05-04-2011 07:49 AM
05-06-2011 04:14 AM
I just checked with the task manager and I found the following peculiarities:
process SCVHOST.EXE running in SEVEN instances
process ATI2EVXX.EXE running in TWO instances
Is it a symptom of a malware on the machine which might explain the flowwing blue screen errors:
MEMORY MANAGEMENT ERROR
BAD POOL HEADER ERROR
IRQ NOT LESS THAN EQUAL TO ERROR
INADEQUATE DISK SPACE OR MEMORY ERROE
Please suggest with a remedy if it is really a malware issue.
Thank You so much!
05-06-2011 03:24 PM
Those are legitimate files. I cannot tell you if you have a malware problem without doing some diagnostics, and this forum is not set up for that. Try one of the forums I mentioned above. They will have you run some scans and post the log output in their forum so they can analyze them. Give SpywareHammer a try. Usually you won't have more than a 24-hour wait for them to pick up your issue there.
05-07-2011 08:22 AM
Thank you Sir!
I will definitely give Spyware Hammer a try once my exams finish!
Sir, on the 4th of may, my gmail account was accessed from an IP in China(184.108.40.206). I live in India. Obviously my account was compromised! The person sent spam emails to everyone on my contact list as BCC. The spamincluded promotional message(probably spurious). My friends tell me that they recieved a warning message for this email. It said, WARNING! SENDERS ACCOUNT MAY HAVE BEEN COMPROMISED. THIS IS A SUSPCIOUS MESSAGE.
Sir, I have changed my password. But I am still wary of the fact that what all the hacker could have done through my email.
However, I was fortunate as I opened my email within three hours of this unathorosied access and changed the password.
Is this really a scam by hackers in China or is it just a prank played by some intelligent people(probably who know me) by guessing my password and doing it for fun? Also, the account access type through that IP shows "unknown". What does this mean? Is it possible that the prankster masked his IP and used some prank method learnt from the web to do this sort of an act?
Please suggest alternate forum links to sort this out.
I will be obliged to you!
Thank you once again for your prompt help.
05-07-2011 04:12 PM - edited 05-07-2011 04:13 PM
I cannot tell exactly how your system has been compromised unless some diagnostics are run. Perhaps it was just an email hacker. If you are in doubt, and you use your computer for any online transactions (banking, credit card purchases) you might consider that if you do in fact have a random access trojan, a hacker can operate your computer just as if he were sitting in front of it. Hackers can watch everything you are doing on the computer, play tricks, do screenshots, log passwords, start and stop programs.
If you suspect that you had or have one of these you may want to go ahead and backup important files and reinstall everything from scratch. There are so many changes that could have been done if a backdoor was used.
If you decide to proceed with trying to clean the trojan let your helper at the malware removal forum know. IF your logs show that you may have such an infection, he will not guarantee that he will be able to COMPLETELY clean all components of such a dangerous infection.
Here are some informative links to use to help you make a decision:
Danger: Remote Access Trojans
Consumers ? Identity Theft
When should I re-format? How should I reinstall?
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
Rootkits: The Obscure Hacker Attack
Help: I Got Hacked. Now What Do I Do?
Help: I Got Hacked. Now What Do I Do? Part II
Microsoft Says Recovery from Malware Becoming Impossible