Passwords and accounts stolen please help

I hope I can explain this well enough to get help.
I'm running Vista with all updates and Trend Micro . All are updates and scans are run.

I have a few accounts where I do surveys. They require a log in and password. I have changed passwords and email addresses on the affected accounts. I use a Dell desktop and no one but me is ever near it.

Someone has been going into these survey accounts and doing surveys with bad answers forcing me to be dropped from the groups. Also, where I have earned points they have redeemed them. They never take anything for themselves, they donate them or have something silly sent to me.

I have also has passwords changed on my Yahoo and AOL accounts where the passwords were strong.

A Trend scan shows no problems. I used to use Symantec before I had trend Micro and still had the problem.

I ran the recommended programs and the details follow. I had trouble with GMER. It would run when I clicked on it. When I unchecked the boxes as instructed , and clicked scan nothing happens. It does not scan.

Here is what I have from the runs , please help. I've tried everything I know but this is way out of my league. Seems like someone can go into my accounts no matter the password and act as me.

• Edit by bjgarrick: Inline unrequested log removed. READ & RUN ME FIRST sticky not followed.

​

I hope someone can help please. it is like someone can control my accounts.

Thank you,

gerry

 

Re: Desparate!!Passwords and accounts stolen please help

Boy, I really need help. This is scary. I've run all the programs recommended at the settings specified and no problems appear . I've attached the logs I have from the scans.

My problem seems to be unusual. Someone is going into different online accounts I have and messing with them severely.
I have 4 or 5 different reward accounts. I have had points spent on items I did not order, some have been donated but not by me. I have had people answer surveys for me and purposely given bad answers to get me thrown out of the group. I have had panels tell me I resigned from the panel when I hadn't.
It's like someone, knows everything. The panles say they can't understand how this can happen without a password and they are secure.
I've changed passwords, e mail and user names but the problem continues.
This is a desktop that only I use. No one has ever been told my passwords and no touches the computer.

Could there be an external keylogger that can't be detected? if so, what should I do?

I don't know why someone would even bother to do this. They never took money, just ruined my accounts over and over. And it with different companies.

I've attached logs I have. I don't think all scans produced logs. I saw no threats reported.

I run Vista Home Premium and Trend Micro 2009.Always updated.

What else can I do.

Thank you very much.

 

Thank you for the kind reply. Yes, it feels like someone has remote access to the computer. I never used any remote access on the computer.

I'll attach the Malaware and super anti spy log and see if you find anything.

If you don't, I'll go into further detail about the accounts that are affected. It includes my AOL and Juno accounts. On AOL passwords have been reset. Strange thing is when that is done and i can't log in, I log in with the former password and it works. I then change it and it usually it gets changed again. happened on Yahoo sometime back also.
On Juno mail has been deleted and not by me.

I won't take up more of your time now. I'll attach the logs and hope you see something.

It says I've already attached the malaware log when I try to attach it?

 

I've attached the log. sorry for sending the wrong one.

Her's the details you requested
* Is your PC on a network with other PCs? If so are files/drives being shared?

Yes ,to my wife and daughter. They are wireless and I'm hard wired.
No folders or anything like that is shared.
My daughter has no problems and my wife doesn't use it often enough to know.

* Do you have USB/flash drives that you carry from one PC to another?

No

* Do you use or have you ever used any kind of remote desktop or remote login software? If so, was it password protected?

No never used one. Problem sure seems like remote access though.

* Did you ever use a different PC to connect to these sites where your passwords are being compromised? Make sure you think about using public PC like at libraries, hotels, airports...etc.

Yes a laptop 9 months ago in several hotels.

Didn't notice the problem this bad until last 2 weeks. However, I think I there were signs of it as much as 12 months ago. There were some password changes and I was not getting all my mail. I thought it was a glitch at the other end. It was on an older desktop and this one is 6 months old. that's what confuses me. it seems there were signed of the problem last year, but i thought it was just a glitch since it was infrequent and onlt on 2 accounts.


* Also do you have a laptop that you have used to access these sites and where else have you used the laptop? Like what other networks at hotels, wi-fi anywhere especially at an airport.

I only used a laptop in hotels 9 months ago

* Do you play any online games? No


* Do you do any torrent or P2P downloading. No

hope I've covered it all. What makes it hard is I may have had the problem for over a year and on my old desktop without knowing it. when i didn't get mail or passwords didn't work, i was assuming is was at the other end.

Also confusing is this. My password on AOL has not worked every morning this week, I have to use forgot password and reset it. When I look at AOL activity on my account(free account) it seems the password gets chaged at around 10 AM everyday. When it happens on the nest day and i check activity, I see the password change at around 10 AM but the one from the day before is longer on the list even though older records are.


Don't know why someone would be so obsessed with my account. From what I see , this is not happening to anyone else in the mail groups I subscribe to.

I called the survey company Lightspeed to see why I had trouble. They told me I was unsubscribed by an Optimum user. their records did not have an IP address
I use Verizon, not Optimum.

I was able to contact Gongos who sends me mail. They had an IP address showing an attempt to change passwords. It was not mine. It was an Optimum address.

The IP was 68.194.211.122 All I know is that is Optimum and and not me.

Calling Optimum is no help. They say file a report and I will get no further response from them.

Thank you again.

gerry

 

Hi Chas and thank you for the reply.

I have thought I want to pass on to you for your opinion.
My desktop that I use was bought from Best Buy in July 2008. My wife bought and told Best Buy to do their "optimize " thing for $59 before I picked it up.
I told her that was unnecessary since I always clean the junk out of new computer myself. What Best Buy did was install the Premium Vista upgrade at over $200. I called before I went and talked to a tech and explained I did not want that. the salesperson seemed very annoyed but the tech said he could make it regular Vista Home Premium and refund the cost. I aid thanks and fine, do it.

I keep racking my brain who would watch me so often as to intercept certain mail and change passwords. Often surveys i do for industry are corrupted because they get to them before me and give bogus answers. I've seen copies from the research firms.

I also notices in my AOL account where passwords were changed , it sees to happen between 930AM and 1030 AM, just about the time the geek squad would start work..
I know zero about keyloggers but read a little. I opened my keyboard up and saw nothing unusual.

Could some piece of hardware been put in the computer that doesn't show on scans but sends out my keystrokes or data?

It may sound weird and paranoid, but who else sits at a computer all day and may be bored enough to torment me(maybe others?).

I ran the restore factory settings and then reloaded my programs.

did not stop them.

In Friday at about 5PM an auto survey came in. I logged in and saw it was partially completed. iI went to it and saw 1/2 the answers were done. All nonsense, a lot of na ( not applicable) for answers instead of a real replies and if the questions were multiple choice the intruder ran down the list hitting number 1 for all.

This, of course, get me in trouble with the research company.They want detailed analysis.

OK that's the entire weird story. i keep thinking it could be a disgruntled tech who had access to my computer. The hours fit and he's surely be at a computer all day.

I don't think the laptop( my wife's) that I used 8 months back on vacation is the leak. it was scanned and she has no problems I can see. She hardly uses it.

If I'm wrong about best Buy then someone is able to track my moves and read my email from the outside as if i put PC anywhere on it and gave then permission to take over.

Sorry for long reply, but I wanted your advice. Are there keyloggers that can send info out without the intruder ever coming to the computer to download it?

Thank you very much,

Gerry

 

I hope this is the log . it's what comes up on search. Please read the reply I sent right before this about my issue at Best Buy.

Thanks ,

Gerry

I'll try the other programs. I had trouble getting gmer to work. It would scan on gmer.exe and give 3 lines. When i click on scan nothing happens.

 

I am sorry I had trouble finding that log and think this is it. Hope it shows something.

When I tried to run rootkit scanner the computer kept showing a blue screen and said windows had encountered a problem and must close.

I used the Dell utility to reformat the c drive and reinstall everything. That didn't solve the problem.

I sure hope the log helps.

Another question, (maybe dumb) could someone divert my e mail so that when I get mail they get a copy?

Again, I appreciate your help and patience.

 

Hi Chas,

Sorry for missing those questions, I do apologize for not addressing it all.

My provider is Verizon and they were not able to help.

I'm going to go back to question 8 and make sure I get all the questions covered.

I will then from another computer change passwords again and add new e mail addresses.

I do use passwords that are very different. I did reformat and do not use a computer at work

After I do the change again , I will dig out my old laptop and use it instead of this desktop.

I will then report back to you, about the what has happened.

If it's OK with you , this will take some time and I'd like to give you a report when I've done everything you instructed me to do again. Maybe I repeated an error.

I'll start from scratch and see what happens. Whether my news is good or not I'll get back to you about where to go from there.

Hope this is OK with you.

Thank you.

ger