43:59    1933312    ----a-w-    C:\windows\System32\wbem\cimwin32.dll
2013-03-02 02:43:56    389120    ----a-w-    C:\windows\System32\BCP47Langs.dll
2013-03-02 02:43:55    2302464    ----a-w-    C:\windows\System32\authui.dll
2013-03-02 02:43:51    2146304    ----a-w-    C:\windows\System32\actxprxy.dll
2013-03-02 02:43:50    156160    ----a-w-    C:\windows\System32\powercfg.cpl
2013-03-02 02:15:53    26112    ----a-w-    C:\windows\System32\drivers\mouhid.sys
2013-03-01 04:56:18    30720    ----a-w-    C:\windows\System32\drivers\monitor.sys
2013-02-22 20:34:04    9808    ----a-w-    C:\Users\Austinaj6688\AppData\Roaming\BabMaint.exe
2013-02-21 10:30:16    1766912    ----a-w-    C:\windows\SysWow64\wininet.dll
2013-02-21 10:29:39    2877440    ----a-w-    C:\windows\SysWow64\jscript9.dll
2013-02-21 10:29:37    61440    ----a-w-    C:\windows\SysWow64\iesetup.dll
2013-02-21 10:29:37    109056    ----a-w-    C:\windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07    2240512    ----a-w-    C:\windows\System32\wininet.dll
2013-02-21 10:15:00    915968    ----a-w-    C:\windows\System32\uxtheme.dll
2013-02-21 10:14:09    3958784    ----a-w-    C:\windows\System32\jscript9.dll
2013-02-21 10:14:05    136704    ----a-w-    C:\windows\System32\iesysprep.dll
2013-02-19 09:53:00    534528    ----a-w-    C:\windows\SysWow64\uxtheme.dll
2013-02-15 07:58:59    39936    ----a-w-    C:\windows\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40    444416    ----a-w-    C:\windows\apppatch\AcSpecfc.dll
2013-02-12 01:30:04    44032    ----a-w-    C:\windows\SysWow64\UXInit.dll
2013-02-12 00:56:19    53760    ----a-w-    C:\windows\System32\UXInit.dll
2013-02-12 00:17:50    20992    ----a-w-    C:\windows\System32\drivers\usb8023.sys
2013-02-07 01:33:01    754176    ----a-w-    C:\windows\SysWow64\actxprxy.dll
2013-02-05 22:31:11    622080    ----a-w-    C:\windows\System32\drivers\srv2.sys
2013-02-05 22:29:09    370688    ----a-w-    C:\windows\System32\drivers\mrxsmb.sys
2013-02-05 22:28:48    247808    ----a-w-    C:\windows\System32\drivers\srvnet.sys
2013-02-05 22:28:36    215552    ----a-w-    C:\windows\System32\drivers\mrxsmb20.sys
2013-02-02 11:19:44    496872    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2013-02-02 11:19:44    446184    ----a-w-    C:\windows\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:33    61672    ----a-w-    C:\windows\System32\drivers\crashdmp.sys
2013-02-02 10:54:54    1933544    ----a-w-    C:\windows\System32\drivers\ntfs.sys
2013-02-02 10:28:54    993512    ----a-w-    C:\windows\System32\drivers\ndis.sys
2013-02-02 09:42:07    2207232    ----a-w-    C:\windows\SysWow64\PrintConfig.dll
2013-02-02 08:40:58    375808    ----a-w-    C:\windows\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:55    80896    ----a-w-    C:\windows\SysWow64\tasklist.exe
2013-02-02 08:40:55    79360    ----a-w-    C:\windows\SysWow64\taskkill.exe
2013-02-02 08:40:36    155136    ----a-w-    C:\windows\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35    370688    ----a-w-    C:\windows\SysWow64\WWanAPI.dll
2013-02-02 08:40:27    131072    ----a-w-    C:\windows\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26    410624    ----a-w-    C:\windows\SysWow64\wlroamextension.dll
2013-02-02 08:40:22    197632    ----a-w-    C:\windows\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:22    10792448    ----a-w-    C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:39:59    325632    ----a-w-    C:\windows\SysWow64\schannel.dll
2013-02-02 08:39:47    18432    ----a-w-    C:\windows\SysWow64\npmproxy.dll
2013-02-02 08:39:34    55296    ----a-w-    C:\windows\SysWow64\nlaapi.dll
2013-02-02 08:39:34    15872    ----a-w-    C:\windows\SysWow64\nlmproxy.dll
2013-02-02 08:39:34    12288    ----a-w-    C:\windows\SysWow64\nlmsprep.dll
2013-02-02 08:39:33    115712    ----a-w-    C:\windows\SysWow64\netprofm.dll
2013-02-02 08:39:15    157696    ----a-w-    C:\windows\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54    567808    ----a-w-    C:\windows\SysWow64\duser.dll
2013-02-02 08:24:19    107520    ----a-w-    C:\windows\System32\taskkill.exe
2013-02-02 08:24:19    102400    ----a-w-    C:\windows\System32\tasklist.exe
2013-02-02 08:23:44    228352    ----a-w-    C:\windows\System32\XpsRasterService.dll
2013-02-02 08:23:43    475136    ----a-w-    C:\windows\System32\WWanAPI.dll
2013-02-02 08:23:37    611840    ----a-w-    C:\windows\System32\wpd_ci.dll
.
============= FINISH: 14:28:46.09 ===============
 
 

Relevance 100%
Preferred Solution: I think I'm being Keylogged - Emails hacked into multiple times.

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: I think I'm being Keylogged - Emails hacked into multiple times.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Third party programs if not up to date can be the cause of infiltration an infection.Please run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.===Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete tab follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).Please paste the logs in your next reply DO NOT ATTACH THEM.===Run the DDS tool again and post a fresh log.Let me know what problem persists.

9 more replies
Relevance 75.03%

Multiple accounts including Emails have been hacked, ran multiple virus/adware programs including Ad-Aware, AVG, and Avast but couldn't find anything.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:01:54 PM, on 8/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd... Read more

More replies
Relevance 72.16%

I have been experiencing a problem with outlook 2003. If an email has an attachment and I try to send or forward it is sent 20,30 or even up to 80 times to recipient/or recipients. Has anyone else had this problem? If you did how in the heck did you fix it?????????????
 

More replies
Relevance 72.16%

Hi Everyone,

We are experiencing a few issues with emails on a few of our customers machines. The issue being is that emails they send are being recieved by the recipients multiple times. The common factor with the pc's is that they are running Vista and Office 07. The emails don't clear out of the outbox and get stuck. The sent email folder on the main colprut is constantly emptied so there is no size limitation issue going on there. We have uninstalled Internet Security programs. disabled Firewalls. Have even completly reloaded. Have spoken to microsoft but no help there. Spoke to ISP no issue there according to them. All service packs are installed but still no luck. Have even tried diferent routers.

Any help on this would be greatly appreciated.

Kind Regards,
Luke
 

More replies
Relevance 71.34%

The charity I work for has about a dozen users and uses Outlook 2007 for email. Over the last few weeks we are getting more and more emails that send multiple times - someimes a handful of times, sometimes 50 times. The hosting company give us advice like delete all your large sent emails / make sure the offending email is not stuck in your Outbox / turn off virus scanning on outgoing emails. But none of this works. Can anyone help us resolve this please?
 

More replies
Relevance 70.52%

So about three weeks ago my WoW account and the email linked to it got hacked so i wiped my computer assumeing i had a keylogger and then followed the steps to get them back 2 days later my email and wow account got hacked again but this time the email linked to my email and my facebook were hacked so i ran malware bytes got a firewall and started running a keylog detector i also created a new email and got my wow account / new facebook linked to it. the next day every single one of my emails my new face book my wow account and my league of legends account were all changed and once i got my facebook back i found out the hacker had more than a few convo's with the friends i had online and then deleted every single one of them. well somehow (he wont tell me how) my ex GFs grandpa got all my emails back that very day and changed all the passwords. i then wiped my computer AGAIN before logging into anything changed all my passwords and secret questions just to wake up the next morning to be locked out of EVERYTHING!! this is extreamly annoying someone please help.
DDS (Ver_10-11-27.01) - NTFSx86
Run by Owner at 8:48:12.75 on Tue 11/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1597 [GMT -8:00]
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS... Read more

More replies
Relevance 70.52%

Hi

I work for a charity with 12 staff. We use Outlook for our emails. Recently, we are all finding that some of our emails are sent again and again - sometimes a few times, sometimes 50 or more! On some occasions you can see it stuck in the Outbox and manage to cancel it but other times it has sent straight away and there is no sign of a problem til the phone starts ringing from annoyed/confused recipients.

The company that hosts us (Solid Rock) says we have outgrown them and that they cannot help. That seems curious for a small organisation like ours. So question 1 is whether this might be true or whether we have a deeper IT problem - and if so, what is it?

Second question, while we sort out a new hosting company, is about an interim fix. We use authsmtp.com when we are travelling (usually abroad) so that we can send emails without hotel or other public places blocking them. If we move everyone onto authsmtp will it stop the multiple sending problem if our current host is the problem?
 

Answer:Outlook sends emails multiple times - 2 questions please...

A common reason for repeated sending of mail is a full Sent Items folder.
Is everyone affected using the same installation of Outlook and the same Sent Items?
You could try creating a new folder named Old Sent and moving everything from the Sent Items into it.

What type of account is it? Pop, Imap, Exchange?
 

3 more replies
Relevance 69.7%

Hello guys, i need help ASAP.I've been hacked, my Gmail account password got changed this morning and i've tried my password several times already and it doesn't work. And then later on i found out my Rapidshare premium account got hacked as well, both happened this morning. I then emailed to both Gmail & Rapidshare support and right now i've got my Gmail account back and i can see that the IP log is different and that my Rapidshare password and security lock code has been changed this morning, which obviously suggests that it's hacked, since my Gmail is the primary email that is linked to Rapidshare, so any confidential changes to my Rapidshare account will be sent to my Gmail account.Also, my personal info has been changed as well, the name is changed and everything else, so i am sure i've definitely been hacked.I'm sure it's only a matter of time until i get my Rapidshare account back since i provided a lot of proof and information.But right now i have several concerns........from what i think, there could be 2 ways i got hacked. The first way is that i might have been to some malicious websites (i don't even remember going to any website at all other than viewing Youtube the whole day), and that my Rapidshare account got philshed (which is impossible since i don't login my Rapidshare on any websites at all, i only use download managers which is a one time setup), and since my Rapidshare password is the same as my Gmail password, the hacker could've philshed my Rapidsh... Read more

Answer:Need help urgently, my PC is hacked and might be keylogged!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 69.7%

Hello,

I got email today from Blizzard telling my wow accaount has been compromised. I got also instructions how to check & clean my PC. Before I sent this HiJackThis log to you I did run:

- Ad Aware 8.1.2 full scan
- Symantec Antivirus 10.1.0.401 full scan
- ATF Cleaner
- Spybot S&D 1.6.2.46 full scan
- MalwareBytes Anti-Malware 1.41 full scan

This is second time now. First time I realized my account was hacked on October after having not been played for few months. My PC is running properly without any popups and it is not slow. Both times when password was stolen I remember I have visited Blizzard web site with IE. For example last week I merged my account to Battle.net according to blizzard recommendation. I did that with browser and I sent new user name and pass during the merging process.
 

More replies
Relevance 69.7%

Hello guys, i need help ASAP.

I've been hacked, my Gmail account password got changed this morning and i've tried my password several times already and it doesn't work. And then later on i found out my Rapidshare premium account got hacked as well, both happened this morning. I then emailed to both Gmail & Rapidshare support and right now i've got my Gmail account back and i can see that the IP log is different and that my Rapidshare password and security lock code has been changed this morning, which obviously suggests that it's hacked, since my Gmail is the primary email that is linked to Rapidshare, so any confidential changes to my Rapidshare account will be sent to my Gmail account.

Also, my personal info has been changed as well, the name is changed and everything else, so i am sure i've definitely been hacked.

I'm sure it's only a matter of time until i get my Rapidshare account back since i provided a lot of proof and information.

But right now i have several concerns........from what i think, there could be 2 ways i got hacked. The first way is that i might have been to some malicious websites (i don't even remember going to any website at all other than viewing Youtube the whole day), and that my Rapidshare account got philshed (which is impossible since i don't login my Rapidshare on any websites at all, i only use download managers which is a one time setup), and since my Rapidshare password is the same as ... Read more

Answer:Need help urgently, my PC is hacked and might be keylogged!

9 more replies
Relevance 69.7%

Hello guys, i need help ASAP.

I've been hacked, my Gmail account password got changed this morning and i've tried my password several times already and it doesn't work. And then later on i found out my Rapidshare premium account got hacked as well, both happened this morning. I then emailed to both Gmail & Rapidshare support and right now i've got my Gmail account back and i can see that the IP log is different and that my Rapidshare password and security lock code has been changed this morning, which obviously suggests that it's hacked, since my Gmail is the primary email that is linked to Rapidshare, so any confidential changes to my Rapidshare account will be sent to my Gmail account.

Also, my personal info has been changed as well, the name is changed and everything else, so i am sure i've definitely been hacked.

I'm sure it's only a matter of time until i get my Rapidshare account back since i provided a lot of proof and information.

But right now i have several concerns........from what i think, there could be 2 ways i got hacked. The first way is that i might have been to some malicious websites (i don't even remember going to any website at all other than viewing Youtube the whole day), and that my Rapidshare account got philshed (which is impossible since i don't login my Rapidshare on any websites at all, i only use download managers which is a one time setup), and since my Rapidshare password is the same as my Gmail password, the hacker could've phi... Read more

Answer:Need help urgently, my PC is hacked and might be keylogged!

I suggest that you proceed to to our Security Center, Virus/Trojan/Spyware Help Forum, to have your system reviewed by a Security Analyst. Please be sure to follow THESE STEPS carefully before posting your logs in the Security Forum.

Please be patient as the Security Analysts are very busy and one will get to you as soon as possible.

Regards. . .

jcgriff2

.

1 more replies
Relevance 68.88%

link to other topic - http://www.bleepingcomputer.com/forums/topic451831.html/page__gopid__2682141#entry2682141i am using xp 64bit so i can not run DDS and was told to us OTL instead, here is that log. OTL logfile created on: 4/29/2012 12:03:37 AM - Run 1OTL by OldTimer - Version 3.2.42.1 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstationInternet Explorer (Version = 6.0.3790.3959)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 8.00 Gb Total Physical Memory | 6.52 Gb Available Physical Memory | 81.55% Memory free19.56 Gb Paging File | 18.58 Gb Available in Paging File | 94.95% Paging File freePaging file location(s): c:\pagefile.sys 12285 12285 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)Drive C: | 279.45 Gb Total Space | 215.31 Gb Free Space | 77.05% Space Free | Partition Type: NTFSDrive D: | 232.88 Gb Total Space | 223.15 Gb Free Space | 95.82% Space Free | Partition Type: NTFS Computer Name: DOMINIC | User Name: Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Administrator\My Documents ... Read more

Answer:keylogged? hacked? Zaccess rootkit?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please DownloadTDSSKiller.zip>>> Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan. Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANTPlease post the contents of that log in your next reply.There shall also be a file on your desktop named MBR.dat. Righ... Read more

25 more replies
Relevance 68.88%

OK. I am somewhat computer literate. My knowledge is mainly self taught which says it all so please bear with me if I mislabel or misconstrue things. My "boyfriend", I believe has installed a program on my laptop that tracks everything I do. I'll try to summarize without leaving out necessary facts. I found a bunch of files in Notepad. These files were txt docs mainly. Also exe. docs and html,jpig,gif....I had never used or even heard of Notepad. I opened these and they are I guess it would be called encrypted. I need to know how to make these readable. I believe I went to C: then Documents and Settings then RILEY GUNZZ....I hadn't made a Riley Gunzz folder? Within this there was OneNote folder which I had also never used. I also believe there are drivers and devices installed on my computer that do not belong as well.I found a pin drive in our bed one morning. It looked familiar so I plugged it in not knowing that everything on it would transfer to my computer. Sooooo....it seems his personal files as well as ones he had of me transfered to my computer and the "spy" program he installed hacked his files. I guess the first thing is I would like to decode these txt, gif,htm, exe DAT, files to know what these files and folders contain. Should I attach some?? Second how do I stop this from happening from now forward?? Detect and remove keylogger? I use webroot with antivirus. Plus malwarebytes anti malware, and SUPER antispyware.Finall... Read more

Answer:Hacked! Keylogged! Spied on! AAAAAAAHHH!

There's a bleeping computer forum where people can get help for possibly infected computers. You can check it out here:Am I infected? What do I do?

2 more replies
Relevance 68.88%

so about a month ago my friend sent me a bhop program for csgo EXTREMELY sketchy but my friend has said he was using it for months anyways i got keylogged and within 20 minutes the guy tried logging in to my gmail , facebook , skype , steam etc he only got my old facebook and skype . now i am almost certain i got rid of that one because it was a keylogger instantly i was lagging in my games and the hacker who got my skype was just trying to send the bhop script to everyone on my friends list but the most recent hacker has just completly tried to wipe the fact i ever owned the account and is adding french people and speaking in french very weird shit the guy had atleast 20 convos with people and he was saying shit like "oh im leaving right now to meet at the coffe shop beside *enter street name here* and the person would respond and say oh alright il meet you soon" very weird stuff kinda like i was into someones personal texts. now the french guy got my old facebook account deleted everyone and added a bunch of french people and chatted with them like he did with my skype . they day the facebook happened i really didnt download anything besides gta 5..

TLDR some french guy took my facebook accounts 2-3 weeks ago and TODAY took my skype account but isnt able to highjack me because of 2step
 

More replies
Relevance 68.88%

Kinda frightened here.
I noticed day before yesterday that my gmail account had a response from someone I didn't know answering a question about some baby itmes for sale in Winnipeg...I live in central Illinois and did not ask this question.

I immediately changed my password for gmail to one that was supposedly strong. Today I notice this person signed for Domino's account and ordered pizza with my username. They also questioned M$ about an update problem for windows and get a thorough response...the scary part is that MY computer has an update problem and hasn't been able to be updated since 2007. I have the persons name,phone,and city.

What is going on here?

I'm running a Dell Dimension 2350 with 1.5g ram and XP pro behind Zone alarm firewall, AVG anti virus, Spybot S&D, Ccleaner, Ad aware... cable internet, and a Dlink wireless router for my laptop.

Help? I'm running Spybot right now ,but, not holding out much hope that this will help anything.
 

Answer:AM I hacked or keylogged or remote controlled??

Welcome to Major Geeks!



sbspence said:





Today I notice this person signed for Domino's account and ordered pizza with my username.Click to expand...

Did they use your credit card info?

How are you finding out about them asking questions at Microsoft? Are you getting return emails on this?

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading... Read more

1 more replies
Relevance 68.88%

My facebook account was hacked into and now money in my bank account is starting to disappear. I tried to turn on the firewall but Windows firewall don't even work. It says "Due to an unidentified problem, Windows cannot displays Windows Firewall settings". Also, I notice the computer is starting up slowly. Please help. Here is the DDS log:DDS (Ver_10-03-17.01) - NTFSx86 Run by chen at 22:51:37.87 on Fri 08/20/2010Internet Explorer: 6.0.2800.1106Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.128.32 [GMT -6:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Microsoft LifeCam\MSCamS32.exeC:\WINDOWS\System32\svchost.exe -k imgsvcC:\WINDOWS\Explorer.EXEC:\WINDOWS\vVX6000.exeC:\Program Files\Java\jre6\bin\java.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\chen\Desktop\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.ca/BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\Acr... Read more

Answer:I believe my computer was hacked or keylogged.Urgent!

Hi sugarbunny,Welcome to Bleeping Computer!My name is mpascal, and I will be helping you fix your problem.Before we begin, I would like give a few guidelines so that we can fix your problem as quickly and efficiently as possible:Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.Please do not do anything or perform other steps unless I have asked you to do so.Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.If you are unsure of how to reply, or need help with anything regarding the website, please look here.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will ... Read more

2 more replies
Relevance 62.32%

Hi, I'm almost certain I downloaded a keylog. I ran the scans hope to receive some assistance when possible. Thank you.

I do not have access to Windows Install disc.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Sam's Club at 16:30:57.86 on Sun 09/05/2010
Internet Explorer: 7.0.6000.17037
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.3006.927 [GMT -7:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k Loc... Read more

Answer:Keylogged: multiple accounts compromised

Hello and welcome to TSF. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

I'm not sure about any keylogger, but I do see signs of infection in those logs.

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------


Refer to the ComboFix User's Guide

Download ComboFix from one of these locations, but do... Read more

4 more replies
Relevance 56.99%

We all have friends who forward emails they have received from others and sometimes they can be a nuisance but other friends don't do it so often that it is annoying and they seem to find very interesting "things" and you would like to continue to open them BUT how can you tell if the email is a result of a hacked "infected" version? I'd like to know what you think of this...

Instead of just forwarding another email you put some text in it to identify it as coming from you (NOT in the subject). Like the following "Hi guys thought you'd like to see another Smith's find" (insert your own last name or a nickname your friends know is really you).

You might even send an email around telling your friends that you are identifying forwarded emails by "Don's favorites" BUT don't use it in the subject line.
 

More replies
Relevance 55.76%

Talking about myself, I got hacked about twice. The first thing I did after realizing was disconnecting from the internet. After that, I scanned my computer, did all the registry scans and deleted all suspicious programs.
 
Meanwhile, I used someone else computer to recover my accounts. What about you guys?
What would you do or did after getting hacked?
 
As I got hacked twice, so now I keep my security upto 99.99% and create insanely complex passwords. It is not very difficult to create complex password and keep them memorized.
 
Check this Post
http://geekfellows.com/how-to-create-a-strong-password/

Answer:How many times you have been hacked?

my yahoo acct back in the day, same hacker even tried again! most trouble ive had being hacked is on my cell phone tho....VERY leary of owning a smart phone anymore...happy w/my lil pictureless cheapy. I can get online here
PW?
1st letter of every word in a song i like? or maybe just a saying that stuck in my head.... computer lingo sometimes 3=e 8=s for me 0=O

8 more replies
Relevance 55.35%

THANK YOU FOR YOUR HELP!!!!!!!!!!!!!!!!

Now when I go online, IE automatically opens (I don't use IE, I use Firefox) and ads pop up. Also, Zone Alarm prompts me w/alerts regularly (esp. when I open a file or program) that <program name> is trying to access <something> which can track keystrokes, etc. I'm now also getting ZoneAlarm alerts saying that <random #s/letters> is trying to start automatically when I start the computer.

I downloaded hijack this, clicked scan button, and got this popup alert:

---------------------------
HijackThis
---------------------------
For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\WINDOWS\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.
---------------------------
OK
---------------------------


Hit the OK button and here is the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:04 PM, on 3/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\sys... Read more

Answer:Virus: IE opens w/ads, multiple times, also brings up multiple ZoneAlarm alerts

12 more replies
Relevance 55.35%

I am infected. Can only boot in SafeMode. Removed multiple items multiple times. Is Combo fix my next step?

EMachines, T6412, AMD Athlon 64, 3400+, 2.19 GHz, 1.37 GB of Ram, Windows XP SP2

Can only boot in Safe Mode.

Booted without Internet. And Unplugged Ethernet from computer.

Pop-ups include:

Your computer is not protected against spyware....
Internet attack attempt detected......
your computer is infected with spyware...
Your Computer is working slowly.....
Windows Security Center System Warning
full screen "Threat: CoolWebSearch"
Windows Security Center
full screen "Threat Name: TrojanDownloader.XS"

SpyBot (updated to the latest) has removed the following but they do not stay removed and I have removed them again many times. Wait 10 minutes, ran SpyBot again, they return again without rebooting.:

ClientMan
CoolWWWSearch
CoolWWWSearch.008k
CoolWWWSearch.Aff.ledll
CoolWWWSearch.AffWinshow
CoolWWWSearch.BlowSearch
CoolWWWSearch.Bootconf
CoolWWWSearch.Dreplace
CoolWWWSearch.Gonnasearch
CoolWWWSearch.Leftovers
CoolWWWSearch.SmartSearch
CoolWWWSearch.Svcinit
CoolWWWSearch.WCADW
CoolWWWSearch.WinRes
CoolWWWSearch.WinSearch
CoolWWWSearch.Yexe
Microsoft.WindowsSecurityCenter.TaskManager
Smitfraud-C.
Smitfraud-C.generic
Smitfraud-C.gp
ToolbarCC
Win32.Small.ny

Ran AVG Antivirus numerous times - Vault items. Some repeat:

Trojan horse Downloader.Purityscan.y
Trojan horse Downloader.Agent.15.A
Trojan Horse Sheur.BJSJ
Trojan horse Generic10.VYB
Trojan ho... Read more

Answer:I Am Infected. Can Only Boot In Safemode. Removed Multiple Items Multiple Times. Is Combo Fix My Next Step?

Please run this scan first. Combo fix may be the next alternative,but it is NOT a tool you should run without guidance. That can all be done from the HiJackThis malware removal forum. But we'll try this first.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed succ... Read more

4 more replies
Relevance 54.94%

I am trying to get my wife's new computer up and running without any BSOD or program failures. Note that the system was not initially set up to capture the dmp files so all the earliest ones are missing. I presented the initial problems to the original seller who recommended sticking with MSE and uninstalling Norton 360 and I did that. Another forum suggested that Virtual Memory was the problem and I disabled and restored VM. Still having multiple crashes and I am hoping that I can get real help here. I do note that all the crashes have ntoskrnl.exe in the driver stack although sometimes alone and sometimes with other drivers.

System Info
Microsoft Windows 7 Professional 64-bit 7601 Multiprocessor Free Service Pack 1
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
MOBO ASUSTeK Computer INC. P5G41T-M LX3
BIOS Date: 01/13/11 16:27:43 Ver: 08.00.14
8.00 GB Dual-Channel DDR3 @ 533MHz (8-8-8-20)-Corsair 2x4GB
1024MB NVIDIA GeForce GT 440 (ASUStek Computer Inc)
NVIDIA High Definition Audio, Realtek High Definition Audio
2 Monitors: DELL 1908FP (Digital), Dell 1907FP(Analog) [email protected]
1) Hitachi HDS721050CLA362 ATA Device (2) WDC WD10EACS-00ZJB0 ATA Device (3) WDC WD5000AACS-61M6B2 ATA Device

I am attaching the zip file with Windows_NT6_BSOD_jcgriff2 and PERFMON.html included. I am assuming that the DMP files are included therein.

Please advise if you need more information to help solve this problem. Thank you for your help and wonderful support seen h... Read more

Answer:Multiple BSOD at Random Times with Multiple Drivers Identified

  
Quote: Originally Posted by a1newman


I am trying to get my wife's new computer up and running without any BSOD or program failures. Note that the system was not initially set up to capture the dmp files so all the earliest ones are missing. I presented the initial problems to the original seller who recommended sticking with MSE and uninstalling Norton 360 and I did that. Another forum suggested that Virtual Memory was the problem and I disabled and restored VM. Still having multiple crashes and I am hoping that I can get real help here. I do note that all the crashes have ntoskrnl.exe in the driver stack although sometimes alone and sometimes with other drivers.

System Info
Microsoft Windows 7 Professional 64-bit 7601 Multiprocessor Free Service Pack 1
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
MOBO ASUSTeK Computer INC. P5G41T-M LX3
BIOS Date: 01/13/11 16:27:43 Ver: 08.00.14
8.00 GB Dual-Channel DDR3 @ 533MHz (8-8-8-20)-Corsair 2x4GB
1024MB NVIDIA GeForce GT 440 (ASUStek Computer Inc)
NVIDIA High Definition Audio, Realtek High Definition Audio
2 Monitors: DELL 1908FP (Digital), Dell 1907FP(Analog) [email protected]
1) Hitachi HDS721050CLA362 ATA Device (2) WDC WD10EACS-00ZJB0 ATA Device (3) WDC WD5000AACS-61M6B2 ATA Device

I am attaching the zip file with Windows_NT6_BSOD_jcgriff2 and PERFMON.html included. I am assuming that the DMP files are included therein.

Please advise if you need more information to help solve this pr... Read more

2 more replies
Relevance 54.94%

I built a computer recently. Since day one I get BSODs but the drivers, and Bug/Checks listed are never the same.
I was thinking it couldn't be a single device or driver so I've:

Replaced the MOBO.
Repair Installed the OS.
Replaced the RAM.

It BSOD'd multiple times between each change.

The only things I've run are IE/FF and Ableton Live 9. Ableton is usually running during the BSOD but it was not the last time.

Thanks!

Answer:BSOD multiple times with multiple Drivers/Bug Check Stings

Welcome sfbybuss! Without looking at the file, since you say the lists is never the same and you built the computer, are you sure the PSU is up to speed? Latest MB BIOS?

6 more replies
Relevance 54.94%

Hi,
This happening to me from past 2 months. I am managing 20 sites and every site getting hacked. I have shifted 6 different server & hosting provider but result same.
My site are hosted in wordpress and I use some plugin. I'm not sure how they are hacking. They have injected my PC or the plugin of the wordpress is injected.
 
Kaspersky and Malwarebyte installed in my PC and both are licensed.Plugin that i use :
1. wordpress.org/plugins/comment-link-remove/
2. wordpress.org/plugins/my-html-post-widgets/
3. wordpress.org/plugins/insert-headers-and-footers/
4. WP-automatic ( Download Link : www46.zippyshare.com/v/6qp7GUqy/file.html ) (VirusTota; : virustotal.com/#/file/406a435eb83f77e26c6c99e3a4bf765854069d6c48395e2e1447f5288f2e970d/detection ) Downloaded from Online forum
Themes
5. SocialViral Themes ( Download link : www112.zippyshare.com/v/7Cqm4LpA/file.html ) (VirusTotal : virustotal.com/#/file/50062f86108ab68f33a97b1a4b216d473055b99ffc994a1684aa33ba1df6cb33/detection
 
These 4 Plugin are common that i use in all my site.
---------------------------My PC Scan :
WEEDIAGNOSE created by JoshuTee :www.pastebin.com/g4iFNeHK
AdwCleaner  : www.pastebin.com/9dFMt1H2
aswMBR : www.pastebin.com/g0F0Sxhq
FRST : https://pastebin.com/WYFnKaLY
FRST Additional : https://www.pastebin.com/aCSGg1QW
Please Help me to fix the issues. Thank you.
 

Answer:I got hacked many times continuesly - Help me

Hi rajeevrrs5
My name is polskamachina and I would like to you to the Malware Removal Forum. I will be helping you with your malware issues.
What follows below are some ground rules for this forum.
 
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-8 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.
Some points for you to keep in mind:
Do NOT run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
Do not attach logs or use code boxes, just copy and paste the text into your replies to me.
I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
NOTE: It is good ... Read more

2 more replies
Relevance 54.94%

Hi, my world of warcraft account has been hacked 3 times in a short space of time, and i therefore need to find if there is any undetected malware. I have run lots of virus scanners and malware removers but i want to try to make sure it doesn't happen for a 4th time.

I would therefore appreciate if anyone could tell me if there are any signs of malware still in my system.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:54, on 11/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Lavas... Read more

More replies
Relevance 54.53%

Last week I started receiving BSODs, and after the first one it got to the point where my computer was not booting up and my hard drive was beeping very angrily at me. I was not sure what all the problems were, however I also knew that there was something seriously wrong with my hard drive, so I replaced it with a new hitachi. After installing windows and running smoothly (updating everything and installing) for several hours, I had a blue screen again. I ran memtest86, and received 0 errors, so I'm assuming it's not my RAM, and because it's a new installation of windows and a new hardrive I'm assuming those aren't the issues. I am planning on taking it in to a shop tomorrow to see if they can diagnose what's malfunctioning, but if someone here can tell enough, then I would appreciate it.

Blue screens happened at multiple temperatures (~20C ~36C)

Blue screen 1 event log (I did not save the first problem signature)

- Provider

[ Name] Microsoft-Windows-Kernel-Power
[ Guid] {331C3B3A-2005-44C2-AC5E-77220C37D6B4}
EventID 41
Version 2
Level 1
Task 63
Opcode 0

Keywords 0x8000000000000002

- TimeCreated

[ SystemTime] 2013-10-13T17:27:50.558821000Z

EventRecordID 2467

Correlation

- Execution

[ ProcessID] 4
[ ThreadID] 8

Channel System

Computer Pirro

- Security

[ UserID] S-1-5-18


- EventData

BugcheckCode 26
BugcheckParameter1 0x403... Read more

Answer:BSOD Multiple times multiple errors 0x0000001A

Hello and welcome, please try the steps below.





Quote:
Based on the bugchecks, I would recommend you follow and complete the steps given below:1. If you are overclocking any hardware, please stop. Reset any changed values back to default and reset/clear CMOS: Clear CMOS - 3 Ways to Clear the CMOS - Reset BIOS. Uninstall any overclocking tool as these can also be a reason of blue screens.

2. Uninstall your current antivirus software. It can be a cause of BSOD very often. Please remove it with its removal tool and use Microsoft Security Essentials in its place. Malwarebytes is a great combination with it. Go through this thread for more info.

3. Run Disk Check with both boxes checked for all HDDs and with Automatically fix file system errors. Post back your logs for the checks after finding them using Check Disk (chkdsk) - Read Event Viewer Log

4. Run SFC /SCANNOW Command - System File Checker to check windows for integrity violations. Run it up to three times to fix all errors. Post back if it continues to show errors after a fourth run or if the first run comes back with no integrity violations.

5. Make scans with Kaspersky TDSskiller and ESET Online scanner.

6. Perform a Clean Start up, this will help avoid any problematic applications from bugging the system.

7. Use Revo Uninstaller Free to uninstall stubborn software. Opt for Advanced Mode and uninstall the software, delete the leftover registry entries.

8. Use Crystal Disk Info to... Read more

1 more replies
Relevance 54.53%

Hello everyone,

I came here once before for assistance, but the issue was unable to be resolved. Here is the link to the previous thread.

Several BSOD, no singular triggers

There is no singular trigger to set this off. Sometimes I can go hours without any issue, other times BSOD occurs in the middle of a reboot from another BSOD.

I appreciate any help given. Thanks.

Answer:BSOD Multiple types multiple times a day, can't pin down the problem

Bump

9 more replies
Relevance 54.53%

windows 7 x64
- original install on system but i don't have my disks. they are somewhere...
- full retail version installed
- age of the system is approximately 3 years
- age of the install is approximately 2 years

it seems to happen at random but i get BSODs. approximately 2-3 times a day for a week or so. then nothing for a few days. I cannot seem to reproduce it manually.

i've attached my dump files and health report as advised on this site.

i disabled my antivirus before running this set of error reports as a precaution.
any help would be greatly appreciated.

Answer:BSOD errors. multiple times during multiple programs

Have you recently added any RAM or new hardware to this system?

Uninstall Any Daemon Tools that you have installed. Those are a common reason for BSODs

try these:
SFC /SCANNOW Command - System File Checker

After:
Disk Check

Post back results please.

5 more replies
Relevance 54.53%

Hey i am new and i have heared there is great people on this forum who are good at what they do . So i think my PC infected as my game been hacked three time in one week. So here goes nothing...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:08:06, on 14/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\RTHDCPL.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\xampp\apache\bin\apache.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\xampp\filezillaftp\filezillaserver.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\xampp\apache\bin\apache.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.ex... Read more

Answer:WoW (game) hacked three times. Keylogger!

Bump (thread went unoticed sorry)

5 more replies
Relevance 54.53%

hey my wow acc has been hacked to times now and i really need help
HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:39, on 02-05-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\Programmer\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programmer\Curse\CurseClient.exe
C:\Programmer\Steam\Steam.exe
C:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\PROGRA~1\AVG\AVG8... Read more

Answer:World of Warcraft Acc hacked to times

bumb
 

3 more replies
Relevance 53.71%

Running 70+ Processes Vista 64
Ok,

I keep my start file clean and use MSConfig to controll startup programs but am still running 70-80 Programs with Vista 64. Below is a log after I ran Superspyware and Malwarebytes. Any help will be appreciated as I am a gamer and am always fighting bloat + am new to Vista. (New I-7 920 Velocity Micro computer) What is causing up to 80 processes to run?

Thanks for any and all help!

My logs:

DDS (Ver_09-09-29.01) - NTFSx86
Run by Mike at 12:22:47.05 on Sat 10/03/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_07
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.6132.3251 [GMT -5:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C... Read more

Answer:Running 80 processes at times..Virus? hacked?

bump to top

1 more replies
Relevance 53.71%
Question: hacked emails

my email has been hacked. how do I fix this?
 

Answer:hacked emails

In what manner do you know that it has been "Hacked"?

What is happening?
 

2 more replies
Relevance 53.71%

I have 2 email accounts, 1 for personal use and 1 for work use, both are Hotmail.com addresses. For the past month or so each time I open my personal one a page comes up after I log in asking for information. It has a blue bar across the top saying 'Microsoft account' but no other indication it is from them. It then has the title; A password isn't enough. This is followed by asking for an alternative email address, a phone number and a security question which consists of asking for my fathers middle name. Is this a phishing scam? There are no boxes to tick to delete it and it only comes up on the one account. Any ideas how I can get rid of it? I have run AVG, CCleaner and cleared out my cookies.
Thanks in advance.

Answer:Have my emails been hacked into?

Conny, if it's this that you're seeing, then no, you haven't been hacked into as it's a legitimate Microsoft security-warning.
A check you can make to ensure you're on the right webpage is to look at your browser's address bar. In Firefox and IE the domain is indicated in bold type so if it says live.com or hotmail.com then you know you're in the right place.

5 more replies
Relevance 53.71%

Several of our company emails were hacked by another employee using a generic password to get into others Go Daddy email account and sent emails to the manager. Are we able to obtain the IP address of the computer that the emails were sent from?
 

Answer:Emails being hacked

This is a company/business-related issue that we really can't help you with.
Your boss/owner probably needs to hire an I.T. technician to look into this.

--------------------------------------------------------------
 

2 more replies
Relevance 53.3%

Alrighty, so for the past month I've started to see my new gaming PC starting to go down hill. I noticed after about 3 to 4 days of the PC running straight, it begins to slow down and it eventually crashes either in game or mid program boot up. I've had the following BoSD errors with the most common one being first:

memory_dump
watchdog
memory_management

I've scanned my drives for errors, ran all of my antivirus programs (malware bytes, glary, registry cleaner, windows defender, spybot S&D, and cCleaner). but none of these are have detected any issues out of the ordinary besides a few file types gone rogue, or some cookies from Chrome. I do these now on a daily basis and haven't had any errors for the past 3 days. Yet I ironically, I just had a memory_management error this morning (which is a new error I've never had before till now). I'm completely out of ideas and I am starting to think that the RAM may be bad possibly. Helps and suggestions would be great.
Thank You

Answer:BoSD Multiple Times, Multiple Errors

BSOD's caused by atikmdag.sys which is part of the Radeon 7870 ICEQ GHz Edition drivers. Download the latest video driver then re-install it.

It is better if you re-install in safe mode.

Win+C->click on Settings->Click on Power-> Hold down SHIFT key then click on Restart
Click Trouble Shoot->Advanced Option->Startup Settings->Enable Safe Mode then click on Restart
The PC will reboot -> select enable Safe Mode by select the #

Good luck !!!

2 more replies
Relevance 53.3%

Hello i recently got hit with a trojan horse 2 days ago and since then ive reformatted 4 times and this ******* virus keeps coming back again and again wont let me do anything i could barely login in the forum please guys i need your help heres a pic of prevx search:

http://i40.tinypic.com/311tbvs.jpg

http://i39.tinypic.com/2emfn0w.jpg

http://i44.tinypic.com/9rlm6b.jpg

And Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:07 AM, on 3/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\System32\reader_s.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\afisicx.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ... Read more

Answer:[SOLVED] Hacked with trojans reformatted 4 times didnt help

Heres a GMER log too:|

GMER 1.0.15.14939 - http://www.gmer.net
Rootkit scan 2009-03-18 11:00:34
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

Code 867434D0 pIofCallDriver

---- Devices - GMER 1.0.15 ----

Device \Driver\NDIS \Device\Ndis [866EB984] NDIS.sys[.reloc]

---- Processes - GMER 1.0.15 ----

Process hidden process (*** hidden *** ) 43716

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]_DLLs
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 61: mal... Read more

9 more replies
Relevance 52.89%

After doing a little digging, I've found people say that sending emails through web services such as yahoo or gmail generally is safe as far as keeping your personal info (IP address specifically) from being found by those you send them to. But twice now my computer has been compromised and it's files have been accessible to hackers, after nothing but email exchange.

I keep my computer and anti-virus/firewalls up to date, and work at an IT department so while I don't know everything, I'm experienced with computers.

I'm trying internet dating, but the problem is email contact is required a lot of the time, and both times I was hacked it was someone posing as a girl on a site (or they may have hacked the account of a girl on the site, either way). I will admit attachments were sent and received both times, but they were only picture files (.jpg, or .bmp), and even then I never opened any of them with a double click (most of the time I only looked at previews) so I wouldn't execute anything hidden. However, after the first time I was hacked I grew more cautious and checked attachments through my phone first, but still I was hacked a second time, months later.

Is it the attachments I'm being hacked through, or can it simply by only a message? Is there anyway to safely use email for internet dating, or should I avoid it altogether? Does checking with my phone even help?

Answer:Can I be hacked through simple emails?

Please have a read here: http://www.computerhope.com/issues/ch000573.htm

Many times simple looking attachments like .jpg or .png can contain a .exe at the end of it. If you do not have view file extensions checked you will not see the extra one and execute malware.

4 more replies
Relevance 52.48%

Hi, I'm posting on behalf of my sister looking for some advice please.She has a hotmail email address and today an email was sent from her email address to 8 email addresses from her contacts (she has 26 contacts)The subject line was a jumble of letters and numbers and all the email contained was a link to a viagra website.She only knows this happened because one of the people it went to rang her to query it and 3 of the emails bounced back to her as "failed to deliver".No-one else has access to her computer (its her home computer and runs on Vista, with AVG free and various anti spyware programmes installed)She is currently running scans with her anti virus and anti spyware, so far nothing is showing up.Is she safe to still use this email address, what should she do?Many thanks in advance.

Answer:hotmail emails possibly hacked?

HiThis is fairly common with hotmail accounts. I don't know how they do it but spammers seem to get into hotmail accounts and use them to spread these links. This has happened to a number of folk I know over the months.If you get your sister to change her password that tends to sort it out. It has in the past for folk who have experienced this.

2 more replies
Relevance 52.48%

I have changed my password many times. I use outlook.com for email. I use a 2 step security for protection. My 2nd step it send a password to my phone so I can get into my email.They are still getting into by passing my security protection. I only have 6 people in my address book. My husband is 1 of them and he is not getting any emails from me. They are just sending them to me.
 

Answer:Email has been hacked. Someone is sending emails to me from me.

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

22 more replies
Relevance 51.66%

Hello,
My gmail was hacked yesterday and a lot of emails were sent out in the space of half an hour (I found out it had happened when I checked my mail during that half hour) which were all - it appears - returned as spam. The person changed the sender name when he sent them out. I managed to change my security, making it much tighter, but I am somewhat paranoid about the mails (which looked to be encrypted to me, but not sure) to to nearly two thousand email addresses ending in .ru.
I considered that my email password was strong, but someone still managed to get in.
My big worry is that information about my credit card accounts, etc., was gathered, though there were no passwords or anything like that in my email account. I am in the process of changing passwords all over the place. Just very paranoid, and such a horrible feeling of someone getting into my account. Paranoid about all the encryption too.
Any suggestions as to what I should still do which I have not yet done (I have removed all the strange contacts, done two-step notification passwords, made a new account for banking only, told friends not to click on any strange links from me, and that's about it) will be much appreciated.
StarGazers

Answer:Gmail hacked - over 1800 emails sent out to Russia

I would do some general scans, and post a HJT log etc to the malware removal forum to check if you're infected with some kind of RAT / Keylogger. Change all passwords from a DIFFERENT computer if possible, try to make sure it's clean. Other than this I can't think of anything else you can do. Your mail was used to send emails that could be used for any purpose. I'd also create a new mail account, just incase.
 
- Agglomerate

1 more replies
Relevance 51.25%

 
Slack Technologies sure is making headlines. The San Francisco maker of an online workplace collaboration tool -- which has drawn attention over its $2.76 billion market valuation -- revealed a major hack of its user database Friday, releasing email addresses and potentially phone numbers of its 500,000 users.
Slack reported that hackers infiltrated its central user database, which includes email addresses and anything else added to users’ profiles, such as phone numbers or Skype IDs. Passwords, however, are encrypted in the database.
The hack reportedly took place over four days in February. Slack did not notify all users until publishing a blog post Friday morning and later emailing all users.

http://www.ibtimes.com/slack-hacked-leaving-500000-user-emails-exposed-1862146

More replies
Relevance 50.84%

I found and removed a rootkit about 2 weeks ago and everything was back to normal and BAM last week my computer is slow again the browser is slow and im recieving emails from my accounts (boost mobile, yahoo, gmail) saying "my account password has been used to access account" and "account has been compromised please change password".  Now I cant find any malware of anykind and the problems im experiencing or worse. 
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16545  BrowserJavaVersion: 10.55.2
Run by Ryan at 21:21:58 on 2014-06-01
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1015.67 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpy... Read more

Answer:Slow p.c and browser/ hacked emails/ internet connection problems

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The... Read more

10 more replies
Relevance 50.43%

I can't get into my emails. Keeps asking me for password but won't accept it. You have to check for security reasons the password every now and again but I can't get into my emails on mine WHY?You have sent me a email but I can't read it as I can't sign in as I already explained.message edited by urmanou97yahoo.co.uk

Answer:I have stated my problem 3 times I CAN'T GET INTO MY EMAILS

No one here can help you, you need to contact Yahoo. See if the following is off any use:http://help.yahoo.com/kb/index?page...

4 more replies
Relevance 50.43%

I have asked for help from Orcon my provider. They maintain it is not their problem.The email bombs out and does not send attachement greater than approx 600 K .Short email are no problem.

Answer:sending emails through ORCON times out

I dont use thunderbird, but here is some guidance on how to modify the connection timeout settings:Increase mailnews.tcptimeout from its default value of 60 seconds to 300 seconds using Tools -> Options -> Advanced -> General -> Connection timeout. This preference is only available in 1.5 or later. (In 3.x versions the setting is accessible only through the Config Editor - Tools->Options->Advanced->General->Config Editor.) ...Click on the Config Editor button in Tools -> Options -> Advanced -> GeneralType mailnews.tcptimeout at Filter:It should list the settings just for mailnews.tcptimeout.Look in the Value column and double click on that number. What is the number?It should display a "Enter Integer value" window .Change the number to at least 300 and press the OK buttonVerify the new value is listed in the Value column. The Status column should also change from "default" to "user set". Test thunderbird with your attachment again. www.standby-it.com

10 more replies
Relevance 50.43%

I am using windows 10 and incredimail 2.5 and for the last week it has been sending the same block of emails over and over again for that same day. Does anyone know what maybe wrong?
 

More replies
Relevance 50.43%

I have a problem when sending emails with attachments that are over 1mb. The emails are sent several times over and over again. The email remains in the Outgoing Mail file and keeps sending it. I am using Microsoft Outlook 2007. Does anyone have any suggestions? This is very strange since this happens only with file attachments that are 1mb and over.

Thanks.
 

More replies
Relevance 50.43%

Not sure where I should post this - Security or Web & Email?

I have removed over 300 blank emails several times. They return in a day or two. They have date stamps all over the place and some are shown as read and others not. They are completely blank - No To, or From, or Subject or body text. I completely remove them using the Shift key but they (or others) return. I'm using XP and Outlook 2003 (not Outlook Express) and it only happens in my Hotmail inbox account.

Has anyone else experienced this?

Should I be concerned?
 

More replies
Relevance 50.43%

My clock is correct on my computer and when I send mail to myself it is correct. But in my mail to others it is always wrong. This is on my isp and webbased mail. What can I do? I have been online and sent mail and got it straight back and can see it for myself as well as hearing from people asking me what is wrong with my clock.
 

Answer:wrong date and times on Emails

8 more replies
Relevance 50.02%

Well im not exactly new here but its been forever since ive been on this site, im here because I have a very annoying issue that I need fixed
I have yahoo, and I have msn
Both messenging programs
I use them both
Some how My Ex has managed to figure out a way to kick me off my messenger while im on it, and take it over and talk to whoever I was talking to. This has been messing up Buisiness deals, and my current relationship. I have created new messenger accounts and changed passwords and nothing solves the problem. My ex still manages to do the same thing. She also managed to do this to my Fiance's computer, and every account my fiance uses, she is trying to break my fiance and I up. I dont understand how a girl half way across the united states is able to hack both my msn messenger and yahoo messenger, and my fiance's can anyone help me to solve this problem? I dont know all of my ex's accounts, I dont know how shes even doing this. I build computers and I program, Ive used some pretty weird and devius programs before, but ive never seen a way to hack two different messenger systems, and two different computers, and take over the messengers and kick the origional user off without leaving a trace. How can I stop this Any Help would be greatly appreciated!!!!!!!!!
 

Answer:Multiple Messengers Hacked..HELP!!!!!!!!

This isn't my area of expertise, but I believe that, since most messenging software (MSN definatley included) only allow you to log in on one computer at once, simply logging in on another computer with your account would both kick you off and allow someone to continue a conversation you were involved in. If you immediately log back into MSN, do you sign in OK?

The real question is how your msn accounts and passwords are getting found out. Hopefully someone can give you some ideas for this.
 

45 more replies
Relevance 50.02%

Not sure where I should post this - Security or Web & Email?

I have removed over 300 blank emails several times. They return in a day or two. They have date stamps all over the place and some are shown as read and others not. They are completely blank - No To, or From, or Subject or body text. I completely remove them using the Shift key but they (or others) return. I'm using XP and Outlook 2003 (not Outlook Express) and it only happens in my Hotmail inbox account.

Has anyone else experienced this?

Should I be concerned?

(I moved this from Malware Removal Forum)
 

Answer:Solved: I am receiving over 300 blank emails several times...

8 more replies
Relevance 49.61%

Hi Everyone, I would like to share this HijackThis and an MBAM log to see if there is anything pernicious there. My pc was hacked and my email, game accounts were all violated. I took the following steps prior to aquiring the HijackThis log which were:
1- Used ATF Cleaner, 2-Ran Ad-Aware, 3-Spybot Search+ Destroy,
4- Mbam 5-full virus scan (Norton).
Thanks in advance for any advise
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:13, on 22/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Users\Med\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\w... Read more

More replies
Relevance 49.2%

Hello there
I am having major issues at the moment and have been trying to fix this for the past couple of months.
my primary laptop a Tobisha was playing up a while ago when I plugged my apple iphone into it and was transferring photo's, it was taking ages to respond and then came up with error corrupt image.
I tried again and it said the file was already there and if i would like to replace it? I saw the file size and it was 100 X bigger than all the others.
I got a little concerned and downloaded malwarebites to scan my computer (I had avg already installed and nortorns).
as time went on and a little bit of research online and fiddling about, the virus was not budging and had locked me out of admin rights.
I tried take ownership, downloading various programs to run and it kept overtaking the programs until i couldn't delete any files anymore.
I found an old laptop dell and tried to fix that one up (as that too had a virus)
I ran malwarebites on it and it removed somethings and i was able to get it going.
I was using an exeternal hard drive to back up my files from the tobisha and wanted to transfer them to the dell
when i noticed i lost admin rights on the dell also.
at this point too I was having strange things happen to my iphone, background app transfers and greyed out features with location services always on.
I tried deleting a heap of things on the dell after running some programs, it seems it now had the same thing as the other laptop.
I gave up trying to fix anythi... Read more

More replies
Relevance 48.79%

Hi

How do I get Outlook2003 to display emails (when viewing not editing) in Arial and not in Times New Roman?

I have tried *everything* !! And am getting DESPERATE.

I have tried setting internet explorer 8 (I tried MSIE 9 too out of desperation but have now uninstalled it) MSIE8 > Tools > Internet Options > Fonts > Latin Based > WebPage Font = Arial

I have also tried Outlook2003 > Tools > Options > Mail Format > Message format >
Word 2003 to Edit email messages
...But this Word2003 is not used when just VIEWing an email.

I have also tried Outlook2003 > Tools > Options > Mail Format > Stationery and Fonts > Use this stationery by default > None

AND I have also tried Outlook2003 > Tools > Options > Mail Format > Stationery and Fonts > Use this stationery by default > Johns_Stationery
(I specially set up Johns_Stationery with Arial, 11pt in use)
...but this makes no difference to viewing an email.

I have also tried Outlook2003 > Tools > Options > Mail Format > Stationery and Fonts > Use this stationery by default > Fonts > When composing a new message > Arial, regular 11 points

AND

I have also tried Outlook2003 > Tools > Options > Mail Format > Stationery and Fonts > Use this stationery by default > Fonts > When replying and forwarding > Arial, regular 11 points

AND

I have also tried Outlook2003 > Tools > Options > Mail Format > Stati... Read more

Answer:Outlook 2003 - how the HECK can I view my emails in Arial (not Times)?

Default font in Outlook 2003 should be Courier New, and NOT Times New Roman.

What do you have in MSIE8 > Tools > Internet Options > Fonts > Latin Based > Plain text Font ?
Try to change it too.

9 more replies
Relevance 48.38%

Hi,

Consider I have a raw (unused) CD/DVD. I want to burn some data in it. My data only gets about 20% of the capacity of that CD or DVD. Maybe some time in future I want to add some more data on that. How can I burn that primary data to that CD to be able to add more in future?
Is it possible to do that work with only Windows built-in apps or I should surely use some other apps like Nero?

My machine: Windows 7 Ultimate 32-bit

Answer:How to burn a CD/DVD multiple times?

Hey Kurdman,

Hope this answer your question.

How to Burn More Than Once to DVD R: 5 Steps - wikiHow

4 more replies
Relevance 48.38%

Hi,
Consider I have a raw (unused) CD/DVD. I want to burn some data in it. My data only gets about 20% of the capacity of that CD or DVD. Maybe some time in future I want to add some more data on that. How can I burn that primary data to that CD to be able to add more in future?
Is it possible to do that work with only Windows built-in apps or I should surely use some other apps like Nero?
My machine: Windows 7 Ultimate 32-bit
 

Answer:How to burn a CD/DVD multiple times?

Yes, it is possible with the built in stuff in Windows. When you insert a blank disc it asks if you want to use it like a USB drive or like ... something else, I forget right now and I'm not on a Windows machine. Choose USB.

If you don't get that message, then you'll need to reset the actions or whatever happens when you insert a blank cd/dvd.

Sorry I don't have the specific details, hopefully someone else will chime in with those. But, if you haven't told windows to not prompt you when you insert a blank disc then it will give you that option (to choose use like a USB) and that is what you want to pick.
 

3 more replies
Relevance 48.38%

Hello, I am getting BSOD multiple times during a day for last 2 weeks, especially when i start my pc. I was using Windows 8.1 x64 when this problem started. Today I did format my drive and installed Windows 7 Ultimate x64. BSOD is still happening.

I converted my dumpfile to logfile using this method. If i did something wrong or you need something different please ask me and i will upload it.

PS: This dumpfile is 1 day old. Last time i get BSOD my pc froze during blue screen so i restarted my pc and there was no dumpfile.

Sorry for my bad English. Thanks.

Attachment 301299

Answer:BSOD multiple times during day

Files from SF Diagnostic Tool
Attachment 301305

9 more replies
Relevance 48.38%

Hi. Kind new here but something has come up for me. which annoys me a little bit. So for the past few months i would get a BSOD very randomly when i watch videos Then when I get a new graphics card which was 6 days ago it BSOD me 5 times with in the period so i don't know if it has to do with my new graphics card or something else.

The latest BSOD give me this

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF96000174283
BCP3: FFFFF88006C5E030
BCP4: 0000000000000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Answer:BSOD Multiple times

I was looking at the the things it seems to be a driver problem but not 100% sure

2 more replies
Relevance 48.38%

Hi, I would really be grateful for some help please as my computer is repeatedly crashing and sometimes freezing. I have scanned it with malwarebytes and also Kaspersky but no viruses are shown.
Really hope that you can help me as finding it difficult to work, not knowing when it is going to happen!
Thanks



OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz, Intel64 Family 6 Model 15 Stepping 11
Processor Count: 4
RAM: 8190 Mb
Graphics Card: NVIDIA GeForce GTX 470, 1280 Mb
Hard Drives: C: Total - 953866 MB, Free - 805627 MB; D: Total - 238472 MB, Free - 32723 MB; E: Total - 476937 MB, Free - 62833 MB; F: Total - 238371 MB, Free - 166083 MB;
Motherboard: ASUSTeK Computer INC., P5N32-E SLI PLUS
Antivirus: Kaspersky Internet Security, Updated and Enabled

BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF80002E68786
BCP3: FFFFF88009B8DBA0
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Answer:BSOD Multiple Times Please Help!

Hi,

Please refer to the following and reply back accordingly with the required information - http://www.techsupportforum.com/foru...ta-452654.html

Regards,

Patrick

1 more replies
Relevance 48.38%

My custom built machine is about 9 months old. For the last 3 months or so it has been crashing multiple times per day (usually 1-2 per day). It doesn't usually crash for atleast 3-4 hours after the reboot. I can't find any thing to make it crash on demand and don't notice myself doing the same time each time it crashes. It seems pretty random.

I am running Windows 7 Ultimate 64bit. It is the full retail version and was the first OS installed on this hard drive.

I have attached the results of the BSOD Dump & System File Collection app and the system health alert.

Please let me know if you require additional information. Thanks!

Answer:BSOD multiple times per day

Hi.

Never dont use more than one system security in the same pc!

Remove Norton\symantec.

Remove PC Tools Security.

Remove LavasoftAd-Aware.

I dont know if i missed anything

Remove all antivirus and security suites.

They mess up your system.

Download,install and use only Microsoft Security Essentials with windows firewall.
Dont install anything else for the moment!!
Finish with these steps and post back.

9 more replies
Relevance 48.38%

I've gotten this BSOD about 5 times in the last week or so. I'm really getting worried and frustrated. The only thing I've changed on my computer recently, is I've upgraded my nVIDIA MX440 64mb PCI card to an ATI Radeon 9800pro 128mb AGP. I've run some of memtest86, and no errors were picked up. I will finish the entire test tonight (which test?) PLEASE HELP!!

Answer:BSOD - Multiple times! Getting very bad

That error was caused by your video card drivers.

Try updating them to the newest version. Ati Website

9 more replies
Relevance 48.38%

I just bought a new computer from iBuyPower.com and received it last week. The only thing I did was put in my 4k hard drive from my old computer with most of my files and games. I've been getting multiple BSOD the past few days. In the past 6 hours alone I've had 3, all with different codes. One was KMODE_EXCEPTION_NOT_HANDLED, another was SYSTEM SERVICE EXCEPTION, and another was SYSTEM THREAD EXCEPTION.

I have not done a whole lot of troubleshooting yet as I was hoping they would just stop but after three it's become obvious that this isn't going to just stop happening. I have all of the windows updates and my video card drivers are up to date as well. Two of the BSOD happened while playing two different games if that makes any difference. I tried to run the BSOD troubleshoot tool but it didn't find anything.

DESKTOP-EV2KRPM-Sat_04_15_2017_164447_39.zip

Answer:New PC, BSOD multiple times

I tried to run the BSOD troubleshoot tool but it didn't find anything.



Do you mean you tried to run dm_log_collector.exe? If not, please read and follow the instructions here: Blue Screen of Death (BSOD) Posting Instructions

If yes, exactly what did you do?

9 more replies
Relevance 48.38%

One of my users, when she opens Outlook, gets prompted and has to log in two or three times before it will open up.

She's using:
Windows XP
Outlook 2002: with an Exchange account

We use:
Exchange Server 2000 on Windows 2000 Server
Active Directory

All on the same subnet.

She's the only one experiencing this problem. Does this sound familiar to anyone?

Thanks
 

Answer:outlook, need to log in multiple times

Okay, I gave my user a brand-new, spare laptop to use while I took a look at hers...
As it turns out, she had the same problem on the spare laptop as well.

Messing around with it some more, I came across some more symptoms and possibly the cause, but not a solution yet...

She is a delegate for just about all of our resources, so whenever someone requests a particular conference room, projector, etc, she recieves and email and responds on behalf of the conference room or whatever.
But it seems that when she responds, Outlook hangs and hangs until she has to just kill Outlook.
I set myself up as a delegate of one of those same resources, and when it was my turn to respond, same thing...hang, hang, not responding, kill...

SO...It kinda looks like the problem is tied into the whole delegate setup. So an obvious quick fix is to drop the delegate roles. But I don't want to do that since it's a convenient little tool.

Does anybody know if there are any issues with assigning delegates?
She is the delegate for about 13 different resources, and hence, has all of those calendars listed in her folder list in Outlook.

Could it be just a simple matter of not assigning so many to one person, or is this pointing to something more sinister with the Exchange server?

Any thoughts are more than welcome.

Thank ye's...
 

1 more replies
Relevance 48.38%

Hello,

I bought my laptop less than a month ago and am dealing with multiple BSOD a day. Please help me manage this.

LOOKINGGLASS-Sat_04_04_2015_103216_86.zip

Answer:BSOD multiple times a day

Remove all AV software and uninstall Asus bloatware.


Code:
ASMMAP64.sys Thu Jul 2 11:13:26 2009 (4A4C7A36)
LENOVO ATK Hotkey ATK0101 ACPI UTILITY (also found in Asus systems)
http://www.carrona.org/drivers/driver.php?id=ASMMAP64.sys

atkwmiacpi64.sys Wed Sep 7 03:44:52 2011 (4E66CC94)
ATK WMIACPI Utility
http://www.carrona.org/drivers/driver.php?id=atkwmiacpi64.sys

AiCharger.sys Fri Sep 23 04:04:40 2011 (4E7BE938)
Asus Charger Driver [br] Likely BSOD cause - haven't seen recently (15Jan2013)
http://www.carrona.org/drivers/driver.php?id=AiCharger.sys

IntcDAud.sys Tue Jun 19 16:40:51 2012 (4FE08F73)
Intel Graphics Media Accelerator HD Driver
http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys

kbfiltr.sys Thu Aug 2 05:22:22 2012 (5019F26E)

kbfiltr.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.

iaStorA.sys Sun Sep 2 03:01:24 2012 (5042AFE4)
Intel RST (Rapid Storage Technology) driver
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys

FileMonitor.sys Fri Mar 1 03:45:06 2013 (51301632)
Component of IObit
http://www.carrona.org/drivers/driver.php?id=FileMonitor.sys

AsHIDSwitch64.sys Tue Aug 6 11:27:43 2013 (5200C18F)
HID driver for ASUS Wireless Radio Control
http://www.carrona.org/drivers/driver.php?id=AsHIDSwitch64.sys

intelppm.sys Thu Aug 22 10:46:35 2013 (5215CFEB)
Intel Processor driver
http://www.carrona.org/drivers/drive... Read more

1 more replies
Relevance 48.38%

Just recently (yesterday at about 5 ish) my mouse wasn't responding to my clicking. Occasionaly I only have to click once, but usually several times before anything occurs. My computer was on, then at one point it just didn't respond to clicking.

This happens in Firefox, Desktop, Virus Scan; basically everything.

I tried setting my computer back to Sunday, but nothin changed.

I plan on changing the mouse later, but I was just wondering if there were any solutions to this problem.

My computer is a Dell Dimension Desktop 4700 w/ a Dell optical mouse.
 

More replies
Relevance 48.38%

HiI guess I have been to a dodgy site as when I launch IE the browser trys to point to a web site "metadirect". The actual address appears to be a very long string of repeating the same address and causes IE to go nito some sort of loop. The addrress starts with a .dll file in by c/windows/system32 folder.It's not made itself my "home page" and this is still ok (from looking at tools / internet options). The origin seems to be in the system32 folder. I have both AVG and sygate installed so I'm not sure how this got its foot in the door - but its a pain. I run XP am writing this via another profile - as launching IE on the other profile is not possible due to the redirect.Any ideas what I should do to rid myself of this ?Any help appreciated.Chris

Answer:IE redirecting multiple times

metadirect is mentioned click here and click here , MS explanation on BHO`s click here and finally BHODemon from click here to help you get rid of it , read the page before running the program.

4 more replies
Relevance 48.38%

I have recently gotten the Blue Screen of Death Multiple Times in the past month. Usually it was probably once every 5 days and just today alone, i've gotten it 3 times. 2 times was from playing a movie using VLC Player and i received the STOP:0x0000008E Blue Screen of Death Later. I tried replaying the video and the same thing happened at the same part, same error. a couple hours later, i decided to play a video game and at first the game crashed then i restarted. As i started playing again, i got the Blue screen of death STOP: 0x00000050 error.

Answer:BSOD Multiple Times in 1 Day

Download BlueScreenView (in Zip file)No installation required.Unzip downloaded file and double click on BlueScreenView.exe file to run the program.When scanning is done, go Edit>Select All.Go File>Save Selected Items, and save the report as BSOD.txt.Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.===================================================Download System Information for Windows (SIW free version)No installation required.After it scans your computer, navigate to Hardware>Sensors and post all info from there.

2 more replies
Relevance 48.38%

My company has 10 licenses for XP/7/Server2008 etc,.

Can you use the same serial key 10x? or is it max 10 computers using the same key at any time?

How do they keep track? I was going to ask if I can use my company key at home (for virtual use).. also the company has "VIRTUAL" keys and "PHYSICAL" keys..I want to install 2 copies of virtual XP at home for work related testing..

Make sense?
 

Answer:How does using same key multiple times work?

6 more replies
Relevance 48.38%

Hi there,
I received a BSOD multiple Times and I don't know what cased it.
Can you please help me out?

Answer:BSOD Multiple Times

There is only one dump in your logs, that is showing a STOP 0x109 which denotes a Critical Structure Corruption.


Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 109, {a3a039d89d408697, b3b7465eefbec4f9, fffff8800336f640, 3}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
It's showing that there's corruption to the Global Descriptor Table which more than likely is down to a failing RAM module.


Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CRITICAL_STRUCTURE_CORRUPTION (109)
This bugcheck is generated when the kernel detects that critical kernel code or
data have been corrupted. There are generally three causes for a corruption:
1) A driver has inadvertently... Read more

9 more replies
Relevance 48.38%

Don't know why keep having BSOD

Answer:BSOD for multiple times

Hello HondoJames,

I took a look at your BSODs. They almost all referenced mfewfpk.sys which is the driver for McAfee.





1) uninstall McAfee
2) install MSE for the troubleshooting process
3) monitor for additional BSODS



remove the following programs until your BSODs are fixed:
avast!
COMODO
daemon tools
   Warning
Only have one antivirus running at the same time
Please look for updates for the following drivers:ASMMAP64.sys Thu Jul 02 05:13:26 2009
igdkmd64.sys Wed Sep 26 15:49:04 2012
nvlddmkm.sys Thu Jan 10 14:41:20 2013
most recent memory dump

Code:
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000158, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff88001f9f744, address which referenced memory
Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80156759168
GetUlongFromAddress: unable to read from fffff801567591f8
0000000000000158 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
tcpip!WfpProcessOutTransportStackIndication+e3684
fffff880`01f9f744 f0ff8058010000 lock inc dword ptr [rax+158h]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKE... Read more

1 more replies
Relevance 48.38%

Computer has bsod mutiple times per day now; it used to just become unresponsive with a black screen when left on overnight and i had to reboot. NOw, while working, its giving me bsod.

greately appreciate any help from the members.
thankyou

Answer:bsod multiple times per day;

Wow - Fix your start-up items please!


Code:
RoboForm "c:\program files (x86)\siber systems\ai roboform\robotaskbaricon.exe" NT AUTHORITY\SYSTEM HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Backblaze "c:\program files (x86)\backblaze\bzbui.exe" -quiet NT AUTHORITY\SYSTEM HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sidebar %programfiles%\windows sidebar\sidebar.exe /autorun NT AUTHORITY\LOCAL SERVICE HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sidebar %programfiles%\windows sidebar\sidebar.exe /autorun NT AUTHORITY\NETWORK SERVICE HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RoboForm "c:\program files (x86)\siber systems\ai roboform\robotaskbaricon.exe" XPS8300\kambiz HKU\S-1-5-21-3132194288-2979328837-1521389650-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
swg "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe" XPS8300\kambiz HKU\S-1-5-21-3132194288-2979328837-1521389650-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Speaking Clock Lite c:\program files (x86)\speaking clock\spclock.exe XPS8300\kambiz HKU\S-1-5-21-3132194288-2979328837-1521389650-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IBWin Monitor "c:\ibackup for windows\ibmonitor.exe" min XPS8300\kambiz HKU\S-1-5-21-3132194288-2979328837-1521389650-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
IBWin Background process "c:\ibackup for windows\iba... Read more

1 more replies
Relevance 48.38%

if i have a case studyif b stands for buy is inputted, then the stock will increase, and the money will decreaseif b stands for buy is inputted, and if c stand for clothing is inputted, then the clothing stock will increase, and the money will decreasedo you have any reccommendation?thx guys

Answer:using if function multiple times

Do you think you have provided enough information for us to help you? have a think about it... what are you actually trying to achieve, and what language, what application?????

2 more replies
Relevance 48.38%

Hello,
im getting BSOD every day for a long period of time.

im getting tired of all this can someone please help me,

thanks,
Baran

Answer:BSOD every day, sometimes multiple times a day.

Please use the BSOD posting instruction to provide the Dumpfile BSOD - Posting Instructions - Windows 10 Forums

9 more replies
Relevance 48.38%

Hi

I am getting the BSOD multiple times a day, they seem to randomly occur and I am not sure of what is causing this. I have attached the dump file to be looked at.

Thanks

Answer:BSOD Multiple times in a day

Hiya and welcome to SevenForums!

Code:
BugCheck F4, {3, fffffa8007e98b10, fffffa8007e98df0, fffff80003389e20}

Probably caused by : wininit.exe
This is an 0xF4. This could mean that there's a virus, a failing harddrive, failing RAM stick/s. Run SeaTools(DO NOT RUN FOR SSDS) SeaTools for DOS and Windows - How to Use Also run MemTest86+ for 8 passes. It must be MemTest86+. RAM - Test with Memtest86+ Scan your computer for viruses using Malwarebytes. Malwarebytes Anti-Malware Free

1 more replies
Relevance 48.38%

Alright, I have avast! anti virus and once I was infected by multiple svchost.exe trojans, I did a boot scan to get rid of them once and for all. I went to sleep while the scan was on, and the next morning when I booted my computer up, avast! found several viruses in my computer; but thankfully avast! stopped them. I'd like to solve what is allowing the viruses to be implemented onto my computer without any doing of mine.
PS: When I was browsing the web, my browser kept redirecting me to sites I would never normally be directed to. Also, when I tried booting in safemode, I got a BSOD on all 3 safemode modes.
DDS:

DDS (Ver_09-12-01.01) - NTFSx86
Run by eric at 15:09:18.17 on Mon 12/07/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3582.3004 [GMT -5:00]

AV: avast! antivirus 4.8.1335 [VPS 091207-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\FastNetSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nT... Read more

Answer:Infected multiple times

Howdy there and welcome to TSF Forums

I'm Steve and I will be helping you throughout this fix.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step. Please perform everything in the correct order/sequence.

Vista users please make sure you all run commands with administrator rights (right click icon - run as administrator)

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription

Please note that the forum is very busy and if I don't hear from you within three days from this initial posting then the thread will be closed.

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

17 more replies
Relevance 48.38%

I just set up a time for every morning that my child can sign on. I would also like to set up a time for every evening. Is it possible to have 2 times during 1 day? Thanks.

More replies
Relevance 48.38%

Hello there. I've just reformatted my computer, the (mostly) bi-annual reformat, and things are running great...

I edit video with Adobe Premiere Pro 1.5, when I try to preview the video in the editor after the computer has been on for a few hours, I will almost ALWAYS get the BSoD. I've no idea why, or how. I've tried looking at windbg, and I found the culprit to be "USBPORT.SYS". I'll attach my latest minidumps in .RAR format, as well as the LATEST minidump from windbg in [code] format.

NOTE: I don't know what I'm doing when it comes to these minidump things, I've just read up on them today. I'm not taking any "evasive" action at this moment, waiting for a pro to help me out, if they can. Hope I've attached what you have needed and the likes.

EDIT: Windows XP Home (SP3), 1GB RAM, Pentium 4 3.2GHz processor.


Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 100000D1, {ae40d365, 2, 0, ae40d365}

Probably caused by : USBPORT.SYS ( USBPORT!USBPORT_CompleteTransfer+373 )

Followup: MachineOwner
---------

... Read more

Answer:BSoD multiple times per day.

I would run System file Checker, put your XP disc in the tray, then open a command prompt (Start > Run > cmd.exe) at the prompt type sfc /scannow

14 more replies
Relevance 48.38%

I have not got Windows 7 Yet but I plan too. I change computer parts (HDD and Main bord) If i buy the full version of windows 7 ultimate will I be able to install it mulitable time on the same computer? I will be buying the full verson.

Answer:Can I install Win 7 multiple times on same PC

Go to the link below.No you can't install any version of Windows on multiple computers. One license/ one computer.http://www.microsoft.com/Windows/wi...

18 more replies
Relevance 47.97%

So I'm visiting some family out in the boondocks, and I started having problems on my android phone (Galaxy note 3). Browser redirects and popups all relating to various scareware of the "Your phone has 4 viruses!" variety. In addition, facebook of all things is suddenly completely blocked. I didn't think much of it until I realized the same thing was going on with my laptop as well (windows 7). Can't access facebook, and I get random popups and redirects, this time trying to get me to download some obscure media player.
The popups and redirects on the phone occur in both the stock samsung browser, chrome, and firefox (which I downloaded). On the laptop they occur in both firefox and chrome, though less frequently.
 
I've scanned the phone with lookout and found nothing. I've cleared caches and cookies and tried everything short of a factory reset. I've also looked at running processes and found nothing that shouldn't be there.
The laptop I've run spybot and comodo on, and again have found nothing. The inability to access facebook seemed like an odd coincidence, so I tried a trace route and found it times out after reaching the local ISP. That's the only site that I can't access, so perhaps it's been intentionally blocked for whatever reason?
Anyways, I've fought with malware before, but never seen anything quite like this. I don't know if the facebook thing has any relationship to the scareware stuff, but between that and the problems occurring on multiple platforms mak... Read more

More replies
Relevance 47.97%

Hello ! In the past 2 months I have been getting BSOD SYSTEM_SERVICE_EXCEPTION on different occasions.I have this computer for 2 years.At first I would get the error rarely but lately the problem seems to occur often.It seems to occur when using different programs.Today I got it 3 times when using fruity loops.The program would freeze while i was working on my music(not every time),and while trying to close it BSOD pops up.This didn't happen only when I was using fruity loops.Sorry if my English is bad,it's not my native language.

Windows 7 Ultimate x64 full retail
hardware age - 2 years
OS - reinstalled it today

I included the kernel memory dump and system health report in the attachment.If any additional information is required please tell me.
Please help,and thank you in advance.

Answer:BSOD SYSTEM_SERVICE_EXCEPTION multiple times

  
Quote: Originally Posted by bizzysgs


Hello ! In the past 2 months I have been getting BSOD SYSTEM_SERVICE_EXCEPTION on different occasions.I have this computer for 2 years.At first I would get the error rarely but lately the problem seems to occur often.It seems to occur when using different programs.Today I got it 3 times when using fruity loops.The program would freeze while i was working on my music(not every time),and while trying to close it BSOD pops up.This didn't happen only when I was using fruity loops.Sorry if my English is bad,it's not my native language.

Windows 7 Ultimate x64 full retail
hardware age - 2 years
OS - reinstalled it today

I included the kernel memory dump and system health report in the attachment.If any additional information is required please tell me.
Please help,and thank you in advance.


Related to emusba10.sys USB-Audio 1.0 Driver from E-MU Systems. I would update with newest.

9 more replies
Relevance 47.97%

Hi, I would really be grateful for some help please as my computer is repeatedly crashing and sometimes freezing. I have scanned it with malwarebytes and also Kaspersky but no viruses are shown.
Really hope that you can help me as finding it difficult to work, not knowing when it is going to happen!
Thanks Jean
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz, Intel64 Family 6 Model 15 Stepping 11
Processor Count: 4
RAM: 8190 Mb
Graphics Card: NVIDIA GeForce GTX 470, 1280 Mb
Hard Drives: C: Total - 953866 MB, Free - 805627 MB; D: Total - 238472 MB, Free - 32723 MB; E: Total - 476937 MB, Free - 62833 MB; F: Total - 238371 MB, Free - 166083 MB;
Motherboard: ASUSTeK Computer INC., P5N32-E SLI PLUS
Antivirus: Kaspersky Internet Security, Updated and Enabled
 

Answer:Computer Crashing Multiple Times! Help Please

7 more replies
Relevance 47.97%

I am running XP service pack 1 with 1 gig of ram and a 2.8 ghz processor.The problem I am having occurs after the cpu has been on for a good amount of time.The next day I start it up and it sounds like it's struggling.I hear a loud vibrating noise coming from inside the cpu.So I have to restart the CPU and each time the noise gets lower until it finally goes away after the 3rd restart

Some more important details is I recently turned off the page file.And when the page file was on, what would happen is the cpu would crash and I would get the blue screen,but no struggling noise.And it would happen more frequently,The cpu runs 10x better without the pagefile except for this problem.But I am concerned it will damage my cpu.Can anyone give there suggestion? is it bad memory?
 

Answer:Have to Restart CPU multiple times on first start of the day

also my install of xp wasn't a clean one.There is an option to save your harddisk and install xp,so thats what I did
 

3 more replies
Relevance 47.97%

Ever since I have bought this computer, it has constantly crashed. When I attempt to fix something, for example: re-seat the memory, made sure there was plenty of cable slack, etc. The system will then seem stable for 7-10 days. Then out of the blue, the system will crash several times in a short time (sometimes this period can be a few hours or a few days). Even though it has constantly crashed (in the hundreds of times) I would say I have actually witnessed it less than 10 times. There was one time though the system had crashed, rebooted, and then even crashed again before I even had a chance to log in.

The file included is from the last 2 months and it has 30 files. This appears to be a rather large number, this is nothing compared to what it used to be like when I first purchased this system a year ago.

Specs:
HP Envy 700
32 GB
i5-4430 3.0 (4 core)
Windows 8.1
DirectX 11
Graphics - Intel HD Graphics 4600

Antivirus - Symantec End Point
Malware Protection - Spy bot Search and Destroy

Heavy used applications:
GNS3
PhotoShop CS5

Thanks for any and all help
Stephen

Here is the attachment.

Answer:BSOD at random times with multiple different

Most BSOD's were caused by Memory Corruption, ie. one of your Memory Stick might be bad. Please
download and run the memory test: Memtest86+ - Advanced Memory Diagnostic Tool
You'll need to run the test for at least 6 passes and it will take a while to complete unless the test fails earlier.

In addition, temporarily uninstall all anti virus programs since they are known to also cause the BSOD.

4 more replies
Relevance 47.97%

I have 2 users on Windows 7 Pro that when logging in, they presented with their user icon and the other user icon. They select their icon and input their password.  Next, it goes back to the screen with the 2 icons. They do this several times and
get the same results. Sometimes the loop is broken by using the on-screen keyboard or by trying the "other user" icon and logging in with their username and password.  The users are getting frustrated
and I cannot easily identify anything in the computer logs.  They are using the correct password.  The accounts never get locked.  Has anyone witnessed this?

More replies
Relevance 47.97%

so i built this pc about a month ago, and for like 3-5 days, ive noticed that my pc was really slow during the startup, but today, its slow pretty much all the time, but on startup, its still the worst. Today is the first time i got a blue screen, i couldnt check the error message since it went by too fast. but since then, i crashed 2 other times and the 3rd one i saw something about the memory.

here are my specs:
MSI 660ti with the latest WHQL drivers
i5 3570k
g.skill ripjaws X 8gb ddr3 1600MHz
Asus p8z77-v lk motherboard with the latest bios (installed today)
corsair TX650 PSU
samsung spinpoint F3 1tb hard drive (i also have another 500gb hdd to record and a external 1tb hdd for backups)

Speccy says my ram is running around 800MHz instead of 1600MHz, even when i manually change it in the bios.

so heres everything i did:
- i ran memtest86 (no problems detected)
- flashing the bios to the newest version (changed nothing)
- i ran a full scan with malwarebytes (detected nothing)
- i ran an hard drive benchmark with Dxtory (speed is normal)(idk of any other program with a hard drive benchmark)
- i cleaned with ccleaner (changed nothing)
- i changed my performance settings in the bios by the default overclock (note: temperatures were always stable) to the default "normal" mode (changed nothing)

steam takes ages to load, malwarebytes was randomly freezing for like 1-2 mins then resuming the scan, my pc sometimes freezes during 2 secs every 5-10 secs during like 10-30... Read more

Answer:new PC really slow and BSOD multiple times

when i tried with the first ram stick, i got an error pop up and it restarted. i turned the pc off and tried with the 2nd stick, i got this message telling me they couldnt read the files on my hdd so i think it converted them.

results: firefox is completly broken, i uninstalled it, but it wont let me download it from ANY website. i tried downloading something else and it worked so it seems the problem is only with firefox.

i also forgot to say: on the boot up, my desktop is normal, but then my task bar and everything changes from the transparent theme to the ram-saving theme and after a few minutes it comes back to the transparent theme

edit: i just tried running speccy, and it seems it is broken too since for the cpu, ram, motherboard, graphics and hard drives, it tells me "cannot load SPC DLL". i cant redownload it either

edit2: i tried download with internet explorer and it gave me this error... "the structure of the disc is unreadable"

*** am i supposed to do now? im getting pretty depressed. ive been trying to fix it for the whole day now...

6 more replies
Relevance 47.97%

I started experiencing BSOD crashes with an error indicating IRQL_NOT_LESS_OR_EQUAL multiple times while trying to download a patch for Neverwinter Online. This occurs whether I am trying to access the game through Steam or Arc. The program/system identified was always netio.sys.
 
However, today, I experienced something different. I was doing some online banking and I received the BSOD. It happened so fast and unexpectedly that I didn’t see the error message but I did notice that it did not identify the program/system. This was the first time I got a BSOD when not in a game.
 
The only action I have taken was to check to see if my drivers were up to date and they were.

Answer:Experiencing BSOD multiple times

Do you have a Logitech mouse or key board?

14 more replies
Relevance 47.97%

Hello all, I'll try to get all my stats out first:

-purchased a Compaq about 3.5 years ago that was running VISTA
-When Win7 came out, I formatted hard drive and installed Windows 7
-Have installed ALL critical updates. One optional update has not played nicely with my wireless networking device -- made it keep uninstalling -- so I backed that one out.

BSOD will come when using chrome.exe, zune.exe, and also whenever a commercial comes on Hulu - Watch your favorites. Anytime. For free. (only when a commercial plays, oddly, though) and others programs/instances I haven't Identified, probably.

I uninstalled Zune and re-downloaded to ensure that it was up to date, installed the most recent Zune/Win7 update as well. Still BSOD happens just when running zune software -- the device isn't even plugged in. BSOD with chrome.exe happens infrequently, but it has happened.

So I downloaded MemTest and ran for 7 passes -- zero errors.

I tried to post my minidump (.dmp) files here but the server said they were invalid. They are available on SkyDrive here:

public uploads - Windows Live


If anyone can view and/or recommend more to fix I would appreciate it.

matt

Answer:BSOD multiple times daily

please read this instructions:

http://www.sevenforums.com/crashes-d...tructions.html

4 more replies
Relevance 47.97%

Hi. My wife's old PC (Windows xP) is slow and has been infected numerous times over the past year or so. I've cleaned it up as best I can but I am quite sure it is very, very messy. Any help to get things running faster would be so appreciated.
The DDS.txt log is below and the Attach.txt log is attached. Thank you for your help.
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_35
Run by Terri at 21:14:58 on 2014-03-08
#Option MBR scan  is disabled.
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1031 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HitmanPro\hmpsched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Fi... Read more

Answer:Slow, Old PC Infected Multiple Times

Hello tntnb,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***1. Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***2. Download OTL to your desktop.Double click on the icon to run it.Vista / Windows 7/8 users right-click and select Run As Administrator.Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Check the boxes beside LOP Check and Purity Check.Cli... Read more

33 more replies
Relevance 47.97%

I posted a couple days ago about this problem:http://www.bleepingcomputer.com/forums/t/198961/slow-connection-ie-crashes/I was told there was no sign of malware and the post was moved to a different forum.Now the browser opens by its self so I'm convinced it is malware. Please check out the picture below:http://img99.imageshack.us/img99/4951/captureop4.jpgThanks for any help, Debo

Answer:Browser opens by its self multiple times

Update

Now my keyboard keys are switched around slightly OFF AND on <--- SEe

Ran full system scan using kaspersky online scanner 7.0

5 more replies
Relevance 47.97%

Hello everyone,I came here to ask you for some help. First of all, I would like to state that I am from Czech Republic and I have already made few topics on different forums in our country with the problem that I am facing and yet, there is no solution for it.Let's get started. Here is my build.Code: [Select]OS Version: Microsoft Windows 7 Ultimate, 64 bit
Processor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz, Intel64 Family 6 Model 26 Stepping 5
Processor Count: 8
RAM: 6135 Mb
Graphics Card: AMD Radeon R9 200 Series, -1 Mb
Hard Drives: C: Total - 953866 MB, Free - 707425 MB;
Motherboard: MSI, MSI X58 Pro-E (MS-7522)
Antivirus: NoneI just made a clean install of Windows to get rid of everything and to start from scratch. Because I just bought that Radeon R9 recently.Now, what is my problem. As I said, I just bought that R9 recently, mounted it, installed drivers and everything was just about fine. For like a week maybe. Then my desktop began to give me BSODs randomly. But it also denied to save the minidump or memory of the BSOD for me. But I managed to catch the code of the BSOD which is:Code: [Select]0xA0000001
0x00000005
0x00000000
0x00000000
0x00000000After few days the BSODding was gone. But instead of BSODding, my desktop is now giving me blackouts. I thought that its the PSU, but guys on few forums told me that it is not (?). I got 800W PSU.I am just sitting here all nervous already, because I really have no idea what to do ... Read more

Answer:Desktop blackouts multiple times a day.

Have you tried running the system without the R9 video card that was recently introduced to see if it behaves on its own without this video card. If you had a prior video card in this system that was healthy then install that back to this computer otherwise run on integrated video if that is available.If the problem remains then we know its not video card related. If it goes away then its either video card or power supply.

9 more replies
Relevance 47.97%

Hello, I've tried to go into as much detail as I can below. I'm not sure on some specs and the age of my system, sorry.

BSOD 1: A few months ago I started getting a BSOD everytime I tried to connect an external monitor to my laptop, I don't know what the actual error message was as I stopped using an external monitor and completely forgot about it until this forum reminded me. I do recall it started happening after installing some windows updates. Sorry I can't be anymore detailed than that.

BSOD 2: Recently I started getting multiple BUGCODE_USB_DRIVER BSOD's whilst cleaning my laptop for malware etc. I don't know if it was a coincidence that they started happening at that time, but I never had them prior to running any of the scans in the Virus/Trojan/Spyware forum. I have finished cleaning up the malware now (thanks to the help of the other forum) and there doesn't appear to be any remaining malware left on my laptop.

My built in webcam kept crashing not too long ago (it's been on the blink for a while but i've never really used it) I disabled it, but I've bluescreened since with the same error. It's listed as a USB device, so I wonder if that could have something to do with it.

BSOD 3: DRIVER IRQL.. (I didn't catch the rest) it only happened once at the same time I started getting the bugcode BSODs, I haven't had one since.

? OS - Vista/ Windows 7 ?
- Windows 7
? x86 (32-bit) or x64 ?
-x64
? What was original installed OS on system?
-Windows 7
? Is ... Read more

Answer:BSOD almost everyday, sometimes multiple times a day..

Hello,


Try checking the ASUS Support site for an update for the Elantech touchpad.

Try with an external mouse connected disabling the touchpad to see if you still get the BSOD's


Code:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.18044.amd64fre.win7sp1_gdr.130104-1431
Machine Name:
Kernel base = 0xfffff800`02c4a000 PsLoadedModuleList = 0xfffff800`02e8e670
Debug session time: Sun Apr 7 13:46:38.881 2013 (UTC - 4:00)
System Uptime: 0 days 0:56:00.267
Loading Kernel Symbols
...............................................................
................................................................
..........................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffffa8605f27260, 2, 0, fffff88004c2cbc5}

*** WARNING: Unable to verify timestamp for ETD.sys
*** ERROR: Module load completed but symbols could not be loaded for ETD.sys
Probably cau... Read more

10 more replies
Relevance 47.97%

I have an HP laptop with windows 8.1. My keys are typing multiple letters at a time. For example, when I type "e" it comes up as "ec" when I type "t" it comes up as "tv" all the letters make 2 letters with 1 click. just the numbers are working right. I cant even log into it because I can't get my password to type in correctly. Any suggestions?
 

Answer:keys typing multiple times

6 more replies