Over 1 million tech questions and answers.

What's best software for iPhone 4s that's been compromised?

Q: What's best software for iPhone 4s that's been compromised?

Anybody have a recommendation for getting my iPhone 4s and iPad 3 back to full speed?

Read other answers
Preferred Solution: What's best software for iPhone 4s that's been compromised?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)


I already have a home security camera system. What I'am looking for is software I can put on my desk top that will notify me on my iphone when motion detection is activated. As well as allow me
to monitor the cameras from my iphone.

Read other answers

I've been trying to update my iPhone 4 from iOS 4.1 to the newest version but I've encountered problem after problem.

First when I tried to update it through iTunes it said 'it cannot be restored at this time because the iPhone software update server could not be contacted or is temporarily unavailable at this time'.

Now when I connect my iPhone to my laptop it says 'iTunes requires a newer version of Apple Mobile Device Support. Please uninstall both Apple Mobile Device Support and iTunes, then install iTunes again.'

So when I got to the control panel to uninstall iTunes it says 'the Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your personnel for assistance.'

I've been looking for a solution for hours and cannot find anything, I tried one solution which involved Regedit but it didn't work.

Can someone please please help me? I'm beginning to loose my mind!

A:How can I uninstall iTunes from my PC and update my iPhone software?

Try this Fix problems with programs that can't be installed or uninstalled

Read other 2 answers

I get an error message that states check setting cannot download software. Have tried various times

A:Cannot download latest iPhone software to iTunes

Are you running antivirus software or a firewall that is blocking it?
Try with Firefox instead of Internet Explorer, or vice versa.

Read other 3 answers

I have a iPhone 4S and use the native calendar app to run my life.
I would like to integrate the events in my calendar app to display on the desktop (maybe as a gadget) of my computer. I use a Windows Seven Ultimate 64-bit SP1.
Using outlook didn't workout so good.. My events doubled up on my phone on the 2nd sync. Plus. At the time, I couldn't workout how to display the events on my desktop. Maybe it was because I didn't configure the gadget correctly.

Ideal software would be able to do..
- Show events on the current day on the desktop.
- Show up coming events within the next 7 days on the desktop.
- Update every time i sync my phone. (iTunes has the ability to sync certain things (such as contacts and calendars).

Anyone have ideas on what software I can use to do this?

A:Software Recommendation: Integrate iPhone 4S with Windows Seven.

I found the outlook.com calendar to be the best,
Apple does not agree with Office calendar if that's the calendar you had issues with ?
Not very specific "outlook calendar"

Read other 6 answers

Apple to fix security hole in iPhone software.

Apple is planning to release a fix for a security hole in the software that runs on its iPhone, iPad and iPod Touch devices.

Related article: Theoretical attacks exploit iOS browser flaw.

The new browser security flaw in iPhones, iPods, and iPads could be more dangerous than initially suspected.

-- Tom

Read other answers

I use iphone6.
itunes is my worst nightmare and stress. It's a must stay away.
I don't even like itunes being mentioned or like "hey give it a try, it's easy once you know."
It became a trauma, I probably won't use it even if I had a master degree. lol
I use copytrans for music and videos, when moving music and video files into my iphone.
But I can't move photos that are in my pc into my iphone.
I can only go through so much hassle by uploading my pc images into email in pc.
Download those images in email by mobile. And we all know mobiles are hard and time consuming unlike pc to download images 1 by 1.
It's really frustrating itunes is the worst software of all time in human history but people still use iphone.(personal rant don't mind)

A:Free and simple alternative software to move photos in pc to iphone ?

This may be a silly question but have you tried connecting your phone to your computer by cable ?  I imagine you would need a USB A to Lightning one since Apple go their own way on connectors. That is of course assuming the iPhone has an external connector of any sort.
If it is possible to connect them by cable then, with the phone switched on, you should be able to 'see' the phone's memory in Windows/File Explorer. If you can see the memory then it should be a simple 'drag and drop' operation to move the photos you want across.
As you can gather my experience with iPhones approaches zero but this technique works with other phones and cameras.
Chris Cosgrove

Read other 2 answers

Hello.  I seem to be sharing my firewall privileges with a remote hacker and a system restore didn't help.  A similar posting at Tom's Hardware pointed to a corrupted/malware rundll32.exe file creating extraneous malware files (guard.tmp, filename.dll) in his Win/System32 folder.  I suspect I have something similar though couldn't find those same file names.  (His posting is here: http://www.tomshardware.com/forum/134388-45-mysterious-rundll32-administrator-privileges )
I have tried kaspersky, combofix, rskiller, hitman, symantec, emsisoft, avg, symantec, windows defender, etc.  I am not a tech guy by trade but serve as my own IT guy some months so any help I get is welcome.  I probably am supposed to be posting "hijack this" findings or something as a first step but haven't done anything like that in 12 years so I figured I would post my problem first.  Thank you.

Read other answers

Esteemed Forum Members,

This is my first posting here. I am a Java programmer/developer. And I look forward to participating. Although I generally find that I learn more from reading the posts of the knowledgeable folks here than with me talking.

My current question is to see if anyone knows any more about a computer affliction that has affected two friends in the past week. (They are in different groups, so these are separate "afflictions".)

The two are remarkably similar so I am hypothesizing that they are basically the same attack. I suspect that if I have bumped into two of these cases, you folks may have already been there and done that.

As I don't have access to either of their computers, and as they are rather naive MSWindows users, it might be difficult for me to run the various diagnosic tools on their systems.

Basically the symptom is that they received an email from a known source. (Yeah, I know...) And clicked on a link to one of the {canxhealth health24x medhealthx xmedx } dotcom websites. The result is that, at a minimum, their Yahoo email account was compromised and an email was sent out to all of their contacts. The sent email has no subject and contains only the link to the malware website.

Googling through the web, I see suggestions ranging from changing the email account password through reformatting the hard-drive and resetting external routers. I also see claims that none of the major anti-virus/firewall applications detect this... Read more

A:Yahoo Account Compromised, possible system compromised

Hello Chuck, First i will move you one forum down to Am I Hacked.Please read the first pinned topic there, Who To Contact If Your Yahoo Webmail Account Is Hacked Next follow tese instructions,also a pinned topic there How to receive help in the Am I Hacked? forum

Read other 5 answers

I am running Win7/Pro x64. My System Spec is in my Profile.

I do not have iTunes installed on my desktop. I do have an iPhone 5, a hand-me-down from my son.

Yesterday the phone needed to be charged. I attached it to a USB port. I was asked by the phone if I trusted my desktop. I said yes. I was told that there were no new images on the phone to import, a fact I already knew. I've encountered this dialog before. It seems to be part of the procrustean Apple way of computing.

What troubles me is that a process started about the time I plugged in the phone. At a rate of 5-10 files/sec the 'modified' date was changed on over 3,500 jpg files on my data drive. I've not analyzed the order in which they were processed but suspect that it was A-Z on the file names and also on folder names.

Could this behavior result from iTunes running its 'sync' process? If so, is there anything I can do to prevent it from happening again?

If we have no Apple OS experts on this forum, does anyone know of an 'Apple forum' that is as respected as sevenforums is in the Windows world?



Read other answers

How to make your own iPhone Ringtone and transfer it to your iPhone directly?

A:How to make your own iPhone Ringtone and transfer it to your iPhone directly?

Here's a paid one....
Seems to be a few listings.
Google search.

Read other 1 answers

I just got the new iPhone 4S and I have a 3GS as my old phone with no way to transfer my contacts. I was told I could save a backup of my 3GS to itunes, then load the backup onto my 4S.

Well my 3GS won't backup, it keeps saying "iTunes could not backup the iphone because an error occurred" without any error code. I've wiped my old backup, I've cleared sync history. I'm using a PC with itunes with the latest itunes version 10.5.

What can I do to get my contacts over to the new phone?

A:Error backing up iPhone - trying to transfer contacts to new iPhone 4S

You may have to load them one at a time.

Read other 1 answers

Windows 7 Ultimate/32bit. iTunes 9.0
Each time I dock my iPhone, I get a pop-up message "device driver software was not installed successfully". I want to stop this message appearing.
In fact, Windows 7 *is* locating the correct USBAAPL driver (which is seen to load in Device Manager) and iTunes works fine.
However, since the detail on the error message relates to "MTP USB device" it seems that Windows is triggering the error too soon.
I recently reinstalled Windows 7 from scratch and latest iTunes etc (for other reasons) but this problem remains.
If I delete the driver then the default that Windows looks for is the MTP driver (which fails) and then I manually point it to C:\Program Files\Common Files\Apple\Mobile Device Support\Drivers and it reinstalls the USBAAPL driver it had before.

A:Plugging in iPhone generates "device driver software was not installed successfully" message

Try go to Device Manager, if there is any “Unknown MTP device”, uninstall it,  then plug in your iPhone and scan for hardware changes to let Windows Update automatically find and install the correct driver.  
BTW, I found the following similar issue for your reference:
iPhone and Windows 7 RC don't work - DELL USB Chipset Issue
Topic : iTunes 9 on Windows 7 x64 Has Problems with iPhone
Please note: we provide the third party link for technical use only. There may be some changes without notice, Microsoft doesn’t guarantee any accuracy on contacting information.
Best Regards

Read other 40 answers

I just bought my first ever smartphone (yes, I've been living under a rock) - the iphone 5s. I'm after recommendations for good software to protect it, free if possible.
I've looked in the itunes store and the options for anti-virus seem limited. The Mcafee app gets bad reviews and the others I've never heard of, and/or have no reviews. any suggestions would be great.
On the anti-malware front, i can't seem to find anything in itunes store when i try to search. I like the Malwarebytes anti-Malware program for my laptop, but unless I'm mistaken the only mobile app they have is for Androids, not iphones. Again, any recommendations would be much appreciated.
This novice appreciates your time and ideas...

A:Good anti-virus and anti-malware software for iphone 5s

The reason they have more anti-virus apps for Android is because the Android platform is more vulnerable to malware. On Android, you are able to download and install a variety of things from unknown sources.
For the iPhone, however, anti-virus isn't really needed unless you have jailbroken your device.
Hope this helped.

Read other 14 answers

I just bought my first ever smartphone (yes, I've been living under a rock) - the iphone 5s. I'm after recommendations for good software to protect it, free if possible.
I've looked in the itunes store and the options for anti-virus seem limited. The Mcafee app gets bad reviews and the others I've never heard of, and/or have no reviews. any suggestions would be great.
On the anti-malware front, i can't seem to find anything in itunes store when i try to search. I like the Malwarebytes anti-Malware program for my laptop, but unless I'm mistaken the only mobile app they have is for Androids, not iphones. Again, any recommendations would be much appreciated.
This novice appreciates your time and ideas...

A:Good anti-virus and anti-malware software for iphone 5s

The reason they have more anti-virus apps for Android is because the Android platform is more vulnerable to malware. On Android, you are able to download and install a variety of things from unknown sources.
For the iPhone, however, anti-virus isn't really needed unless you have jailbroken your device.
Hope this helped.

Read other 10 answers

I am trying to get my SMS,contacts and pictures on my iPhone to be put either onto my computer or onto iTunes and I don't know how to do this.
Any help or advice would be greatly received.
Thanks in advance.
Could you suggest a transfer???

A:How can i backup iphone 3GS sms/contact to new iphone 4?

Cucusoft iPhone Tool Kits can also transfer Music/Video from your iPhone, iPad or iPod Touch to your computer.

Backup Photos to Any Folder on Computer
Backup SMS to to Computer with Multiple File Formats
Backup Call List to Computer with Multiple File Formats
Backup Contacts to Computer with Multiple File Formats
iPhone Disk & file Utilities


Read other 1 answers

Is there a way that I can sync my Outlook contacts with my Iphone 4s so that the contact appears as displayed by outlook.
Example: Mr. Richard Jones
FILE AS: Rich Jones

This is the option to display in outlook and I would prefer to display on phone the same.

A:Sync Outlook with Iphone display in Iphone name from outlook: FILE AS:

Hello. I have an android phone which is synced with my gmail account. I have eyed the new iphone 5 and will soon be moving data and contacts from my android to my iphone.

Before migrating to the iphone and mess up something with my contacts, i want to sync all to my outlook. So I wish to achieve sync from Android to Outlook and then from Outlook to the new iphone - is that possible?

Read other 2 answers

How can I check to see which I have?
I was looking into the "Siri" service, and don't see it.
Recently upgraded to the OS5. Does that matter?

A:Solved: iPhone 4 or iPhone 4S

Check for the Model number under Settings > General > About

From what I've read on the Apple forums, if you have the iPhone 4, it won't support the Siri integration.

Read other 3 answers

Hi there

My system has been compromised just recently and would like your help on the matter.

Here's what I've done so far: Installed and ran "CCleaner", removed whatever it found. Did the same with "Ad-Aware" and it actually found some trojan of some sort and removed it. Then I intalled "Spybot Search & Destroy" and did a search with that one. And finally I ran a virus check with "NOD32" and topped it off with "MalwareBytes' Anti-Malware". "NOD32" found some trojans in "Java" which I deleted manually and did a new search, where nothing showed up. I've got logs of the Java trojans. So I've updated "Java" now as well, so that hopefully will close any security holes.

So I'll post a log from MBAM and HJT and would really appreciate your opinion on this matter. Are my system okay now, or can you still see something?
Thank you.

Malwarebytes' Anti-Malware 1.44
Database version: 3874
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16-03-2010 23:58:52
mbam-log-2010-03-16 (23-58-52).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 187944
Time elapsed: 20 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No... Read more


Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

Please follow our pre-posting process outlined here:


After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers

i run trend paid internet security 2010 .. a colleague was hit by gumbar and another by hacktool rootkit ... my machine slowed to a crawl last night, minute between clicks .. but a reboot and i 'seem' to be running normally and have had a clean scan from that, prevx, and malwarebytes, but I'm still paranoid, so I really appreciate any insight into the logs I'm posting per the instructions here http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/ (i included hijackthis log too just in case)i'm on a vista 64bit .. and running GMER, i only had services/registry/files / ADS available for selection.. system devices.. etc .. all were grayed out.DDS (Ver_09-12-01.01) - NTFSX64 Run by websitewendy at 11:55:02.28 on Thu 02/18/2010Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_16Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.4094.1108 [GMT -8:00]SP: Windows Defender *enabled* (Updated) coloro:red4============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC... Read more

A:have i been compromised ?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

Read other 15 answers

Hey guys, my computers been acting really slow and strange lately. It also has a new user called IUSER_Admin on it.

Here is the log file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:41:33 PM, on 10/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOW... Read more

A:HELP i think i have been compromised!

Hello and welcome to TSF

Download RSIT by random/random and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Logs Required

If there is no response to this post within 72hrs, this thread will be closed.

Read other 6 answers

IE is doing weird things like not allowing me to login, not allowing me to get past the first page in the forums of a website I use regularly, going very slow. I tried FF and it seems to work a little better but I get messages that I am sending over unencrypted pages even on TSG. I added a bunch of extensions but I still feel insecure. The NYTimes page comes up but I cannot get any articles to come up when I click them. I can get videos and photos but no articles. I tried FF and now it goes to a login page when I click on an article. It has never been a login sort of page.

The only out of the norm thing I have done is watch some videos of Bettany Hughes Ancient World series. After I was done my machine was slow. So I restarted it and when the desktop was up I saw a window appear that was just the upper right corner of a browser page. There were some letters the _ the box and the X. It did not respond to me clicking on the maximize box or the close X. Then it just disappeared on its own a few seconds later.

I have scanned with Avira free, Defender, and Malwarebytes all of them find nothing but neither of my browsers work properly any longer and I think I am compromised.

Any help?

A:I think I am compromised

Read other 16 answers

I Did a Dumb Thing!!!

I got an email message that my ATT Worldnet account had to be updated or my account would be terminated.

Since Cingular recently purchased ATT services, I thought it was legit and part of the transition of services.

I clicked on to the website, which asked for my name, password, address, phone, and credit card number. I typed in the first 4, but hesitated at the credit card line, since I pay by mail.

The site window was set up with "continue" keys. Because I did not give my credit card info, it would not continue to the next sceen. I then closed out th screen using the Windows close icon box in the upper right corner.

I called ATT and found out the website was a fraud!!!

My Question:

Since I closed out everything before reaching the "send" screen, is my name, address, and password still secure, or did that info still reach the scam artists?

I know it was a dumb mistake, but will appeciate any advice about the damage done, and what, if anything, I can do to correct it ( I ran spyware and antivirus check immediately, with no problems reported).



A:Is my ID compromised?

As long as you did not transmit any data to the website then your information is still secure but just to ease you mind you should go to the official website and change your password.

Read other 2 answers

i went to amazon last night, tried to buy a gift card and got the attached warning.  amazon help couldn't tell me why he said everything is up to date. i also noticed my some of my browsers options had changed .

A:compromised ??

Possibly, but we should get a deeper look as financials are involved. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.Let me know if all went well.

Read other 9 answers

I attempted to follow the malware prep guide but stalled out on step 7 when DDS would not run. I followed the threads in the forums to download and run RSIT and have posted the logs below. I have also included the inital logs for recent events from Norton Internet Security which keeps flagging and removing local virus and blocking attacks from the internet. Any help is greatly appreciated.My basic problem is that Norton is locating and eliminating a virus every time I boot my pc. Norton also picks up and blocks some internet attacks everytime I attach to the internet. However each time I restart my pc the virus re-appears.thanks!NORTON RECENT SCAN DATA:Category: BackupDate & Time,Severity,Activity,Status,Recommended Action,Action,Location,Media Type5/15/2010 10:00 PM,Info,Backup performed to I:,"Canceled, Canceled",None,Backup,I:,CD/DVD DriveCategory: Firewall - Network and ConnectionsDate & Time,Severity,Activity,Status,Recommended Action,Subnet Identifier,Gateway Physical Address,Category,Gateway IP Address5/15/2010 9:45 PM,Info,Connected to a protected network. (,Protected,No Action Required,,,,5/15/2010 9:45 PM,Info,Connected to a shared network. (00 12 17 C5 E0 D9),Trusted,No Action Required,,00 12 17 C5 E0 D9,,5/15/2010 9:45 PM,Info,"Protecting your connection to a newly detected network on adapter \"Realtek RTL8169/8110 Family Gigabit Ethernet NIC - Packet Scheduler Miniport\" (IP ad... Read more

A:PC has been compromised

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 2 answers

Need help getting rid of the bad guys

Here is my HJT log

Logfile of HijackThis v1.97.7
Scan saved at 5:12:55 AM, on 7/18/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

Read other answers

Hi there,

Ried in the virus/malware section was previously helping me out. No virus/malware was detected on my system. As a result he referred me to you guys since I am still having problems. My machine started acting up after I installed RealWorld Cursor Editor. The cursor repeatedly froze up for no reason. As a result, I went ahead and uninstalled real world but the issue still continues to persist. In the interest of time, a summary of all the steps he took is posted below:

1. Tried System Restore from both Normal Mode and Windows Recovery Environment and it fails to complete.

4. Mention that issue seems to have begun after installing RealWorld Cursor, and that it had been uninstalled.

3. Reviewed detailed logs for any remnant RealWorld entries and none found.

4. Issue does not occur in Safe Mode.

A:Been Compromised again!

Hi, press the win + r key together, in the run box type:- msconfig, open the services tab and put a check in "hide all microsoft services" look at the remaining services for anything to do with the program, uncheck it and apply, also look under the startup tab anything that looks like it's associated with the program uncheck. If unsure you can still uncheck items (just leave virus and malware programs checked) If you want more info about items google OR post back.

Since that program effects Icon and mouse cursor we should try resetting the default registry settings, this will do no harm. Run the attached .zip file then double click on the returned .reg file allow to be added to registry. Restart computer.


Read other 8 answers

Hi,My sister downloaded a program thinking it was a utorrent program but it didn't install anything (that she knows about). Its from this page hxxp://onhax.net/utorrent-plus-crack/ Halfway down theres a green direct download link says "Crack and setup. Direct download" The file is "Crack and setup.exe" Step I've taken. I've deleted the file. I've run Adwcleaner This is the result # AdwCleaner v4.102 - Report created 27/11/2014 at 14:11:26# Updated 23/11/2014 by Xplode# Database : 2014-11-26.1 [Live]# Operating System : Windows 8.1  (64 bits)# Username : Evan - ARMYPC# Running from : C:\Users\Evan\Downloads\AdwCleaner.exe# Option : Scan***** [ Services ] ********** [ Files / Folders ] ********** [ Scheduled Tasks ] ********** [ Shortcuts ] ********** [ Registry ] *****Key Found : HKCU\Software\systweakKey Found : [x64] HKCU\Software\systweak***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.17416-\\ Mozilla Firefox v33.1 (x86 en-US)*************************AdwCleaner[R0].txt - [659 octets] - [27/11/2014 14:11:26]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [718 octets] ##########   And I've run JRT.exe and tdsskiller.exe They found nothing..  So I'm thinking maybe the file just affected some registry tweaks. Thanks for your help. I just want to be sure that theres nothing suspicious on my harddrive. I am using Windows 8.1, its fully updated. Evan.Mod Edit by quietman7: D... Read more

A:Not sure if I've been compromised

Hello there  
I'm LighthouseParty and I'll be assisting you with your concern today. Please keep in mind that I have a few guidelines I need you to follow:
Don't run any other tools other than what I provide you with.
Don't install/remove any programs other than what I provide you with.
Don't perform a system restore unless I ask you to.
 Download MiniToolBox
Click here to download MiniToolBox to your desktop.
Double click MiniToolBox.
Select the following and then press go.
Post the log in your next reply.
Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 Install and run a scan with Malwarebytes Anti-Malware
Click here to download Malwarebytes to your desktop.
Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
On the dashboard, click update now.
After that, click scan now - the scan will now begin.
When the scan's completed, select apply actions - make sure the action is quarantine.
Restart your computer.
How to get the log.
On the dashboard, select the history tab and click application logs.
Select the log which has the time and date of when you did the scan.
Click copy to clipboard and paste it into your reply.
 Download Security Check
Click here to download Security Check to your desktop.
Double click SecurityCheck and follow the on-screen instructions.
A log should open, called checkup.txt.
Please post... Read more

Read other 4 answers

I really hope someone can help me. I am using windows XP and lately it has been doing everything imaginable. It started with opening web pages completely unsolicited. Then it would redirect pages that I was on and try to install things.After that it would not open some web pages unless I allowed all cookies and lowered the privacy to LOW. It Automatically closes some programs for no reason, sometimes it just restarts whenever. The last time that happened it removed all my settings and if I reset them it does not keep them and I have to start all over again. I have even had to reinstall my internet connection and email. It does not even save my desktop display. Everytime I look directly under the C drive I have all kinds of applications there which I continulaay delete. Oh, and it is so slow, it has 512 MB and 1.8 GHz with 80 GB HD.

I have run AntiVir and it claims that there are no viruses, or trojan horses ot anything else, I ran HiJack this, I ran cwshredder and it says that there is nothing. I don' know what to do!!! Please someome help me?

A:Very compromised PC

Read other 16 answers


For the past 3 days my computer has been acting up for no apparent reason. Something is horribly wrong with the system volume. Each time I hit the volume button the bar increases/decreases asynchronously. In other words, the volume continues to increase/decrease long after the f10/f9 buttons have been released. If this weren't enough windows seem to open and close by themselves without warning. In addition, while typing, parts of paragraphs magically highlight themselves and then erase at will in the midst of completing an entire sentence. Since the system can be recovered at anytime, I did not take the trouble of compiling a boot cd. It looks like I've been compromised! Any help is much appreciated. In compliance with the wishes of the moderator I have posted/attached the following logfiles.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27
Run by SHAHJEE at 15:19:14 on 2011-11-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.925 [GMT -8:00]
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
============== Running Processes ===============
C:\Windows\... Read more

A:Been Compromised!

Hello and welcome back to TSF Virus & Malware support. My name is Taylor and I'll be helping you with your fix.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

Read other 4 answers

Once again, I have been forced to ask for help. Allayed by the fact no infections were found on my machine earlier I soon relapsed into complacency. But almost immediately my solace was short-lived. For the past 1 week my computer has been acting up for no apparent reason. Something is horribly wrong with the cursor and application tabs. At times my cursor refuses to do what I want. I keep clicking away at 'x(s)' but application windows just sit there frozen. Instead of closing out, my cursor freezes up. Then yesterday my comp. simply blacked out. A message reading ' Not compatible with windows 64-bit....' mysteriously appeared but on restarting the computer it was gone. Pulling on scroll bars using the cursor is another goof-up. No matter how hard I try, scroll bars refuse to pull up or down. After several tries the picture gives way. I have a penchant for watching youtube videos ( engineering simulations). Is it possible that may be the culprit? Anyhow, I have posted/attached the following logfiles.

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27
Run by SHAHJEE at 15:19:14 on 2011-11-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.925 [GMT -8:00]
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-D... Read more

A:Been compromised again!

"BUMP, please"

Read other 19 answers

Hoping someone can provide some assistance here.... need system analyzed. Have compiled logs & data for troubleshooting...

Windows XP Home v 2002, SP 3
Intel Celeron 2.4 GHz
2.39 GHz , 256 MB RAM
Hard wired to : Arris Modem #TM502G---->Buffalo High Power AirStation A&G: (NAT enabled & PNP disabled, Intrusion detector enabled, etc... MAC filtered, not broadcasting SSID, etc...) ---->Motorola VT1005 (set statically)---->PC (Broadcom 440x 10/100 Integrated Controller w/TCP/IP set statically, and NetBios disabled)
Agnitum Outpost Firewall Pro ver. 4.0.971.7030 (584): (Stealthed as much as I could without sacrificing connectivity)
Avast! v. 4.8 Home Addition Build Dec. '08 (4.8.1296) : (Stealthed)
ProtoWall : (need to update lists, there are a few certain sites I have to disable ProtoWall to visit...)

Wondering if all my PC issues aren't due to my system being compromised. Have been running extensive scans. Are you familiar with analyzing any of the following logs: DrWeb, FPort, HijackThis, RootkitRevealer, StartDreck, SpyBot S&D?

Strange thing that occured though, right after I started noticing these issues, I received an email from my web host provider, stating that one of my websites had been compromised and my web page had changed, here is what they said:

"Recently, we noticed that your username and password for your ftp account hosting has been used by someone to alter your main index.html (or index.htm, index.php) file for ... Read more

A:Has My PC Been Compromised?

You have done most everything that we can recommend in this particular forum. HJT logs should not be posted hereWe have a revised procedure for HJT that you should read first:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/Then post the log in the proper forum here:http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

Read other 3 answers

Why am I getting buried here?

A:Compromised...but not sure how or how bad...help please

I know I got some bad spyware from somewhere and keep getting all kind of weird notifications from spyware doctor that something has been blocked. Also I get notification that programs could not start at start up. I then run a scan with Spywaredoctor or superantispyware or adaware and it seems to get rid of the problem, but the next time I start up there is a new problem. The most recent one is "TA_start failed to begin correctly at start up" or something such. I feel like I'm killing the weeds but not the root.

I downloaded hijackthis and made a log. Hopefully it has everything needed. Spywaredoctor tried to blaock something it was doing.

Any help you can provide would be super.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:22:55 PM, on 6/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Avid\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Google\Common\Google

C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Nort... Read more

Read other 3 answers

TL;DR I went to the website in this picture (http://puu.sh/pQ2ll/784eb6bbe8.jpg) and downloaded a file disguised as a flash update and executed it repeatedly like a moron. It opened a command prompt with a title I don't remember and closed quickly, nothing has happened since. I don't know what it did or if it's even an active threat.
I'll put this at the top for those disinterested in the story, I've run Malwarebytes Anti-Malware to no avail, I ran rkill.com and it interacted with nothing, and after that I did a system restore to a point two days ago. I'm aware system restore is dubious at best for virus and malware removal, but I can't think of anything more appropriate to do for something I doubt would even flag as spyware than simply factory resetting my laptop, which I still might do. It feels as if it's running slower than usual, but it's so barely noticeable that it might just be that I rebooted it for the first time in a while combined with placebo. Might I still be infected?
I woke up this morning and popped my laptop open, and within minutes of logging onto Steam, a person on my friends list that sends messages to me sporadically with large gaps in between sent me a link saying he found me in a video on Twitch for a game that I play very often. Being early morning, from a friend that does this often, I clicked the link, but instead of the video playing, the box simply showed the "You must update Adobe Flash Player" notice that looks exactly like it woul... Read more

A:Am I still compromised?

Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
JRT Scan.
Please download Junkware Removal Tool and save it on your desktop.
Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log is saved to your desktop and will automatically open.
Please post the JRT log.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Hit Ok.

Hit next make sure to leave all items checked, for removal.

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK ... Read more

Read other 1 answers

I had a post in another forum, but after running MBAM(no results). I thought I should post in here. If not, my apologizes, please move me to the correct area. My daughter plugged into a USB port, some cheapo camera she had. I got an error message on my screen(don't recall). I rebooted and now my CPU fan seems like it is about to launch. Any and all advice is appreciated. My 9 year is upset, she thinks she broke it. THANKS!

A:I think my Pc might of been compromised.

Hello is this an XP PC or another? The error message would help if you see it again. Open the Tazk Manager (press CTRL+ALT+DEL). Click on Processes Tab and is something using a lot of your CPU ?Run ATF and SAS:From your regular user account.Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox or Opera browser click that browser at the top and choose: Select AllClick the Empty Selected button.If you would like to keep your saved password... Read more

Read other 6 answers

Recently my son went on my pc and clicked a link over discord from someone he didnt know. The file was 011.exe. This in turn gave someone full access of my pc and i want to know what to do and if a factory reset will get rid of this persons connection to my pc

Read other answers

I received one of these scam "I need money" emails from a friend and immediately realised that her computer had been hacked. I replied telling her so.Now I have received another email from her with a new email address saying that since she was hacked she had been unable to receive anything at the original address, she thinks everything went to the hackers. I am just wondering whether my response to the original email has put me at risk and if so what should I do bout it or is it too late.

A:Am I compromised

Read other 6 answers

I have a Sony PC running windows XP. My Zone Alarm firewall blocked iexplorer.exe trying to access the internet to some unknow IP address. I've scanned my system with AVG anti-virus and with spyware from Zone Alarm and Spysweeper but they didn't detect anything. Could I have been compromised?

A:Have I been compromised?


Read other 1 answers

i went to amazon last night, tried to buy a gift card and got the attached warning.  amazon help couldn't tell me why he said everything is up to date. i also noticed my some of my browsers options had changed
 attach.txt   8.68KB
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.51.2
Run by Bobz at 16:03:58 on 2014-07-16
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8182.5220 [GMT -7:00]
AV: ESET NOD32 Antivirus 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\sy... Read more

A:compromised ??

Hello and Welcome on board Bobz1x,my Name is Machiavelli and I will assist you with your problem.If you booted into safe mode on your computer then print my instructions!I'm in the 'Malware Staff Team' and will provide you with advice:To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.Below are a few tips:Removing Malware is usually very difficult.We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!Please follow these instructionsIf you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!Please stay in contact with me until your problem is resolvedAs Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.Please don't run any other tools without consulting with me as this can complicate finding and removing all MalwareDon't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!Read my post completelyIf you don't do so, you may make mistakes that could result in your System crashing by you... Read more

Read other 13 answers

Good morning.Yesterday it came to my attention that my laptop has been compromised by a malicious virus or viruses. I did some web searching on how to possibly remove the little blighters and found the wonderful program that is Hijackthis. I've been through the tutorial, saved the logfile and it suggested post it here in the hope someone may be able to help me identify what I need to fix check as im unsure myself. Any advice would be most welcome as im completely "green" when it comes to anything of this nature. Many thanks in advance for any help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 01:56:18, on 23/07/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exeC:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC... Read more

A:Lappy Compromised.

Hello, Cob20.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by right... Read more

Read other 3 answers

Been fighting this for a week and I can't find anything actually wrong, but I know something has to be there. My Warcraft account was recently hacked and based on some of the actions of the hacker I have to assume that they have gained access to my computer. Not only have they gotten my login information everytime I change it, but they have gotten some files submitted to Blizzard. Despite running multiple virus and malware scans nothing has ever come up. I am reluctant to simply reformat because I would like to at least try to understand how this has occured, but you can't fix what you can't find.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16750  BrowserJavaVersion: 10.45.2
Run by troy at 1:30:21 on 2014-01-14
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4094.1950 [GMT -6:00]
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svc... Read more

A:Computer Compromised

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/520819 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 17 answers

I've found some stuff in my processes/netstat that I dont know what is, I've tried googlein' but cant find a straight forward answer.

I have a TCP epmap and UDP isakmp connetion?!

Neither of which do I remember installing. The reason why I find this a bit doggy is the fact that my websites ftp server appeared to be hacked. A file named 'Akamai' appeared in a read only area where no files should be created with the text saying 'Ok' in the document (answering the notice i guess saying that you cant write files). A few days ago I was looking at my open connetions and I noticed one with the name "host13.akamai-hex.....", funnt i thought, thats the same name!! I did a port scan just so I could see what kind of system it was, and its linux, (what a supprise!) with services such as ssh, smtp, http & https (has a website running from the machine?) as well as pop3 and .... ISAKMP.

I recon my, well not mine, my parents computer.. (my computer is still up at uni..) has been "Owned". What do you guys make of that? Im not sure what to do, my parents dont have a real firewall (ive told them hundereds of times they need one!) so ive put on ZA for them, but its their free version, and it doesnt allow individual program control.

What do you guys recon i should do?

- I've:

updated thier windows XP
updated their AV
installed ZA
installed Spybot Search and destroy
ive changed the registry to save only the new NT password types
changed their user p... Read more

A:System compromised?

Also.. they have reported the computer turning on by itself, all though i have not seen this myself.

Thanks for any help, C0B01

Read other 3 answers

hi,Kindly have a look at my log file....I'm just going to get crazy...... All of my folders starting with "Microsoft" are hidden.Logfile of HijackThis v1.99.1Scan saved at 10:06:02 PM, on 7/31/2006Platform: Windows 2003 SP1 (WinNT 5.02.3790)MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\System32\bmss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Microsoft ADS\bin\saagent.exeD:\Apache\Apache2\bin\Apache.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\System32\dns.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Merak\calendar.exeD:\Apache\Apache2\bin\Apache.exeC:\Program Files\Merak\control.exeC:\Program Files\Merak\im.exeC:\Program Files\Merak\pop3.exeC:\Program File... Read more

A:Server Compromised

anyone there to help me ???

Read other 6 answers

Hi,I recently had a gaming account compromised. I got the account returned to me and the password reset. I just would like to make sure the breach/keylogger/etc wasn't from my end. I may have logged in on a separate unsecured computer of a friend and picked it up that way.Anyway, the DDS file is attached.The GMER program gave me an error. Here is a screenshot of it too

A:Account Compromised

hi JD56,Gmer isnt supported on Windows7. Log looks ok as far as malware goes. Perhaps you lost the password some other way. Some guide lines for passwords: At least fifteen (15) characters in length. Does not contain your user name, real name, organization name, family member's names or names of your pets. Does not contain your birth date. Does not contain a complete dictionary word. Is significantly different from your previous password.Should contain three (3) of the following character types. Lowercase Alphabetical (a, b, c, etc.) Uppercase Alphabetical (A, B, C, etc.) Numerics (0, 1, 2, etc.) Special Characters (@, %, !, etc.) I posted in the DDS log;DDS (Ver_10-03-17.01) - NTFSX64 Run by Jay at 20:43:37.96 on Thu 05/27/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4091.2219 [GMT -4:00]SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Program Files (x86)\AVG\AVG9\avgchsva.exeC:\Program Files (x86)\AVG\AVG9\avgrsa.exeC:\Windows\system32\lsm.exeC:\Program Files (x86)\AVG\AVG9\avgcsrva.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Micros... Read more

Read other 1 answers

Hi all,

I have Win7 pre-release running on my loungeroom PC, as well as the old faithful XP on dual boot (second HDD).
After the October 22nd release, Win7 would not run, and has also shut down access to XP as well!!

Im was told that it would shut down every 2 hours until I paid money, but was not expecting my whole machine to be sabotaged?

Also read that I would get $100 off retail from using the pre-release Win7?

Anyone else like me - frustrated.

Automatic repair could not do justice to Win7 and it shut down no warning.

A:Computer compromised

I re-started and tried to get XP happening, but the screen disappeared permanently after the intro logo.
Then I re-set and tried Win7 again, and lo and behold, it came up and ran normally??? I have a TV program running on MCE as I type!

Any ideas as To why XP is compromised? I have done chkdsk in the recovery console.

Read other 1 answers

I've got a computer at work that seems to be fairly compromised. I've followed all of the steps listed in the 'read this topic' message and am at the point where I get to post a hijack this log (joy!). Basically this system has popups that show up constantly and the typical cleaning programs/methods have not gotten the popups to go away. Virtumonde has been detected on the system but I haven't been able to get it cleaned up yet. Basically each time I run a scan (with whatever program) it finds new things that weren't there on the previous scan. I just need to figure out the root cause of these popups and get rid of it. The date on the comp was set wrong at the time of the scan. I took this scan 20 minutes ago.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:45:33 PM, on 7/21/2003Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\WIDCOMM�... Read more

A:Compromised Computer

Welcome to the BleepingComputer HijackThis Logs and Analysis forum ensoll My name is Richie and i'll be helping you to fix your problems.It appears you've no virus protection installed.Download\install one of the following freeware options from the choice below.Once installed update its definitions and then run a full system virus scan.AVG7 Free Edition Antivirus:http://free.grisoft.com/softw/70free/setup...ree_446a965.exeAvast! 4 Home Edition: http://files.avast.com/iavs4pro/setupeng.exeAvira AntiVir Personal Edition Classic http://www.free-av.com/------------------------------Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.When VundoFix re-opens,click the "Scan for Vundo" button.Once it's done scanning,click the "Remove Vundo" button.You will receive a prompt asking if you want to remove the files, click "YES".Once you click yes, your desktop will go blank as it starts removing Vundo.When completed,it will prompt that it will reboot your computer,click "OK".Post the contents of C:\vundofix.txt into your next reply.Note: It is possible that VundoFix encountered a file it could not remove.In this case,VundoFix will run on reboot,simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.------------------------------Please download Combofix and save to your desktop:Note: It is important that it is saved directly to your d... Read more

Read other 1 answers