Over 1 million tech questions and answers.

Computed hacked and need help

Q: Computed hacked and need help

Hi,

In the past couple of days i've found that all my e-mails and facebook have been hacked, and seemingly remain hacked even though i've changed all the passwords etc. I've ran a full scan of my Microsoft Security Essentials that has found nothing, but i want to make sure that my computer isn't completely compromised (thus rendering password changes useless). I'm slightly concerned about something called "Nethood" that seems to have appeared on my system, and i don't remember seeing it before.

Any help would be appreciated. I'm not the best with computers and this would really put my mind at rest. Thanks.

Below is the result of my Hijack This Scan:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:04, on 10/05/2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Users\monkee\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\monkee\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\monkee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\monkee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\monkee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\monkee\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\monkee\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {4FBACD73-F67C-42AE-B46A-03960AFE3DFB} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [recinfo863] c:\RecInfo\RecInfo.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\monkee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\monkee\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://www.skillsarena.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUplden-gb.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-gb.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 10854 bytes
Thanks for your help

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Computed hacked and need help

I recommend downloading and running Outlook PST Repair. It's a PST repair tool that I've used it in the past to recover emails, contacts, tasks and notes from corrupt Outlook files that are damaged or inaccessible. Supports Outlook 2000, 2002, 2003, 2007, 2010 and 2013.

You can download it direct from this link http://goo.gl/1bjhSi. (This link will automatically start a download of Outlook PST Repair that you can save to your computer.)

RELEVANCY SCORE 46

I just want to say know next to nothing about computers. I have symantec and run scans about every other day. It was fine yesterday. Out of nowhere earlier tonight symantec popped up and said I had 15 trojans. Ran it in save mode and it said the same thing. I downloaded malware bytes it found 5 trojans. I downloaded spybot search and destroy it found a few cookies, no trojans though. Each of the scans said "no possible fixes at this time" about the trojans.Now, I'm not getting redirections, pop-ups, and I haven't noticed my laptop running slower or anything like that, so Im not sure whats going on.Anyway, I saw some forums say this is a good resource. So I ran it and I've attached my log. Thanks.Sorry, here is the loganyone?EDIT: Please be patient. There are over 290 unanswered topics in this forum at present and the current average wait time to receive help is 9 days. ~Budapest

A:Computed infested with Trojans

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 45.2

What do I do I have intel i5 750 2.7 gh and I am on windows 7?

Read other answers
RELEVANCY SCORE 45.2

I am running Windows Experience Index (System Rating), but at the middle when the test running, an error message show "The Windows Experience Index for your system could not be computed" "Could not measure video playback performance"....please, anyone can help me what can  I do..???Sorry for my English...I'm used Intel Pentium 4 CPU 3.00 GHz, DDR2 RAM 1GB (Exclude Onboard VGA), OS Windows 7 RC 32-bit, VIA Chrome9 HC IGP - 64MB onboard VGA, Display 1280x1024, and I have free disk space up to 30GB..... And I've been updated all of my driver to the latest version with Windows Update.

A:Windows Experience Index Could not be Computed

Andi, The reason you're seeing this message is because Windows 7 allows for video decoding to be performed by the GPU, but yours is relatively old and does not support the new video acceleration introduced with Windows Vista and Windows 7.-Alex

Read other 27 answers
RELEVANCY SCORE 45.2

Windows XP (Home Edition) SP3. I have two USB drives (F) & (G) that show up under My Computer or Device Manager that have nothing connected to them.
All other drive letters are correct. Perhaps the individual who owned the computer prior to me had something connected to these. I would like to remove them from the listings. Please advise.

A:Two USB Drives Listed Under My Computed But Nothing Connected

If there is a letter assignment reflected in My Computer...there is a device attached.

What you call "drives"...may be nothing but partitions.

What USB devices do you currently have attached?

No device equals no letter in My Computer, although some attached devices may not be reflected in My Computer (e.g., an unformatted hard drive). If something is reflected as being present when it's not present...you have a problem I have never seen any data on.

Take a look in Disk Managment and see what's reflected there. You might also take a look in Device Manager and see what is reflected there for drives.

Start/Run...type diskmmgmt.msc and hit Enter for Disk Management.

Start/Run...type devmgmt.msc and hit Enter for Device Manaqer.

Also...some card readers may be reflected as multiple drives in My Computer.

Louis

Read other 1 answers
RELEVANCY SCORE 44.8

Hello,

I am using a work provided laptop with Windows 7 Enterprise (64 bit) installed. I booted up my laptop and in was in classic view and my wireless was not working along with some other features too. I right-clicked and went to "Personalize" and then it said "Troubleshoot problems with transparency and other Aero effects". I click on it and go through the troubleshooter and it says under "Problems found" "The Windows Experience Index has not been computed". Then when I got "My Computer" and go into "Properties" I click "System rating is not available" and then "Rate this computer". When I do that I get this below.

" The Windows Experience Index for your system could not be computed. Cannot complete assessment. The assessment or other operation did not complete successfully. This is due to an error being reported from the operating system, driver, or other component. "

I tried booting into 'Safe Mode' but it wouldn't recognize my password, note this a work laptop and it has a password when I boot normally it lets me through and recognizes my password but in 'Safe Mode' it doesn't.

Could I please have some help. Thank you.

P.S I have included an image of the problem I am having. (If you would like the link go to: http://oi57.tinypic.com/14mylxz.jpg)

A:The Windows Experience Index for your system could not be computed

  
Quote: Originally Posted by Glass


Hello,

I am using a work provided laptop with Windows 7 Enterprise (64 bit) installed. I booted up my laptop and in was in classic view and my wireless was not working along with some other features too. I right-clicked and went to "Personalize" and then it said "Troubleshoot problems with transparency and other Aero effects". I click on it and go through the troubleshooter and it says under "Problems found" "The Windows Experience Index has not been computed". Then when I got "My Computer" and go into "Properties" I click "System rating is not available" and then "Rate this computer". When I do that I get this below.

" The Windows Experience Index for your system could not be computed. Cannot complete assessment. The assessment or other operation did not complete successfully. This is due to an error being reported from the operating system, driver, or other component. "

I tried booting into 'Safe Mode' but it wouldn't recognize my password, note this a work laptop and it has a password when I boot normally it lets me through and recognizes my password but in 'Safe Mode' it doesn't.

Could I please have some help. Thank you.

P.S I have included an image of the problem I am having. (If you would like the link go to: http://oi57.tinypic.com/14mylxz.jpg)



Welcome to the Seven Forums.

It is ... Read more

Read other 6 answers
RELEVANCY SCORE 44.4

So I just overclocked my processor a few points, and upon booting up my computer, the Aero theme was 'busted.' I tried running the troubleshoot, which claimed I had no issues.

I opened up the Windows Color option, and was greeted with only a Windows 94 looking theme option. (images below) Everywhere I look has no information on this issue.

I fail to see how overclocking my processor only a little bit would cause this issue. All of my drivers are up to date, my computer can easily handle the small amount of overclocking I did, and windows is up to date.
I tried going to Performance and Information and Tools and using 'Re-run the assessment,' and I get 'The Windows Experience Index for your system could not be computed.'

I run with a NIVIDIA GeForce GTX 550 Ti and a 990FXA-UD3 motherboard with an AMD FX-4100 Quad-Core Processor now overcloacked to 4.2 GHz with dual monitors.

I have 12 GB of DDR3 RAM and my OS is Windows 7 Home Premium 64bit.

Please help.

Desktop
Windows 94-esc Option Only

A:No Aero theme - Widows Experience Index Not computed

I assume you clicked on the previous theme you built and still no changes ?

There is no reson to OC that cpu.

Read other 8 answers
RELEVANCY SCORE 40

Hello TechGuys,

In the last 48 hours I've been through a lot because of this.
My hosting nearly got suspended and my friends are really mad.

Below are the required log files. Really looking forward to your assistance.

Thanks in advanced,
t_kio

Here's my TSG SysInfo result:

Code:

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows 7 Ultimate , 64 bit
Processor: AMD Athlon(tm) II X4 630 Processor, AMD64 Family 16 Model 5 Stepping 2
Processor Count: 4
RAM: 4095 Mb
Graphics Card: ATI Radeon HD 5570, 1024 Mb
Hard Drives: C: Total - 200004 MB, Free - 110180 MB; D: Total - 20010 MB, Free - 18031 MB; E: Total - 256922 MB, Free - 649 MB; F: Total - 476898 MB, Free - 510 MB; G: Total - 476953 MB, Free - 44626 MB; H: Total - 476945 MB, Free - 834 MB;
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD, 770-C45 (MS-7599), 1.0, To be filled by O.E.M.
Antivirus: AntiVir Desktop, Updated and Enabled

Here's the hijackthis.log:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:25:09, on 21/07/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spotmau\Data Recovery Kit\DRtray.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Genie-Soft\GBMPro8\GBMAgent.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\... Read more

Read other answers
RELEVANCY SCORE 40

hello this morning i turned my laptop on and recieved this error message the file is possibly corrupt. the file header checksum does not match the computed checksum. I've tried using the recover cd and alt f10 but the error seems to kick in before i can do anything any ideas??
 

A:the file is possibly corrupt. the file header checksum does not match the computed ch

You need to boot from the CD. Enter BIOS setup and change boot sequence so that the CD/DVD drive is the first boot device. Then you can boot from the recovery CD.

Note, using a recovery CD will erase the entire hard disk and you will lose any documents, emails etc on the hard disk.
 

Read other 2 answers
RELEVANCY SCORE 40

I have a HP dv7-3065dx 4 gig ram and 500 gig HD window 7 home prem 64bit. I pulled the mother board and had the GPU reballed and copper heat sink added for cooling. Now I have put it all back together and it will nor boot from factory disc or from the hard drive. I have tried a couple of hard drives including one new and one from another dv7 that is working. I have also pulled the ram and replaced it twice. I get the file is possibly corrupt. The file header checksum does not match the computed checksum and also got this error also BOOTMGR image is corrupt. The system cannot boot. Is it possible I missinstall the board causing these errors, help help!!
 

Read other answers
RELEVANCY SCORE 39.6

When I don't mess with the BIOS, I get the error message, "Reboot and Select proper Boot device or Insert Boot Media in selected Boot device and press a key_" If I change HDD priority, I get, "The file is possibly corrupt. The file header checksum does not match the computed checksum."
MoBo: Asus P5e3 Professional (M4A78-E)
Win7 HDD: Western Digital Caviar Blue WD5000AAKS (SATA)
WinXP HDD: Western Digital Caviar Blue WD600JB-00CRA1 (IDE with SATA adapter)


Quote:




Boot Device Priority:
1st: IDE:DVD-ROM DDU164
2nd: HDD:PM-WDC WD600JB or SM-WDC WD5000AAKS

1st HDD: WD600JB
2nd HDD: WD5000A




Outcome: Reboot and Select...



Quote:




Boot Device Priority:
1st: IDE:DVD-ROM DDU164
2nd: HDD:PM-WDC WD600JB or SM-WDC WD5000AAKS

1nd HDD: WD5000A
2st HDD: WD600JB




Outcome: Reached boot selection screen. When OS selected, computer reboots. Screen blank, and computer unresponsive once it reaches the point where the Boot select screen would be.

A:[SOLVED] The file header checksum does not match the computed checksum

I think I know what the problem is. Hopefully, it's just my video card drivers screwing around. If that's the case, I'd just have to enter the OS in safe mode and delete the driver or just format the HDD. The problem is, it won't let me get to any such screen. Either the file is possibly corrupt, or it restarts.

Read other 19 answers
RELEVANCY SCORE 39.6

Hi All,

I have been trying to install Windows 8 64 bit retail version on my PC for the last 6 hours without success . After the 1st part of the install where you choose the disk and partition to install to, then it copies files etc, the PC does a reboot, which is normal for this part of the install. However, I let the boot sequence continue without selecting dvd of course, then it tries to boot from the hard drive but I get an error.

The header checksum for this file doesnt match the computed checksum.
File: \Windows\system32\winload.efi
Error Code: 0xc0000221

My system was previously running Windows 7 Ultimate 64-bit for years without any problems. This is not an upgrade, I am starting from a clean slate with a fresh wiped drive with no partitions.

System specs:

AMD FX-8150
Gigabyte GA-990FXA-D3
8GB DDR3 1333Mhz
XFX Radeon R9 270X
Samsung 840 120GB SSD (Trying to install fresh win8 to this)
Samsung 840 120GB SSD (Unplugged during this install for ease)
WD Black 1TB HDD (Unplugged during this install for ease)

I have tried both SSD's and also another Samsung 500GB HDD all with the same result.

I have tried the following:
- Win8 Install DVD - Automatic repair - fail
- Startup repair - fail
- Bootrec fixboot and fixmbr and BCDBoot commands successfully
- SFC /scannow gets to 100% but reports that its unable to do anything or something like that
- boo... Read more

A:Header checksum of file doesnt match computed checksum

I replaced the Corsair 4x4GB (16GB) DDR3 1333mhz with a set of 2x4gb (8gb) DDR3 1333mhz Elixir ram from my other machine.
The 64-bit DVD booted all the way to the installer this time with bios in AHCI mode and CD/DVD set to Auto/Non-EFI (1st time it has ever worked). The installation went on without a hitch and rebooted fine without a checksum error and I am now using the install to post this message without problems.

The RAM was the problem all along, although worked fine on Win 7 for a couple of years. Just must not like this new system setup.

Thanks to Mike Barnes from tomshardware for the suggestion.

Read other 1 answers
RELEVANCY SCORE 39.6

"Could not measure system memory performance."

So I did something that made something happen again so I need help, again.
I had changed my CPU, motherboard, and RAM; the CPU needed a different socket (2011-3), and so with that new motherboard required different RAM (DDR4)
I'm pretty sure the sudden change in hardware is the cause of this, and a few other things that I'd like to think I had solved by myself.
I have a feeling this is an easy fix, what did I do wrong and what can I do to fix whatever this is?
Thanks in advance.

A:"The Windows Experience Index for your system could not be computed."

With all the new hardware did you do a Clean Install of Windows 7?

Read other 1 answers
RELEVANCY SCORE 39.6

I am posting this as follow up to previous post..
 
Please help as I know I was hacked on windows xp computer. Now I have the windows 8. The security logs earlier said someone was scanning for the account without password. I am not sure how this guest account is enabled in the text files generated. One more thing. My Norton internet addition toolbar has been acting weird. I always enable it, then it gives me prompt to reenable it again and again. While posting this website said that the website is down 11/18/2015 around 12:00 to 12:18 am PST. Also there are lots of strange things going on. It could be from a person in same home too. Please help.
 
*************************************************************************

A:Hacked previously,Am I still Hacked or what(contd to post logs)

Norton Internet security always gets enable prompt on the google chrome. And also in the addition.txt, the guest account is saying limited enabled, Now after posting and in few minutes, when I am on useraccounts, it says that the guest account is off. I am not too sure why my laptop stays on when I get up in morning, I am not too sure whether my laptop didn't turn off.

Read other 2 answers
RELEVANCY SCORE 38.8

Was just recently informed that my debit card was used in over 4 different states. Going to bank tomorrow to sort that out. But just recently saw that my facebook was signed into from Japan. I'm assuming they have most of my info. and would appreciate someone that could help me get rid of whatever they got on my computer. Tried to start malwarebytes to start. No luck. Thank you soo much for your time.

A:Debit Card hacked, Facebook Hacked, etc.

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

Read other 10 answers
RELEVANCY SCORE 38.8

Hi all...

I have the error "........checksum does not match the computed checksum"
I've been trying to research the problem and it seems i need to do a repair from an xp installation disc.

Unfortunatley, i cannot find my disc. I have XP home edition on an Advent laptop.
I have access to a XP professional disc (Dell).

My question is, will I be able to use the XP pro disc to do a repair on my xp home edition?

Thanks.

Read other answers
RELEVANCY SCORE 37.6

My WoW account was recently hacked into. After dealing with blizzard i had my password changed and my account restored. The hacker then hacked my account again and this time changed my Battle.net address along with the password. He also attempted to steal my hotmail at this point in time. I then began to look for keyloggers and viruses with hijackthis and various virus programs including Spybot, Kaspersky, Microsoft Security Essentials, and MalwareBytes. I deleted a bunch of toolbars using hijackthis and am stumbling across various files that i am unsure of. I do not want to mess up my new computer so i am going to stop deleting things until further notice.

A:My WoW account was hacked along with my email. am i still hacked?

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 37.6

1st off let me say THANK YOU in advance for , (1) having this cool site so as to help ppl like me that are not computer savvy. And (2) for actually HELPING us!!!
And now for my question/problem . Is someone trying to hack my system? Or worse, has someone already HACKED MY SYSTEM ? Today Norton security pops up an alert. So as I am reviewing my Alerts from the last 2 days , I see the following ( notice the date the 7th of march. The list is repeated several times on the 8th as well )
&#65279;Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Category
2013-03-07 22:35:54,Info,"Protecting your connection to a newly detected network on adapter \"Teredo Tunneling Pseudo-Interface\" (IP address: fe80::ffff:ffff:fffd%5).",Detected,No Action Required,Firewall - Network and Connections
Protecting your connection to a newly detected network on adapter "Teredo Tunneling Pseudo-Interface" (IP address: fe80::ffff:ffff:fffd%5).
&#65279;Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Subnet Identifier
2013-03-07 22:28:09,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,127.0.0.0/255.0.0.0
Your computer is currently protected from the local network. To allow all the computers on this network to communicate with your computer, in the <b>Actions</b> panel, click <b>Trust</b>. To block al... Read more

A:Solved: my network: HACKED OR NO HACKED?

Read other 6 answers
RELEVANCY SCORE 37.2

My Dell Inspiron 1521 laptop won't get past the Dell logo at startup, resulting in a black screen with the error message:

"The file is possibly corrupt. The file header checksum does not match the computed checksum"

I shutdown my laptop normally last night and booted it up this morning and received this error message. I have not added or changed anything.

So far I've run the Windows hardware and memory diagnostic tool (F12) and there were no errors. I also tried to run the Windows Vista Repair/Reinstallation DVD that came with my laptop; however, none of the repair options will work and the Windows Vista install crashes each time.

Startup Repair provided the following problem signatures:

CorruptBootConfigData

FixPartitionTable

Can anyone suggest how I may begin to recover my laptop?

Help! Any technical assistance would greatly be appreciated.

Noah
 

A:File is possibly corrupt. File header checksum doesn't match computed checksum.

Could be your Hard Drive going faulty
 

Read other 2 answers
RELEVANCY SCORE 36.8

Hi All
New build PC with Windows 7 32 bit, I keep on getting the following error message on start up after 30 mins of shut down ?. The file is possibly corrupt. The file header checksum does not match the computed checksum
 
Then I Alt+Ctrl+Del and the PC fires up ok.
 
The only peripherals connect are mouse, keyboard, and a Monitor, once booted up and running I have used the following to check things out:-
 
Windows Device Manager:- All items are working correctly with no exclamation or question mark warnings. I have update all drivers for all devices.
 
Windows computer maintenance: Again all items check OK and are working.
 
Intel Application Accelerator Raid:- again all Hard drives and their raid configurations all check out as OK.
 
If I restart the PC all is fine, if switch off the PC and restart within 10 to 20 mins all is OK. However if I switch off and re-start after 30 mins the checksum error message reappears.  
 
Any advice or assistance would be appreciatedThanks Zee Man

Read other answers
RELEVANCY SCORE 36.8

A few days ago i recently got the "blue screen of death" for the very first time running windows 7..

Today i left my laptop on and went to sleep when i woke up it was trying to boot...
but was stuck on this error "The header checksum does not match the computed checksum"

I tried booting again but got the same error... i ran ubuntu live cd and tried to save my data files but it wont access my hard drive either... neither can i run recovery since it was also on a partition on the hard drive.

I have an HP Compaq CQ 70..
3GB Ram
Dual Core 2.0
250GB HDD
originally came with vista i upgraded to win 7
Kindly help me recovering the data...

A:Cannot Boot Windows 7 "The header checksum does not match the computed checksum"

If you can't access w/Ubuntu, then it's likely that there's a problem with your hard drive.
Each use of the hard drive increases the chance that you won't recover anything. I'd strongly suggest looking into professional data recovery services - but be aware that they are very, very expensive!

Read other 3 answers
RELEVANCY SCORE 34.8

I was hacked on previous laptop on windows xp. Now I changed my intenet provider and also have resinstalled windows 8 on another 2nd laptop for windows 8. But I believe I am still being hacked. In previous experience, with windows XP, I had traced an internal IP(Say in shared rental situation) and caught incoming connection on zonealarm. But the person reversed the zonealarm attacks saying going from me to other computers(WIn xp). And also, I had put a text file on windows XP of the internal IP Address putting title unauthorized access,and when I opened it few days later, it rather had my internal IP Address(192.168.XX .XXX.).. while going to one of the foreign address, it opened up the pic of shared rent person. But on another time, I found a virtual switch on laptop of another shared rent person in other room. Now I have windows 8. I am not broadcasting my SSID but still have problems of strange things happening.Here is the netstat command. I am not that computer savy at present and please need help as I believe I am still being hacked and my identity and financial accounts may be in danger. Please help guide. I do have the norton internet security installed and live in ca.Proto  Local Address          Foreign Address        StateTCP    192.168.1.101:50487    r3:https               ESTABLISHEDTCP    192.168.1.101:50491    ... Read more

A:Hacked previously,Am I still Hacked or what

Hi,
 
Thats not real useful, need alittle more info.  Need to post a FRST log as a starting point. You can start at step 6 in this link below. Download, install FRST and post its log in your reply and we will go from there: Usually only online once or twice per day so you may not get a reply back from me until the following day.
 
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Read other 2 answers
RELEVANCY SCORE 34.8

Hi guys,
 
Last night i my mouse/screen froze up suddenly for about 5 seconds randomly and then i noticed my internet seemed a bit slower.
 
Call me paranoid but for some reason i started worrying about a hacker, did some research and now i am petrified.
 
I'm running Windows 7 and i did scans with Malware Bytes, Super Anti Spyware and boot time scan with Avast which all showed clean.
 
After i restarted my router/computer things returned to normal. I have Windows firewall running and i am behind a router.
 
The reason i am concerned is that i hadn't patched my Windows 7 OS security updates in ages (have done so now), and i know hackers can exploit these.
 
My question is, would a hacker hack my PC directly and is it possible to view my files remotely without installing malware or a RAT?
 
In other words, what are the chances someone had exploited my PC, took my files but after i restarted they were gone because there was no RAT installed?
 
Please forgive me if this is a dumb question..

A:Likelihood that i was hacked or am being hacked?

Hi ionblue The chances that you were hacked are really slow. It happens on every system and device that sometime, a process crashes, slowing down the whole system and that rebooting it allows it to restart normally. There's nothing wrong with that. This situation is way too common and the possibilities are way too broad to say that you were hacked. In my opinion, you just encountered a random crash, slowness and restarting your system allowed it to restart properly. Simple as that.

Read other 7 answers
RELEVANCY SCORE 28

I have been having problems with my new laptop since i boughy it, screens going black, system failures, icons disappearing, NVIDIA and Intel menu hampering. I did quite a few asus total system recovery, but that did not really help. I did many different AV-scans, nothing popped up. Norton diagnose scan blcks, same with system fragmentation analysis. Norton gave a message it blocked a massive attack. So now i am wondering if if my pc has been hacked. could do with some help. below log of tpc
[System Process] 0 TCP 127.0.0.1 6999 127.0.0.1 50348 TIME_WAIT
[System Process] 0 TCP 192.168.33.103 50356 63.110.246.17 80 TIME_WAIT
daemonu.exe 1828 TCP 127.0.0.1 2559 0.0.0.0 0 LISTENING
daemonu.exe 1828 UDP 0.0.0.0 48000 * *
iexplore.exe 1640 TCP 127.0.0.1 50354 127.0.0.1 6999 CLOSE_WAIT
iexplore.exe 3904 UDP 127.0.0.1 52686 * *
iexplore.exe 3452 UDP 127.0.0.1 57142 * *
iexplore.exe 1640 UDP 127.0.0.1 59416 * *
lsass.exe 644 TCP 0.0.0.0 49155 0.0.0.0 0 LISTENING
lsass.exe 644 TCPV6 [0:0:0:0:0:0:0:0] 49155 [0:0:0:0:0:0:0:0] 0 LISTENING
services.exe 592 TCP 0.0.0.0 49156 0.0.0.0 0 LISTENING
services.exe 592 TCPV6 [0:0:0:0:0:0:0:0] 49156 [0:0:0:0:0:0:0:0] 0 LISTENING
SfCtlCom.exe 1924 TCP 127.0.0.1 37848 0.0.0.0 0 LISTENING
SfCtlCom.exe 1924 TCP 0.0.0.0 49159 0.0.0.0 0 LISTENING
SfCtlCom.exe 1924 UDP 0.0.0.0 40116 * *
SfCtlCom.exe 19... Read more

A:am i hacked

From what you gave it doesnt look like there is anything running that is listening for connections that shouldn't be.

If you think you are infected you may want to follow the steps here:

http://www.bleepingcomputer.com/forums/topic34773.html

Read other 1 answers
RELEVANCY SCORE 28

Hello
My brother got recently hacked on wow probably a key logger of some sort, I ran countless programs for example Malwarebytes, SUPERantispyware, I have spywareblaster, spybot, ad-aware and ran McAfee anti-virus the works got some Trojans removed etc everything all this 100 and 1 programs everything seemed fine we changed the password and everything got items restored then a few days later once again he got hacked and account got temporarily ban and I did all this scan and found essentially nothing! now I installed a random key gen for his account so no worries anymore there but I want to get rid of whatever this may be if it may still be here because I don't want some punk nerd stealing also any other information on this computer and I am trying to prevent a full system wipe so if you can help me that will be great!

Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:33:14 PM, on 12/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
... Read more

A:Hacked on WOW

Hello and welcome to TSF.

No malware is showing in that log, but HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 28

Things to know: I have a cable/router issue that freezes my internet about every 40 seconds/I have 2 hard drivesIt all started when I noticed a few of my desktop icons were re-arranged without my own doing. While I found this quite odd, Vista has been pretty crappy in general. Then I noticed my firefox browser was constantly freezing. Usually my internet connection freezes but this was the first time my actual firefox browser was constantly freezing without a "Not Working" tag from programs such as Adobe. Just plain Google.Then I checked my Facebook log in page and thought this is interesting, the homepage's main language is not English but Thai! Considering I don't speak/read Thai this was quite alarming. I did a system restore to factory default (just C Drive) and I figured my problems are solved. Today I was installing the Orange Box from Steam (counterstrike company) and decided to install only one game out of the five or so I could choose. Oddly enough I'm told that 2/5 games have finished installing when it wasn't even on the install menu!Once again my internet browser "froze" for a bit, this has never happened till recently within 5 years of owning this computer.Am I hacked or just paranoid?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:31:38 PM, on 3/3/2006Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16982)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm... Read more

A:So I think I'm hacked...

Woke up this morning, desktop resolution changed again...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:39:11 AM, on 3/4/2006Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16982)Boot mode: NormalRunning processes:C:\Windows\Explorer.EXEC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Windows\System32\SysMonitor.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Users\Junker\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\DAEMON Tools Lite\DTLite.exeC:\Program Files\Steam\steam.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXEC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Acer\Empowering Technology\eRecovery\ERAGENT.EXEC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Windows\system32\wuauclt.exeC:\Program Files\Trend Micro\HijackThis\HijackT... Read more

Read other 6 answers
RELEVANCY SCORE 28

This is my hijackthis log file. Any help would be appreciated. Thanks in advance.Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 12:43:05 PM, on 4/2/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exeC:\Program Files\DriveHQ\DriveHQ FileManager\DHQFMSvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\LogMeIn\x86\LMIGuardian.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exeC:\Program Files\ATI Techn... Read more

A:I think my pc was hacked

Hello and and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have sinceresolved your issues I would appreciate if you would let me no so I can close this topic.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Please download GMER from one of the following locations, and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zip MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs, as this process may crash your computer.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Double click on Gmer to run it.Allow the gmer.sys driver to load if asked.You may see a rootkit warning window, If you do, click No.Untick the following boxes on the right side of the Gmer screen.SectionsIAT/EATFilesShow AllClick on and wait for the scan to finish.If you see a rootkit warning window, click OK.Push and save the logfile to your desktop.Copy and Paste the content... Read more

Read other 2 answers
RELEVANCY SCORE 28

I'm sure I am being hacked, I keep getting unusual problems(blue screens.auto reboots etc) No new s/w has been installed prior to these problems. I have tried to use spyware but that hangs at a certain point of searching !!! Apart from disabling my internet connection, what can I do ?
 

RELEVANCY SCORE 28

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
 
Alot of my programs will just stop working. Mozilla firefox will momentarily freeze. My facebook account password is being changed by someone else.
 
Reading the forum I found adwcleaner, checkup and Rogue killer..of which I ran according to the directions.  I will post results If I am asked to.  Not sure what else I should post at this time..
 
Thank you Pam
 

A:I have been hacked

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 38 answers
RELEVANCY SCORE 28
Q: Hacked?

i have been recently hacked and a lot of times when i try to do something, the message, "[Security Warning] application cannot be executed. the file (insert file here) is infected. do you want to activate your antivirus software now?" pops up. also, sometimes webpages are blocked and say that they may infect my computer even though they are websites such as Google or Yahoo.

A:Hacked?

Hello and welcome. You dodn't say if this is running XP or another system.Let's do theseReboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next ... Read more

Read other 4 answers
RELEVANCY SCORE 28

hello, I am having a problem staying online I keep getting disconnected from the internet, so I called my isp and he scanned the line and told me that their is something wrong, he said it's either malware or a hacker, I have tried formating my hdd in another pc, and then reinstalling window's xp on it, I still am having this problem, and even as I type this message I have been disconected 5 time's, I have ran avg,malware byte's, and bit defender, nothing work's please help me

Tech Support Guy System Info Utility version 1.0.0.2 OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz, x86 Family 15 Model 4 Stepping 9 Processor Count: 2 RAM: 501 Mb Graphics Card: Hard Drives: C: Total - 76316 MB, Free - 72392 MB; Motherboard: LENOVO, LENOVO Antivirus: None
 

A:being hacked please help me

Read other 16 answers
RELEVANCY SCORE 28

I have a Dell inspiron 530 desktop and have never had any problems with it until last week.

I got a phonecall from my mum asking me why I kept sending her the same email over and over again, i asked what the email was and she said it was a link and that i had sent it to her at least 12 times. When i got home from work i signed into my email account and sure enough "I" had sent the same email to my mum 12 times, i went through my sent folder and it had also been sent to all my contacts multipul times over a period of four days.

That is still happening, i have changed my password etc.

Also, i opened up internet explorer (it also happens on firefox) last night to go to facebook, it loaded up a page about a car firm instead, tried fb again, it open up tescos website?? all in all i tried to get to facebook 6 times and each time it opened up a completly different website.

Now this morning I will be on a website, say for instance this one, and all of a sudden i will get a white screen pop up in the middle of this page and it will load up a random website i have never heard of, i will shut it down, five or ten mins later it will randomly open up another website, they always have numbers in the website address and the page will never load on them, for instance last night it was 546.ca.com/.

i have done scans with AVG which came back with nothing at all.

How do i fix this?

Thank you..

PS, i am new here so sorry if links are not allowed i just wanted to... Read more

A:have i been hacked??

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 28

Hi I hope you can finaly solve my problem. So it all started with my little sister's Stardoll account. She gave someone her pass and all of her account's information. As expected the other girl changed the pass to take the account. I was quick and managed to contact the site and get her account back but now things keep hapening.
I was on my laptop and suddenly a program called LogMeIn took over my computer. I knew what it was and I struggled a bit but in the end I uninstalled it. My family is totaly clueless on how it got there and I believe them cause they dont really know much about computers anyway.Is it possible for someone to install it from afar?
So then my sisters account got hacked again by a group of girls calling themselves "Gurzsec". Every single time we changed the pass they kept finding it again. I ended up changing it everyday but still they managed to get to it. So I changed the account's email to mine hoping it would be safe. But they contacted me and said they were now tracing all my accounts and closing them. They managed to find and delete my Tumblr account and now I fear for my emails.
I did a complete system scan on all household computers. Nothing at all. Only in the chest was a deactivated Trojan with the name Logmein. I deleted that.

Now Im confused. Do they have my IP address? I checked the system for any other spy programs but found none.
Thanks and I hope u will help!
 

Read other answers
RELEVANCY SCORE 28

I think I have a persistent hacker who is somehow accessing my computers. Can anyone look at my TCPview log an help me out? I will attach it.

A:Think I am hacked - Can anyone help?

Attach it please

Read other 12 answers
RELEVANCY SCORE 28

I've been hacked. Files uploads no longer work. Can't get display of files & folders. Scroll as in Yahoo news display also disabled. Adrive - cant get file/folder list. Youtube & tv sites - videos can't load.
Hack did delete a executable file. But also suspect registry problem.
Can anyone suggest where to look?
System restored to before problem started.
Deleted & reinstalled Firefox, java, Shockwave, Flash Player
All related Microsoft Fixit run.
Any suggestions much appreciated. Where do I look next?
Thanks in advance.
 

A:PC hacked HELP please

Read other 9 answers
RELEVANCY SCORE 28

I am new to this site and have been having issues for about one month. Running XPpro.

I have downloaded malewarebytes and gotten rid of some bad stuff. Also, upgraded to Kaspersky, but no viruses found. I can't update to the latest maleware or virus software for either piece of software. Opening and using web pages is difficult at best.

My problem is my download speed on Hughes.net is extremely slow 30-50kps versus the 1000+ that it should be. Was on the phone with hughes.net tech support the other day for nearly two hours and the system is working correctly, just slow. Upload speeds are okay.

Last night I found a subdirectory under the network places 'client network' with a link to Www.mansfieldct.org This is a local government site for Mansfield, CT, but when I go to this site, it changes to a .org site.

The first 'W' is capitalized and the other two are lower case.

I cannot get properties or delete this file.

I also saw briefly two days ago a quick windown popup that stated I had 8 communication ports open. I only have this one computer directly connected to the internet, so I think the site under client network is the bad boy.

I have downloaded Combofix onto a flash drive, from another computer, since I can't do it on my computer, and will run if required.

All my files are backed up.

Any help is greatly appreciated.

I am at work today, and will get back home this afternoon.

Mike

Read other answers
RELEVANCY SCORE 28

guys im new sorry. i duno if ive been hacked or not my brother connected to some vpn server to bypass hulu site. eva since i think my pc has been hacked ive run several programs nothing comes up, bt i want to be sure. please help me out this is my hijackthis log


Logfile of HijackThis v1.99.1
Scan saved at 2:07:08 PM, on 2/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Lexmark 5600-6600 Series\ezprint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PRO... Read more

A:have i been hacked? help me please

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 28

So my parents fell for one of those scams where an individual calls, pretends to be from Microsoft and "needs to update your computer". He got their cc information but also was able to do something to their computer. I told them to disconnect it from the Internet but I'm not quite sure what to do to make sure it is safe to use.

I tried to figure out exactly what happened but it seems like they somehow granted him remote access to the computer and this guy seems to have installed something. If needed, i think I might just run a clean reformat but I want to make sure I don't bring over any corrupted files, etc. I would prefer to just clean the computer but I'm not sure what I should run to scan it, what I should look for and how to tell if it's safe to use.

Any advice would be helpful, thanks so much!

Edit: computer is windows xp.
 

A:Hacked-What to look for?!

Read other 11 answers
RELEVANCY SCORE 28

im being hacked right now. im in safe mode with networking. the hacker opened up websites and disabled my system restore and started closing my programs. what can i do to remove the virus or whatever hes using without reformatting. im afraid to get out of safe mode because he is gonna steal my accounts.


heres a hijackthis log if it helps.

Logfile of HijackThis v1.99.1
Scan saved at 3:51:24 AM, on 2009-09-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\hijackthis_sfx\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-... Read more

A:im being hacked right now

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 28

I have been hacked twice for my WoW account and hotmail and gmail accounts. i do not whats wrong and am at a loss of what to do. please have a look at my logfile.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:57 PM, on 19/9/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\BR040286.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Users\Ybies\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
D:\Trendmirco\HijackThis.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\FPLaunch.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\ATSwpNav.exe
D:\Spybot - Search & Destroy\SpybotSD.... Read more

A:Hacked Twice. Please Help.

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 28

Before connecting to net when I type netstat -a in cmd I get this report:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Subhadeep>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:135 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:445 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:3261 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49152 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49153 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49154 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49155 Subhadeep-PC:0 LISTENING
TCP 0.0.0.0:49156 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:2559 Subhadeep-PC:0 LISTENING
TCP 127.0.0.1:3260 Subhadeep-PC:0 LISTENING
TCP 192.168.1.2:139 Subhadeep-PC:0 LISTENING
TCP [::]:135 Subhadeep-PC:0 LISTENING
TCP [::]:445 Subhadeep-PC:0 LISTENING
TCP [::]:49152 Subhadeep-PC:0 LISTENING
TCP [::]:49153 Subhadeep-PC:0 LISTENING
TCP [::]:49154 Subhadeep-PC:0 LISTENING
TCP [::]:49155 Subhadeep-PC:0 LISTENING
TCP [::]:49156 Subhadeep-PC:0 LISTENING
UDP 0... Read more

A:Hacked Or Not????

you're not hacked, the IP address of the two you suspect are: IP Address Locator - Enter an IP address to find its location - Lookup Country Region City etc

Read other 6 answers
RELEVANCY SCORE 28

 Hi, last night our internet went down a little after midnight. Later, when I looked it was back, but there was a pop up on my desktop. The pop up said:
 
Security Alert
eas.outlook.com
 
Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.
 
x The security certificate was issued by  a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority.
x The security certificate has expired or is not yet valid.
x The name on the security certificate is invalid or does not match the name of the site.
 
I then clicked 'View Certificate' - got a new op up saying:
 
Certificate Information
Windows does not have enough information to verify this certificate. 
Issued to talktalkrouter.Ian 
Issued by: root.home
Valid from 09/08/2014 to 06/08/2024
 
I closed the 'View Certificate' and clicked 'no' on the Security Alert where it said 'Do you want to proceed'.
 
There is no one here called Ian. I am worried someone has tried/ successfully accessed my computer - any advice? I have very little knowledge on this subject. 
 
Thanks!

A:Have we been hacked?

Welcome to BC...
 
Was the bad spelling yours or did you copy exactly what was in the pop up?
 
Suggest you reset your router and then secure it. Found this for you:
TalkTalk Routers - Known issues
TalkTalk Help
 
Resetting your D-Link DI-624 router to the factory settings | FiOS Internet | Residential Support | Verizon
 
How to Make My D-Link Wireless Router Secure | Our Everyday Life
 
If D-Link is not your router's manufacturer then simply do a search for how to reset and secure your brand of router.
 
EDIT: LAN port. Alternatively referred to as an Ethernet port, network connection, and network port, the LAN port allows a computer to connect to a network using a wired connection.

Read other 6 answers
RELEVANCY SCORE 28

First of all, sorry for my english,I'll try to explain the best I can

Earlier today I got hacked. Suddenly, my mouse cursor moved itself and it clicked out of the internetpages and down left to the windows symbol and then clicked shut down computer. I found this very strange, and I know it was a hacker straight away. I turned on the computer right after, trying out some anti-virus programs such as Malwarebytes, AVG an so on. They found no detections.

Then the computer worked as normally in a few hours, at least I tought. But when I tried to launched a game, it went back to the normal page, probably a bad explanation there, but it was like someone clicked the windows symbol down left on the keyboard. (Hopefully that was more understanding). I went in and out of the game automatic.

Then I just installed ZoneAlarm to prevent the hacker of getting on my system. So far it's blocked 162 attempts, in around an hour and it's still going.

I tried to start that game again and now it's working normally. At least ZoneAlarm is blocking the hacker. But is there something I can try to prevent the hacker from trying to access my computer?
 

Read other answers
RELEVANCY SCORE 28
Q: Hacked

My Samsung galaxy s5 has been hacked. On November 8th my phone was hacked. By the 15th of November they had completely taken over my Facebook my gmail an my yahoo. So I bought a new phone a new SIM card got a whole new account. An by the 18th of November they had hacked me again. They have threatened me and my family. Please help. Police can't or won't.Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. As the tools used in Virus, Trojan, Spyware, and Malware Removal Logs are not Android compatible. ~ Animal

A:Hacked

Since criminal activity has been taking place, attempts to mitigate your attacks should be dealt with by law enforcement. Removing possible malware or traces of your attacks could jeopardize your case if law enforcement doesn't see it first. Many local police departments do not have the resources to pursue criminal charges and will do nothing. However there are agencies available to you to pursue charges or be referred for support. Please take a look here for advice: http://www.iacpcybercenter.org/resource-center/incident-reporting/ Seek their guidance before dealing with possible malware remediation here or elsewhere.

Read other answers
RELEVANCY SCORE 28

HI THERE,
MY MSN ACCOUNT HAS BEEN HACKED BUT I DONT KNOW HOW AND WHEN THIS HAPPENED. I VE CONTACTED THE HACKR VIA MSN USING ANOTHER ACCOUNT AND HE ASKED ME BUY HIM SOME MOBILE PHONE CREDIT! I DIDNT DO THAT AS I THOUGHT I WOULDNT BE ABLE TO SEE END OF IT.
MSN SUPPORT TEAM WONT HELP ME BECAUSE I DONT REMEMBER MY PROFILE DETAILS (PROBABLY BECAUSE I DIDNT GIVE THEM CORRECT INFO IN ORDER TO KEEP MY ID SAFE) ALSO I CANT GET NEW PASSWORD BECAUSE HACKER CHANGED THEM ALL. I HAVE READ PREVIOUS POSTS AND DONE HJT SCAN AND DID EVERYTING YOU ASKED TOTHERS MY HJT DETAILS AS FALLOWS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:24, on 07/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS... Read more

A:Msn Hacked

Read other 16 answers
RELEVANCY SCORE 28

Hi
My PC has been hacked .
First on logging into any user account two cmd windows open and then a dialogue comes that your system will reboot for upgrade.
And before reboot my default browser opens and there is a message from the hackers.
The names are Jon Snow on Ygritte I'm Not sure about the second one.
But the PC works fine in safe mode.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 8119 Mb
Graphics Card: NVIDIA GeForce GT 430, -1 Mb
Hard Drives: C: Total - 299898 MB, Free - 80316 MB; D: Total - 653867 MB, Free - 218364 MB; F: Total - 476937 MB, Free - 140598 MB;
Motherboard: Gigabyte Technology Co., Ltd., H55M-S2
Antivirus: None
 

A:My PC is hacked

Greetings Nabull and welcome to Tech Support Guy

My nickname is Ruggie and I will be assisting you in cleaning your computer.
Please be aware I am currently in the final stages of training right now and all my work will be checked by an instructor so there may be a slight delay between posts. The added benefit to this is that you will have 2 sets of eyes looking at your problem so you can be assured you will get the best possible help.
Malware removal can be a long process and will at times get complicated with multiple steps to perform to ensure that your system is no longer infected.
When we start the process, the list of instructions must be followed closely, it may seem difficult at times but it is important that you stay with me until your computer is declared clean.
If you are receiving help elsewhere, please let me know so we can close this thread and help someone else.

Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.

The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.

Please be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.

If at all possibl... Read more

Read other 1 answers