Over 1 million tech questions and answers.

Hacked Computer or Network Computer Crashes

Q: Hacked Computer or Network Computer Crashes

Im running windows 7 64 bit home edition.
I LITERALLY just reformatted my computer and shut it down last night and saw error saying others are using this comp closing will kick them off... I shutdown and rebooted and it took forever to boot up then crashed within 10 minutes of use.
I just reformatted again and its still running slow... I have not added anything but chrome... I am not sure if my network is hacked as other computers I reforamtted are having the same issue....
Please help
I have posted my FRST Log below and have attached the additional log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015
Ran by Will (administrator) on WILL-PC (27-11-2015 09:13:02)
Running from C:\Users\Will\Downloads
Loaded Profiles: Will (Available Profiles: Will)
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.0.30\InstStub.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-21] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QPService] => C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [148888 2009-08-21] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKU\S-1-5-21-734724650-4153314746-2741401117-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-734724650-4153314746-2741401117-1001\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{28EC4CE5-99B7-4C8E-93BD-06555D1DD229}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-734724650-4153314746-2741401117-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKU\S-1-5-21-734724650-4153314746-2741401117-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {35E9167E-0CF1-4A68-ABF3-7AE495F91469} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM -> {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {35E9167E-0CF1-4A68-ABF3-7AE495F91469} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-734724650-4153314746-2741401117-1001 -> DefaultScope {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-734724650-4153314746-2741401117-1001 -> {35E9167E-0CF1-4A68-ABF3-7AE495F91469} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-734724650-4153314746-2741401117-1001 -> {D870C61B-DDD8-4C25-8692-9728BDBCDE59} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-21] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-21] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2009-08-21] (Symantec Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: hpBHO Class -> {ABD3B5E1-B268-407B-A150-2641DAB8D898} -> C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-08-21] (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-734724650-4153314746-2741401117-1001 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-21] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll [2008-10-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-26] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-21] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-26]
CHR Extension: (Google Docs) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-26]
CHR Extension: (Google Drive) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-26]
CHR Extension: (YouTube) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-26]
CHR Extension: (Google Search) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-26]
CHR Extension: (Google Sheets) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-26]
CHR Extension: (Google Docs Offline) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-26]
CHR Extension: (Gmail) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-26]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-08-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\ENG64.SYS [136752 2009-08-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\EX64.SYS [1461808 2009-08-21] (Symantec Corporation)
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-08-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-08-21] (Symantec Corporation)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-27 09:13 - 2015-11-27 09:13 - 00016756 _____ C:\Users\Will\Downloads\FRST.txt
2015-11-27 09:12 - 2015-11-27 09:13 - 00000000 ____D C:\FRST
2015-11-27 09:12 - 2015-11-27 09:12 - 02348544 _____ (Farbar) C:\Users\Will\Downloads\FRST64.exe
2015-11-27 09:09 - 2015-11-27 09:09 - 00010857 _____ C:\Users\Will\Desktop\hijackthis log.txt
2015-11-27 09:06 - 2015-11-27 09:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Will\Downloads\HijackThis.exe
2015-11-27 09:00 - 2015-11-27 09:00 - 00204314 _____ C:\Windows\ntbtlog.txt
2015-11-26 08:49 - 2015-11-26 08:49 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-26 08:49 - 2015-11-26 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-26 08:49 - 2015-06-23 12:30 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-26 08:48 - 2015-11-27 09:05 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-26 08:48 - 2015-11-27 08:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-26 08:48 - 2015-11-26 08:48 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-26 08:48 - 2015-11-26 08:48 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-26 08:48 - 2015-11-26 08:48 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-26 08:47 - 2015-11-26 08:49 - 00000000 ____D C:\Users\Will\AppData\Local\Google
2015-11-26 08:47 - 2015-11-26 08:47 - 00000000 ____D C:\Users\Will\AppData\Local\Deployment
2015-11-26 08:47 - 2015-11-26 08:47 - 00000000 ____D C:\Users\Will\AppData\Local\Apps\2.0
2015-11-26 08:46 - 2015-11-26 08:46 - 00000000 ____D C:\Users\Will\AppData\Roaming\HpUpdate
2015-11-26 08:43 - 2015-11-26 08:43 - 00000000 ____D C:\Users\Will\TCPview
2015-11-26 08:42 - 2015-11-26 08:47 - 00000000 ____D C:\Users\Will\AppData\LocalLow\HPAppData
2015-11-26 08:42 - 2015-11-26 08:42 - 00000000 ____D C:\Users\Will\AppData\Roaming\Macromedia
2015-11-26 08:42 - 2015-11-26 08:42 - 00000000 ____D C:\Users\Will\AppData\Roaming\Adobe
2015-11-26 08:41 - 2015-11-27 09:06 - 00000189 _____ C:\ProgramData\HPWALog.txt
2015-11-26 08:41 - 2015-11-26 08:41 - 00003956 _____ C:\Windows\System32\Tasks\RecoveryCDWin7
2015-11-26 08:41 - 2015-11-26 08:41 - 00003764 _____ C:\Windows\System32\Tasks\Registration
2015-11-26 08:41 - 2015-11-26 08:41 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2015-11-26 08:41 - 2015-11-26 08:41 - 00001443 _____ C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-26 08:41 - 2015-11-26 08:41 - 00001409 _____ C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Roaming\Hewlett-Packard
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Roaming\ATI
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Local\VirtualStore
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Local\Hewlett-Packard_Company
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Local\ATI
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 _____ C:\Users\Will\AppData\Local\QSwitch.txt
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 _____ C:\Users\Will\AppData\Local\DSwitch.txt
2015-11-26 08:41 - 2015-11-26 08:41 - 00000000 _____ C:\Users\Will\AppData\Local\AtStart.txt
2015-11-26 08:40 - 2015-11-26 08:41 - 00000000 ____D C:\Users\Will\AppData\Local\Hewlett-Packard
2015-11-26 08:40 - 2015-11-26 08:40 - 00079864 _____ C:\Users\Will\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-26 08:40 - 2015-11-26 08:40 - 00000000 ____D C:\Users\Will\AppData\Roaming\hpqlog
2015-11-26 08:36 - 2015-11-26 08:36 - 00000000 ____D C:\Users\Will\AppData\Roaming\HP TCS
2015-11-26 08:36 - 2009-08-21 10:45 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials for QuickBooks, Quicken and TurboTax.lnk
2015-11-26 08:36 - 2009-08-21 10:45 - 00000182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Internet Radio.url
2015-11-26 08:36 - 2009-08-21 10:11 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
2015-11-26 08:36 - 2009-08-21 10:11 - 00002270 _____ C:\Users\Public\Desktop\eBay.lnk
2015-11-26 08:36 - 2007-04-18 09:23 - 00001562 _____ C:\Users\Public\Desktop\Try Microsoft Office for 60 days.lnk
2015-11-26 08:36 - 2007-04-18 09:23 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Try Microsoft Office for 60 days.lnk
2015-11-26 08:35 - 2015-11-26 08:35 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cNB_G61 Notebook PC_Y5335KV_0U_QCNF9355587_E575209-001_4A_I363F_SQuanta_V42.12_F.03_T090822_WU3-0_L409_M2813_J250_7AMD_8F62_92.00_#151126_N10EC8136;168C002B_(VM355UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-26 08:35 - 2015-11-26 08:35 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cNB_G61 Notebook PC_Y5335KV_0U_QCNF9355587_E575209-001_4A_I363F_SQuanta_V42.12_F.03_T090822_WU3-0_L409_M2813_J250_7AMD_8F62_92.00_#151126_N10EC8136;168C002B_(VM355UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-26 08:34 - 2015-11-26 08:43 - 00000000 ____D C:\Users\Will
2015-11-26 08:34 - 2015-11-26 08:34 - 00000020 ___SH C:\Users\Will\ntuser.ini
2015-11-26 08:34 - 2015-11-26 08:34 - 00000000 _SHDL C:\Users\Will\My Documents
2015-11-26 08:34 - 2015-11-26 08:34 - 00000000 _SHDL C:\Users\Will\Documents\My Videos
2015-11-26 08:34 - 2015-11-26 08:34 - 00000000 _SHDL C:\Users\Will\Documents\My Pictures
2015-11-26 08:34 - 2015-11-26 08:34 - 00000000 _SHDL C:\Users\Will\Documents\My Music
2015-11-26 08:34 - 2015-11-26 01:25 - 00000000 ____D C:\Users\Will\AppData\Roaming\Media Center Programs
2015-11-26 08:34 - 2012-06-02 17:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-26 08:34 - 2012-06-02 17:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-26 08:34 - 2012-06-02 17:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-26 08:34 - 2012-06-02 17:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-26 08:34 - 2012-06-02 17:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-26 08:34 - 2012-06-02 17:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-26 08:34 - 2012-06-02 17:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-26 08:34 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-26 08:34 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-26 08:34 - 2009-08-21 09:30 - 00000000 ____D C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-11-26 02:07 - 2015-11-26 02:07 - 00000000 ____D C:\ProgramData\ATI
2015-11-26 01:48 - 2015-11-26 01:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-11-26 01:48 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-26 01:48 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-26 01:46 - 2015-11-26 01:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
2015-11-26 01:46 - 2015-11-26 01:46 - 00000000 ____D C:\Program Files (x86)\muvee Technologies
2015-11-26 01:45 - 2015-11-26 01:45 - 00001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slingbox - Watch Your TV Anywhere.lnk
2015-11-26 01:45 - 2015-11-26 01:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sling Media
2015-11-26 01:45 - 2015-11-26 01:45 - 00000000 ____D C:\Program Files (x86)\Sling Media
2015-11-26 01:43 - 2015-11-27 09:05 - 00000294 _____ C:\ProgramData\hpqp.ini
2015-11-26 01:43 - 2015-11-26 01:43 - 00001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Play.lnk
2015-11-26 01:42 - 2015-11-26 01:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2015-11-26 01:42 - 2009-06-24 01:34 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 01060864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 01047552 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 00499712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 00348160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 00089088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
2015-11-26 01:42 - 2009-06-24 01:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2015-11-26 01:40 - 2015-11-26 01:40 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-11-26 01:38 - 2015-11-26 01:38 - 00000000 ____D C:\Windows\system32\SRSLabs
2015-11-26 01:38 - 2015-11-26 01:38 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-11-26 01:38 - 2009-07-21 20:33 - 12158464 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2015-11-26 01:38 - 2009-07-21 20:33 - 03593216 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2015-11-26 01:38 - 2009-07-21 20:33 - 00564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
2015-11-26 01:38 - 2009-07-21 20:33 - 00450048 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2015-11-26 01:38 - 2009-06-25 16:59 - 00160768 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2015-11-26 01:38 - 2009-05-21 16:57 - 00436224 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2015-11-26 01:38 - 2009-03-02 15:58 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2015-11-26 01:38 - 2009-03-02 15:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2015-11-26 01:37 - 2015-11-26 01:38 - 00000000 ____D C:\Program Files\IDT
2015-11-26 01:37 - 2015-11-26 01:37 - 00000000 ____D C:\Program Files (x86)\Atheros
2015-11-26 01:37 - 2009-07-21 20:33 - 01431552 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2015-11-26 01:37 - 2009-07-21 20:33 - 00604672 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2015-11-26 01:37 - 2009-07-21 20:33 - 00487936 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2015-11-26 01:37 - 2009-07-21 20:33 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2015-11-26 01:37 - 2009-07-21 20:33 - 00209920 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2015-11-26 01:37 - 2009-07-08 20:49 - 01484800 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-11-26 01:36 - 2015-11-26 01:37 - 00000000 ____D C:\ProgramData\Atheros
2015-11-26 01:36 - 2015-11-26 01:36 - 00000000 ____D C:\Windows\Options
2015-11-26 01:36 - 2015-11-26 01:36 - 00000000 ____D C:\Program Files\LSI SoftModem
2015-11-26 01:36 - 2015-11-26 01:36 - 00000000 ____D C:\Program Files\DIFX
2015-11-26 01:36 - 2015-11-26 01:36 - 00000000 ____D C:\Program Files (x86)\AMD
2015-11-26 01:36 - 2009-05-23 01:52 - 00215040 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-11-26 01:36 - 2009-03-27 21:12 - 00014848 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2015-11-26 01:36 - 2009-03-27 21:12 - 00013824 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2015-11-26 01:36 - 2009-03-27 21:03 - 00061440 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2015-11-26 01:36 - 2009-03-09 09:49 - 00036408 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-11-26 01:36 - 2009-03-05 17:54 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll
2015-11-26 01:35 - 2015-11-26 01:36 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-11-26 01:35 - 2015-11-26 01:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2015-11-26 01:35 - 2015-11-26 01:35 - 00000000 ____D C:\Program Files\Synaptics
2015-11-26 01:35 - 2009-02-02 21:27 - 07347200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSUSTORicon.dll
2015-11-26 01:34 - 2015-11-26 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-11-26 01:33 - 2015-11-26 01:34 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-11-26 01:33 - 2015-11-26 01:33 - 00000000 ____D C:\Program Files\ATI
2015-11-26 01:29 - 2015-11-26 01:29 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-26 01:29 - 2015-11-26 01:29 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-26 01:26 - 2009-06-10 15:30 - 00048265 _____ C:\Windows\HomePremium.xml
2015-11-26 01:25 - 2015-11-26 01:25 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-26 01:25 - 2015-11-26 01:25 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-26 01:25 - 2015-11-26 01:25 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-27 09:12 - 2009-07-13 23:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-27 09:12 - 2009-07-13 23:45 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-27 09:12 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-11-27 09:10 - 2009-07-14 00:13 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-27 09:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-11-27 09:04 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-26 08:41 - 2009-07-16 18:15 - 00000000 ____D C:\SwSetup
2015-11-26 08:40 - 2009-08-21 08:17 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-11-26 08:36 - 2009-08-21 10:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-11-26 08:36 - 2009-08-21 08:57 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-11-26 08:36 - 2009-07-16 18:15 - 00000000 ___HD C:\SYSTEM.SAV
2015-11-26 08:36 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-11-26 08:36 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-11-26 08:33 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-26 08:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-11-26 02:15 - 2009-07-25 01:11 - 00000000 ____D C:\Windows\Panther
2015-11-26 02:15 - 2009-07-13 23:45 - 00328184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-26 02:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-11-26 01:49 - 2009-08-21 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-11-26 01:49 - 2009-08-21 08:19 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-11-26 01:47 - 2009-08-21 11:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2015-11-26 01:47 - 2009-08-21 08:57 - 00000000 ___HD C:\HP
2015-11-26 01:45 - 2009-08-21 10:11 - 00000000 ____D C:\Windows\Downloaded Installations
2015-11-26 01:45 - 2009-08-21 09:30 - 00000000 ____D C:\ProgramData\Temp
2015-11-26 01:45 - 2009-08-21 08:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-26 01:43 - 2009-08-21 09:53 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-26 01:42 - 2009-08-21 10:11 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-26 01:29 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-26 01:27 - 2009-08-21 08:55 - 00000012 _____ C:\Windows\CSUP.txt
2015-11-26 01:25 - 2009-07-14 00:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-11-26 01:25 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-26 01:25 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-26 01:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
 
==================== Files in the root of some directories =======
 
2015-11-26 08:41 - 2015-11-26 08:41 - 0000000 _____ () C:\Users\Will\AppData\Local\AtStart.txt
2015-11-26 08:41 - 2015-11-26 08:41 - 0000000 _____ () C:\Users\Will\AppData\Local\DSwitch.txt
2015-11-26 08:41 - 2015-11-26 08:41 - 0000000 _____ () C:\Users\Will\AppData\Local\QSwitch.txt
2015-11-26 01:43 - 2015-11-27 09:05 - 0000294 _____ () C:\ProgramData\hpqp.ini
2015-11-26 08:41 - 2015-11-27 09:06 - 0000189 _____ () C:\ProgramData\HPWALog.txt
2015-11-26 01:45 - 2015-11-26 01:45 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-21 10:00 - 2009-08-21 10:01 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-11-26 01:44 - 2015-11-26 01:44 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-21 09:54 - 2009-08-21 09:56 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-11-26 01:43 - 2015-11-26 01:43 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2015-11-26 01:44 - 2015-11-26 01:44 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-08-21 09:53 - 2009-08-21 09:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-08-21 09:56 - 2009-08-21 10:00 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-11-26 01:45 - 2015-11-26 01:45 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
 
Some files in TEMP:
====================
C:\Users\Will\AppData\Local\Temp\HPQSi.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-26 09:32
 
==================== End of FRST.txt ============================

RELEVANCY SCORE 200
Preferred Solution: Hacked Computer or Network Computer Crashes

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Hacked Computer or Network Computer Crashes

Hello youngwill and welcome to Bleeping Computer.
My name is Satchfan and I would be glad to help you with your computer problem.Please read the following guidelines which will help to make cleaning your machine easier:
please follow all instructions in the order posted
please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
if you don't understand something, please don't hesitate to ask for clarification before proceeding
the fixes are specific to your problem and should only be used for this issue on this machine.
please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!
IMPORTANT:
Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested
===================================================Note: Please carry out these instructions in the order given.
===================================================Reset the Router
Let’s try to reset the router to its default configuration.
this can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labelled "reset" located on the back of the router.
press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
if you don’t know the router's default password, you can look it up. here
you also need to reconfigure any security settings you had in place prior to the reset.
you may also need to consult with your Internet service provider to find out which DNS servers your network should be using.
Note: After resetting your router, it is important to set a non-default password, and if possible, username, on the router. This will assist in eliminating the possibility of the router being hijacked again.Flush the DNS
Now lets flush the DNS on the computer:
hold down your Windows key and press R
a “run” window will appear
type in cmd and press Enter
a black window will open
please enter the following text into that window and then press Enter:
ipconfig /flushdns
 
Note There is a space after “ipconfig” and before the forward slash.
===================================================Download and run AdwCleaner
Download AdwCleaner from here and save it to your desktop.
run AdwCleaner
when it has finished, select Clean
if it asks to reboot, allow the reboot
on reboot a log will be produced; please attach the content of the log to your next reply.
===================================================Download and run Junkware Removal Tool Please download Junkware Removal Tool to your desktop.
shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.
===================================================Run Farbar Recovery Scan Tool
Please run FRST again and post the new log plus the Addition.txt log which was also produced with the first run of FRST.Logs to include with next post:AdwCleaner log
JRT.txt
Frst.txt
Addition.txt
Thanks
Satchfan
 

Read other 12 answers
RELEVANCY SCORE 62

I just upgraded my board and processor, ECS PT800ce-a and intel 2.4 chip. I did a fresh install of the os and i keep having this problem where if i have any major type of network traffic, ie. downloading or network sharing, the machine will freeze. Ive replaced the network car and disabled the onboard nic as well. I'm not sure if it's a question of the motherboard or software. I am running XP Pro SP2 and did not have these issues before on my athlon system.

Read other answers
RELEVANCY SCORE 62

I've been having some really weird problems over the past few weeks with my computer freezing. At first I thought it was a virus or something and I ran all the virus scans I had. Turns out i didnt have any. I tried pretty much everything else but the darn thing would freeze randomly varying from 5 minutes - 1 hour. So then I started taking out all my hardware. By luck of the draw the first thing I took out was the network card. I then turned back on the comp removed it and WOW! The thing doesnt freeze up on me anymore. Any idea to as why it now works? Bad card maybe?
 

A:Network card crashes my computer!

Read other 6 answers
RELEVANCY SCORE 62

Hello!
Well, this time I can't do anything about my computer and I do need some help. This is just too much (maybe I should switch back to typewriters after all?).
It started a few days ago. I hadn't installed anything new, nothing was changed. I turned on my computer, the internet didn't work. I knew it was the computer's problem as everything was fine with the network. Never mind, worked on other stuff, restarted my computer later, the internet came back (it happens sometimes) BUT the whole thing started. I turn on my computer, it works for some 5-10 minutes and then restarts. All the time. I did some research, the BSOD kept repeating something about some network adapter related system files, tried everything, updated all the drivers, rolled them back and reinstalled, nothing changed, it just kept crashing with the same DRIVER_IRQL_NOT_LESS_OR_EQUAL with random stop messages (changing all the time). Sometimes even the DRIVER and system file wouldn't appear. Now I'm becoming desperate. And guess what - not a single problem in Safe Mode! Like the network card wouldn't be used in Safe Mode as well! BTW, once I started it the normal way, the internet was down but the computer didn't restart! I'm so confused. At least I can still use the computer in Safe Mode but that isn't much fun! Please, pretty please, would you help me?

Windows XP Professional SP2
AMD Athlon XP 2200+
1.79 GHz, 256 RAM

Read other answers
RELEVANCY SCORE 61.2

When ever I try to access My Network in Win XP Pro SP2 it either crashes My Computer or takes up to 2 minutes for this to load. Is this a common problem in windows? I have 1 other computer (ibook) on the network at all times, and occasionally I have a 2nd laptop connected wirelessly. I can't seem to find the cause for this problem.

I did notice the other day my network speed was very slow, around 4kbs, so I switched both network cards on my computer, and the one on the ibook, to 100 full duplex and that made things go a little faster at 300kbs. Considering the network is a 100mbit network I'd think the speeds should be a little faster then that. Is this a sign that there is something wrong with the networking settings in XP?
Thanks
Jeff
 

Read other answers
RELEVANCY SCORE 61.2

I have 2 Intel 5100 AGN network adapters.  Until today I had just the one but I took one out off a doner machine I have.  I want to to ICS to my phone with the second card so I installed it into the secondary port beside the existing card.  The computer runs fun but when I try to enable the 2nd card in network menue or device manager the computer crashes stating IRQL Not Less Than Or Equal ...  The computer is a Gateway p7811FX   windows 9
013016-23718-01.dmp    
1/30/2016 10:22:17 PM    
DRIVER_IRQL_NOT_LESS_OR_EQUAL    
0x000000d1    
00000000`00000016    
00000000`00000002    
00000000`00000000    
fffff800`cb3eec68    
NETwNs64.sys    
NETwNs64.sys+1d6c68    
Intel® Wireless WiFi Link Driver  
Intel® Wireless WiFi Link Adapter    
Intel Corporation    
14.2.1.2    
x64    
ntoskrnl.exe+14e2a0                    
C:\Windows\Minidump\013016-23718-01.dmp    
2   
15    
9600    
303,480    
1/30/2016 10:23:11 PM    
 

Read other answers
RELEVANCY SCORE 61.2

Background
I've got two computers networked via a crossover cable. One is a Dell Dimension desktop PC running Windows 98. The other is a Dell Inspiron notebook PC running Windows XP Professional.

They used to talk to each other without any problems, and I was able to transfer large quantities of data backwards and forwards between the two hard drives. (Useful for making back-ups.)

The Problem
The computers can still see each other via the network, and I can use Windows Explorer on either computer to look at the other computer's shared folders. However, when I try to transfer any significant amount of data from one computer to the other the desktop (Windows 98) computer crashes.

It doesn't seem to make any difference whether I initiate the data transfer from the desktop computer or the notebook computer. The data transfer seems to go okay for about 5 - 10 seconds and then the desktop computer goes down.

Other information
The network adapter in the desktop computer is a Netgear FA311/FA312 PCI Adapter.

One change that happened in the interval between the network working and the current problem is that the desktop computer now has a Broadband Internet connection via a SpeedTouch USB ADSL PPP adapter. Could that be contributing to the problem?

Question

What should I try?

Is it worth uninstalling and re-installing the network adapter card in the desktop PC?

Is there anything that I can do to try to diagnose the cause of the crashes?

Alastair_M
 

A:Network data transfer crashes computer

Read other 6 answers
RELEVANCY SCORE 60.4

I previously had issues with my HP Pavilon laptop (not having correct drivers etc). I now have Atheros ar5007802.11b/g wireless driver and nvisia nforce networking controller.

I can successfully see all available networks however when I try to connect to one my computer instantly crashes and I am forced to restart it.

This can't be a hardware issue as I can successfully connect to the network when I boot my laptop in safe mode with networking.

Does anyone know what may be causing this? I.E. a driver clash

Thanks
 

A:Solved: COmputer crashes when attempting to connect to a network

Read other 16 answers
RELEVANCY SCORE 59.2

I have FINALLY got to the bottom of why my PC is freezing, after weeks of trial and error. It runs perfectly normally when I unplug the Belkin USB Wireless adapter. Is there a way of repairing this? Do I need to download something to stop it from happening?
 

A:Solved: Computer crashes when Belkin Wireless USB Network Adapter is plugged in

Read other 13 answers
RELEVANCY SCORE 56.8

Dear Bleeping Computer,
My computer has recently been infected with viruses...I seem to have gotten everything off of the computer using nortan, antimalwarebytes, avg, bitdefender, and superantispyware. However, there still appears to be a trojan on the computer because someone can control my computer externally...I need your help to get rid of this problem...I have already scanned with hijack this and I am prepared to upload a log...Please reply soon

Read other answers
RELEVANCY SCORE 55.2

Hi,
 
I am currently experiencing a problem that started just a few days ago where the svchost.exe process keeps taking up memory on my computer even when there isn't anything active and continues to grow to taking up to 99% of memory before it crashes/freezes the computer and it has to be restarted then several times a day to clear the memory back down but within a few hours or sometimes less the memory will get exhausted.
I was able to download the FRST tool and I have the following results, so hopefully this will help someone to be able to help me with the following problem:
 
Thanks for your help, time and efforts it is appreciated and here are the following 2 logs from FRST:
 
 
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by Joellen at 2014-09-26 19:04:45
Running from C:\Users\Joellen\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Internet Security 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 (Enabled) {621CC794-9486-F902-D092-0484E8EA828B}
==================== Installed Programs =======... Read more

A:Svchost.exe Extreme Memory Usage Crashes Computer When Computer Idle

Hi there,please run Combofix:Please download Combofix (by sUBs) and save it to your Desktop.Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.Start Combofix.exe and follow its instructions.Do not use the computer while the scan is running. This may cause the program to stall.When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).Please copy and paste the contents of this file into your next post.Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.(You can find more detailed instructions in this guide on using Combofix.)

Read other 13 answers
RELEVANCY SCORE 55.2

Svchost.exe Extreme Memory Usage Crashes Computer When Computer Idle
I am currently experiencing a problem that started just a few days ago where the svchost.exe process keeps taking up memory on my computer even when the computer is idle and continues to grow to taking up to 99% of memory before it crashes/freezes the computer and it has to be restarted several times a day to clear the memory back down. However sometimes when I restart the computer within an hour or a couple of hours or sometimes less the memory will get exhausted again.

One special note is that since my Windows 7 OS was preinstalled on my HP computer, I do not have access to the original Windows DVD and the DVD drive on my computer is currently broken and is unable to be used.

I downloaded the TSG SysInfo tool and the FRST tool with the following results.

I was able to download the FRST tool and I have the following results, so hopefully this will help someone to be able to help me with this problem it seems to be getting worse as time goes on eating up memory.

Thanks for your help, time and efforts it is appreciated and here is the TSG SysInfo and the following 2 logs from FRST:
Here is the TSG SysInfo

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2600S CPU @ 2.80GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 8174 Mb
Graphics Card: AMD Radeon HD 6570, 1024 Mb
Hard Drives:... Read more

A:Svchost.exe Extreme Memory Usage Crashes Computer When Computer Idle

Read other 16 answers
RELEVANCY SCORE 55.2

Every time when I try to open My documents, or My computer, control
panel, search, or any folder on my desktop, my computer crashes. It
says, on a blue screen(!) something like this:

"A problem has been detected and windows has been shut down to prevent
damage to your computer.
If this is the first time you have seen this Stop error screen,
restart your computer. If this screen appears again, follow these
steps:
Check to be sure you have adequate disk space. If a driver is
identified in the Stop message, disable the driver or check with the
manufacturer for driver updates. Try changing video adapters.
Check with your hardware vendor for any BIOS updates. If you need to
use Safe Mode to remove or disable components, restart your computer,
press F8 to select Advanced Startup Options, and then select Safe
Mode.

Technical Information:

*** STOP: 0x0000007E ( 0xC0000005, 0x804EB951, 0xF62A1BB4, 0xF62A18B0)

Beginning dump of physical memory.
Physical memory dump complete.
Contact your system administrator or technical support group for
further assistance."
--------------------------

After I press restart and windows start up, a pop-up window comes up,
it says that my system has been recovered from a serious error.

BCCode : 1000007e BCP1 : C0000005 BCP2 : 804EB951 BCP3 :
F8965BB4
BCP4 : F89658B0 OSVer : 5_1_2600 SP : 2_0 Product :
256_1

And this in the report...
C:\DOCUME~1\Josip\LOCALS~1\Temp\WER66a3.dir00\... Read more

A:[SOLVED] Can't open My Computer/Documents/Control Panel -computer crashes

Hi Anamarija and welcome to TSF !

Does the problem also happen in safe mode ?

Unplug all your USB devices. Use a PS/2 mouse and keyboard for the time of the troubleshooting.

Go to start => run and type chkdsk c: /R. You'll be prompted to restart the computer. Tell us if it finds any errors on the hard drive. If you couldn't see the scan's results you'll find them in the event viewer under application in the latest winlogon entry (click on the title of the source column to sort them alphabetically).

Did the BSOD or the errors in the eventviewer mention any .exe, .dll or .sys file ?

We'll need the .dmp files that you'll find in c:\windows\minidump, problem is you may not be able to browse your drive to zip and attach them with your computer. Copy them to some floppy or usb drive using the command prompt : start => run => cmd. Type copy c:\windows\minidump\*.dmp x: x being the volume letter that corresponds to your usb or floppy drive. Then with another computer zip them and attach the .zip file to your next post using the manage attachments button.

Double click the errors in the event viewer, click on the third button on the right (this copies the information in the memory) and right-click => paste the complete error message here.

Go to start => run and type devmgmt.msc. See if there are any devices with a red cross, yellow exclamation point or whatever in front of their name. If you find anything related to your webcam then right-click =>... Read more

Read other 6 answers
RELEVANCY SCORE 55.2

My computer crashes every so often when I leave it idle and says this and reboots. Its been doing it ever since I reformatted my computer.
 
http://postimg.org/image/euxq6llfp/
 

Read other answers
RELEVANCY SCORE 55.2

I have been having a long running problem with my computer. It started out as a lack of internet access which turned out tI o be a bad virus. I fixed that problem by doing a complete reformat of my system. I thought that that would fix the problem and it did for a bit.

After a week or so I started having BSOD. I went to a computer shop and we went to work on the issue. The BSOD's were showing that there was an error with my sata connection. I replaced the cables. The problem kept happening, so I replaced the motherboard and hard drive with a complete reformat again. Then I continued to have the same issues which included crashes, disappearing icons, weird error messages (x86 errors) and once in a while a BSOD. The BSOD's all say there's still an error with the sata connection.

I then decided to replace the power supply and upgraded to an evga 1300 watt. I replaced my case as well to a bigger one. I even replaced the ram sticks That seemed to fix the problems for a while and the BSOD's became very rare, but after a lot of use the weird error messages became very common. I really can't use the computer any more. I'm typing this on my laptop.

The computer shop I go to say's this is probably a hardware issue. They can't seem to figure it out. I've had it in multiple times. This is a nightmare for a computer owner. I have replaced virtually all the parts and my computer is still utterly unusable. The only program I installed since the last reformat wa... Read more

A:Disappearing Icons, Computer Crashes, BSOD, computer unusable

Holy.....
uh...
Why don't you just buy a new one! WOW.. Sorry..
Well, you SHOULDN'T have played with drivers...That is what's up.
Tried re-formatting AFTER doing those changes?
That computer shop owner though...I don't know what to say.
1) try reformatting to a version that is supported by the bios..(Check if it supports x64)...(fully ready)
2) post every error you get and attempt to find solution to each one. (Getting tired)
3) Can you mention WHEN did certain errors happen? before...after changing Processor and Graphic Card? (Getting worried)
4) Try lots of thing on the web. (hope time)
5) Revert back to the old virtual stuff. (shameful return)
6) take off the good pieces and attempt to use it on another computer or sell it. (Hopeless)

Read other 9 answers
RELEVANCY SCORE 55.2

This afternoon, my computer began crashing whenever I try to open one of the more important files, like my computer or the control panel. Everything works correctly on safe mode, and I've tried driver verification, but there's upwards of 200 unregistered drivers, so I'm not entirely sure what to do. Are there any drivers I should look for to move away from the system32 folder? Or is there any other way to solve this?

Also, I haven't installed any new software recently.

Thanks,
Matt

Read other answers
RELEVANCY SCORE 54.4

So I have recently bought a Samsung 850 Evo 120 GB ssd drive. My HP computer now has a 1TB hitachi hard drive and a ssd drive. The computer loads from the SSD drive. To try and maintain space, I have tried to download MS Office on the HDD. But when I install office, while in the middle of installing, my computer always crashes. This has happened on all three of my attempts to install office so far. Is there any reason why I should not be able to install office on the HDD or do I have to install it on the SSD?

Thanks in advance for the help!

A:Computer crashes while installing MS Office on a Computer with 2 drive

It's always best to have your programs loaded onto the Windows drive, which in your case is the Samsung SSD.

It would be best if you could supply a screen shot of Disc Management making sure it covers all discs & the information. This will show if you have any other problems.

This tutorial shows how to do a screen shot.

Disk Management - Post a Screen Capture Image

Read other 9 answers
RELEVANCY SCORE 53.6

Have a dell xps 12, a few days ago, I was having some serious wireless communication issues and after several reboots, it stopped, but from that point forward when it tried to sleep it crashed.

I had previously installed then turned off netgears parental controls (and have since removed).

Get several errors in log:
mDNSCoreReceiveResponse: Unexpected conflict discarding 21 102.1.168.192.in-addr.arpa. PTR JAK88-LT-WIN8.local.
mDNSCoreReceiveResponse: Received from 192.168.1.102:5353 23 102.1.168.192.in-addr.arpa. PTR JAK88-LT-WIN8-2.local.
Report Server Windows Service (KINZERDB) cannot connect to the report server database.
I can include a memory dump as well, but its huge.

A:BSOD - Computer sleeps - computer crashes

Hi Jeffkinzer & Welcome to the forums ^_^,

I have analysed your dump files and below has been provided an analysis of the same for informative purposes :-

Code:
0: kd> !irp ffffe001637263e0
Irp is active with 5 stacks 3 is current (= 0xffffe00163726540)
No Mdl: No System Buffer: Thread 00000000: Irp stack trace.
cmd flg cl Device File Completion-Context
[ 0, 0] 0 0 00000000 00000000 00000000-00000000
Args: 00000000 00000000 00000000 00000000
[ 0, 0] 0 0 00000000 00000000 00000000-00000000
Args: 00000000 00000000 00000000 00000000
>[ 16, 2] 0 0 ffffe00158780050 00000000 00000000-00000000
Unable to load image \SystemRoot\system32\DRIVERS\NETwbw02.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for NETwbw02.sys
*** ERROR: Module load completed but symbols could not be loaded for NETwbw02.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ndis.sys -
\Driver\NETwNb64
Args: 00014400 00000000 00000004 00000002
[ 16, 2] 0 e1 ffffe00158789040 00000000 fffff80153591f48-ffffe00169fa7010 Success Error Cancel pending
*** ERROR: Module load completed but symbols could not be loaded for vwifibus.sys
\Driver\vwifibus nt!PopSystemIrpCompletion
Args: 00014400 00000000 00000004 00000002
[ 0, 0] 0 0 00000000 00000000 00000000-ffffe00169fa7010
Args: 00000000 00000000 00000000 00000000


The driver causing the IRP Blockage is the Intel Wireless Network C... Read more

Read other 3 answers
RELEVANCY SCORE 53.6

here's my dds log i had to go into safe mode to run the program
please help thanks
crazed43


DDS (Ver_09-03-16.01) - NTFSx86
Run by crazed_laptop at 2:29:11.46 on Mon 05/04/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_12
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3062.1811 [GMT -7:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated)
FW: COMODO Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\... Read more

A:computer wont sutdown/ computer crashes

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 53.6

I was using my microsoft office word program, and it all of a sudden went funky, like short circuiting out, then a blue screen popped up saying that the program I was using was bad and causing my computer to crash, so my computer was shutting down before it crashed. Then it shut down and came back up asking if I wanted to go back to a restored or previous thing, something like that, (a restore point), and it said it would probably turn off and on several times through out and could take several minutes, then the computer turned off and back on and the screen would not turn on... I have a dell all in one computer, so I do not have a separate tower from my monitor. What happened? How can I fix this? Any one out there have any ideas? I was not even on the internet at the time.
 

A:Got a bad program, shutting down computer before computer crashes... help

When you first turn it on, can you see the Dell logo?  If so, does it show the Windows logo after that?
Do you recall details of what the blue screen said?
 
If you can see the Dell logo, then try these free, bootable diagnostics:  http://www.carrona.org/initdiag.html
You can press F12 to get to the boot menu in order to boot from the CD/DVD drive.

Read other 16 answers
RELEVANCY SCORE 52.8

Good day all,

For some reason, I have a feeling that my computer has been hacked..

Can someone advise any procedures to qualify if my paranoia is legitimate?

I have BitDefender installed.

Any support will be greatly appreciated.
Sent from my iPhone using Tapatalk
 

Read other answers
RELEVANCY SCORE 52.8

Ok, I'm pretty sure a virus has infected my laptop, I tried to turn it on today and when I logged on it says that the computer has been locked and I need an admin password, I click on "get password" and it takes me to one of those sites where you have to do a survey to get the download. I can't open task manager or even the start menu to try to get rid of it. The program name is called install.exe which I know is a virus program, i don't know how it got on my computer though. I've been trying to start in safe mode but I can't seem to get it to work. I managed to get around it to open this web browser and hopefully find some help. If I have to do a system restore I would gladly do that but I can't because of the program and I don't think I have a CD or anything to do it. I can't download anything since it says that I don't have permission which I have never had on my laptop. My laptop is a Gateway NV76R series with Windows 8. If anyone can help I would gladly appreciate it.

Read other answers
RELEVANCY SCORE 52.8

Hi, I think my computer's been hacked because my two credit cards have been compromised. Either that or someone stole my number when I went to Canada. I ran hijackthis.exe and tried to solve the problem. I used to do it by myself and when I looked at it, it looked normal. I'm just wondering if the experts here could point out the obvious if I really got hacked or my laptop is clean. Thanks for your time.p.s. The BHO looked somewhat suspicious but I ran it on the list and it's not there.. I don't know if I'm doing something wrong.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:14:29 PM, on 3/24/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\McAfee�... Read more

A:Computer hacked?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

Read other 2 answers
RELEVANCY SCORE 52.8

i was browing internet as usual, went to eat lunch come back. my computer was not responding so i tried to restart it but the screen didn't come up. there seems to be power going through the tower. high picth intermediate peeping coming from the tower. i turn of the tower, the loud noise stop and turn on the computer the noise occur again. it has been like that for a few day. i finally stop using it. and a week after that i turn it on again. it works like just fine.

does it seems like something hecker would to to others? i don't believe the computer heals itself. please enlight me !!!!!!!!

A:has my computer been hacked?

Sounds like an hardware issue.

Here's what you can do....

AdAware SE v1.06

Download, install, update, configure and run a scan with Ad-aware SE v1.06:Download and Install AdAware SE Personal, keeping the default options. However, some of the settings will need to be changed before your first scan.
Close ALL windows except Ad-Aware SE.
Click on the ‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:In the ‘General’ window make sure the following are selected in green:Under [Safety]:Automatically save log-file

Automatically quarantine objects prior to removal
Safe Mode (always request confirmation)

Under [Definitions]:Prompt to update outdated definitions - set the [number of days]
Click on the ‘Scanning’ button on the left and select in green:Under [Driver, Folders & Files]:Scan Within Archives

Under Select drives & folders to scan:choose all hard drives

Under [Memory & Registry]: all greenScan Active Processes
Scan Registry
Deep Scan Registry
Scan my IE favorites for banned URL’s
Scan my Hosts file
Click on the [‘Advanced’] button on the left and select in green:Under [Shell Integration]:Move deleted files to recycle bin

Under [Logfile Detail Level]: all greeninclude add... Read more

Read other 1 answers
RELEVANCY SCORE 52.8

Hello everyone!

I was playing this game yesterday. And we had an argument. We were talking about the system and stuff. There were 2 hackers in the room, well I don't really know them. I've never talked with them before. So it was my first time. Well basically, my opinion was different than their opinion. I didn't really think that they could go this far? But well... CMD (Command Prompt) popped up randomly. And then this text came up. "*my opinion here*, huh?". Seems like they just didn't like my opinion. And decided to hack into my computer or what?

No I didn't click on anything. It just randomly popped up. Which made me get worried. So I looked it up and found a video about how to get into someone else's computer with CMD stuff... I have no idea how that works. And I don't want to know. I guess that's how he did it?

After that, I called my friend and told her what's just happened. We laughed. Everything was good... But then I got a notifation from my iCloud. "You've entered an incorrect password..." I wasn't even doing anything. So I checked the hacker's Twitter. I found out that he tries to guess the passwords. And then he gets their pictures... Leaks them on his Twitter.

And my computer lags sometimes... I don't know why. It didn't happen before. So how do I know if he's spying on me for fun?

--I know my English isn't that good, but I tried my best.

A:How do I know if my computer has been hacked?

My first educated guess at a first solution set:
-- cease all communications and game-playing with these two alleged hackers
-- cease all game-playing and chat-rooming at that particular and all such online sites, for now
-- cease all communications with anyone you do not really know as a trusted friend on social media, for now
-- if you are not adept at computer security and/or anti-virus/anti-malware-fighting, find a local computer guru that you trust, and let him/her guide you through acquiring, installing, shields-setup, running scans, to eliminate any foreign utility or program that can even remotely carry on viri and/or malware [think "Darth Vadar/Death Star" activity] on and/or from within your computer.

Here is a solution set that must be done TODAY, TOMORROW, this week:
Create an old-fashioned notebook [that will reside in a locked drawer or lockbox when not in use], grab a pen and pencil, begin exact and accurate printing of ALL usernames and passwords of any kind
THEN, begin the process of changing your passwords to strange un-easily-guessable combinations of capitol and small letters, numbers, no spaces for each and every account beginning with your Windows, your email accounts [!email acct passwords MUST be changed immediately!], and continue until all of your accounts have much stronger, much longer, much more secure passwords than ever before.

Have you been making any kind of routine, current, backups of your OS and data? If not, have the above-m... Read more

Read other 1 answers
RELEVANCY SCORE 52.8

I read on the forums that Windows XP have been hacked. Mine was one of those. I would like to know if there is a website I can go to to report this to Microsoft. Also someone told me how to unregister something to get rid of the help/support website in order to temporily get my computer up and running until microsoft fixes the problem. Is there anyone that can help. My computer takes me to AV Security to purchase and put in my details as to my credit card. It will not allow me to execute anything. Not even system restore. I cannot use it at all. I don't know when microsoft will fix this problem. Again, someone on the forum told me to unregister NCP or something like that. I can't seem to find the answer on any of the forums.
 

A:My computer has been hacked

Read other 16 answers
RELEVANCY SCORE 52.8

Alright here's the story. The other day I got on my computer and these warnings from my virus programs kept popping up saying I had a virus. The virus it found I believe was called Cyberlog X. Well I tried to run the virus program, but then my computer shutdown for no reason. I turned it back on and since then I get these spam email pop-ups from avast antivirus asking me if i want to send the emails. Yesterday they tried to send tons of emails from my computer. I believe someone is using my computer to send spam emails. I ran a virus check and it found about 10 viruses, since then the emails don't pop up anymore. Its even worse though, now my internet is really slow and my router has trouble connecting to DNS. It took me about 10 minutes to get to this page, alot of times it doesnt find the page and i have to keep refreshing until the page loads. My xbox 360 can't connect to the internet, it says its because of my DNS. About 10 minutes ago a a warning popped up saying something is trying to change my registry, i denied the change. The virus scan said to delete everything i need to insert my windows xp boot disc to restore my registries, only thing is i don't have my boot disc. Can anyone help me, because this sucks.
 

Read other answers
RELEVANCY SCORE 52.8

Hello,

According to Google's technicians my computer has been hacked by Russians! He detected a Zeus Trojan to be the culprit. He then proceeded to recommend that I contact a Microsoft Certified Networking Professional to solve the issue by doing such things like changing my IP or Gateway Default...not sure..but it is the one that the government assigns to each computer...the cost? $450 or $299 or $ 150 with only a 30 day warranty. I chose neither of the options..blah, blah, blah..obviously a selling job on his part. So now I am faced with this information...someone in Russia can get access to financial info etc... So after some research I found no other solution...maybe buy an Apple computer? Please, here in this forum is where I place my trust...what do you experts recommend? At the moment one thing that has obviously happened is that I can no longer access my gmail nor google voice.

Thanks a million.
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) II X4 635 Processor, AMD64 Family 16 Model 5 Stepping 3
Processor Count: 4
RAM: 3839 Mb
Graphics Card: ATI Radeon HD 4200, 256 Mb
Hard Drives: C: Total - 703027 MB, Free - 559608 MB; D: Total - 12273 MB, Free - 1467 MB;
Motherboard: FOXCONN, 2AB1
Antivirus: None
 

A:My computer has been hacked

Read other 16 answers
RELEVANCY SCORE 52.8

I'm pretty sure someone hacked into my system about 4days ago now

I've tried running several scans and they don't seem to be helping

I ran a hijackthis scan and this is what the log report says. I don't know enough about this to feel comfortable deleting things on my own. Can you help please?

Here is my hijackthis log report.
Thank you in advance for your help.


Logfile of HijackThis v1.99.1
Scan saved at 7:23:02 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe... Read more

A:Please help I think someone hacked my computer

I see you have posted and are already getting help elsewhere so I will let them carry on.

Read other 2 answers
RELEVANCY SCORE 52.8

my computer desktop icon is gone and i can't right click on desktop
taskbar icon is gone and turn off button gone too, but my control panel is still avaliable
my folder options is gone
im very confused i also cant run task manager
i cant run .exe file or anything like regedit.exe or cmd.exe
i cant run anything because it always admin restriction
i can only open explorer.exe by right clicking on start menu
but i cant run anything because of that admin restriction
my other hard drive like D:\ or my external harddisk is hidden too
but it still can be accesed by typing its directory
and in system properties it says registered to: HACKED BY JOHAN
 

A:My Computer Got Hacked by someone

Read other 6 answers
RELEVANCY SCORE 52.8

hello,

yesterday, facebook send sms for login to my account by a person. i don't work facebook yesterday. i chanced facebbok password but today i got a sms for login!!!!!!

i have comodo internet security premium and avg antivirus and malwarebytes . i scan full computer but not find any virus or trojan.

how i can remove it?

A:my computer is hacked!

Why do you think its your computer, sounds like your FB account may have been hacked. Try doing one of the online virus scans on your PC if you are really not sure about your PC being clean.

Read other 8 answers
RELEVANCY SCORE 52.8

dear friends,
in few days my computer is hacked by some bad gays i want to ask a questions that who is responcable for this hacking because my computer is connected to a Local Area Network
i think LAN Administrator is responcable for this hacking.

i want to know that can this configration is seems to be in defination of hacking please tell
me when i travers to that way i saw this configuration

Control panel--->system---->Remote------>check at Remotedly connected

and also symantic fire wall is disable system is runing slowly i have a windowsxp professional service pack2 operating system please note i always login as a administrator

please tell me the tips and procedure that no one even LAN Administrator is hacked my computer
i hope any one will help me
 

A:my computer is hacked

If this computer of yours is a company computer and I think it is because it is connected to a LAN I really hate to let you know it is not your computer it is the companies computer and really not your responsibility. The IT Department is responsible for computer and internet security, NOT YOU. You can help by being responsible in your computing habits and what you do or do not do, but in the long run it is the company that is responsible for the security not you.

If you were responsible for the security the company could fire you and you definitely do not want that.

All your responsibility is at work towards computers is to let you boss or supervisor know about how the computer runs. That is it. You do not play IT Department and install programs and run them, basically because if you do and crash the network you can get fired.

Be safe just do your job and let the IT department do their's.
 

Read other 3 answers
RELEVANCY SCORE 52.8

i opened my Laptop

Bam a lot of network activity on the router

i fired up tcp view

wow a unavailable process talking on the net

i fired up process explorer the pid is not there

i blocked all the conection in comodo firewall

and i still have network activity on the router
the tcp log is down in the attachment
so help plz

i forgot the attachment sorry

A:is this computer hacked ?

I have googled the IPS you are worried about.65.55.11.240 => http://www.ip-adress.com/whois/65.55.11.240 - IP Address belongs to Microsoft83.150.67.33 => http://www.ip-adress.com/whois/83.150.67.33 - IP belongs to Web of Trust(WOT)92.122.126.219 => http://www.ip-adress.com/whois/92.122.126.219 - AKAMAI (I believe adobe use this as a DLM)198.78.197.254 => http://www.ip-adress.com/whois/198.78.197.254 - Unsure, seems to be a ISP of some sort?207.46.140.23 => http://www.ip-adress.com/whois/207.46.140.23 - Belongs to MicrosoftI am going to go ahead and say everything is fine, there is no *unusual* operations going on there,

Read other 4 answers
RELEVANCY SCORE 52.8

I think my computer is hacked. It's slower than usual and Internet Explorer gets renamed. This is my FRST log.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-02-2015 01
Ran by Bojan (administrator) on BOJAN-PC on 07-02-2015 13:26:27
Running from C:\Users\Bojan\Desktop
Loaded Profiles: Bojan &  (Available profiles: Bojan)
Platform: Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(www.shadowexplorer.com) C:\Program Files\ShadowExplorer\sesvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EX... Read more

A:Computer hacked

Hello santare,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***Please download Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.Scan your system for malwareWith some infections, you may see two messages boxes.'Coul... Read more

Read other 8 answers
RELEVANCY SCORE 52.8

I think my computer is infected. Looking at the some behavior of my computer it looks like it has been hacked. As I am not a computer genius, I tried all I could to fix the computer. But I don't think I have resolved the problem. Now I am requesting you experts to help me out and shed some light.
I have tried to give all the possible information that might be helpful for you to analyze the case. I am sorry if some of my information is superfluous.

My operating system is Windows Vista Home Premium.
Symptoms that forced me to think it has been hacked:
1.Computer has been little slower than usual
2.Task Manager was disabled and I was not able to view or edit registry (which I fixed after googling some websites)
3.Windows atomatic update and Firewall was disabled (which I fixed by downloading new PC Tools Firewall plus and changing the value in registry for windows updating.)
4.Though I am the only user, my computer does not recognize me as an administrator( I do not know how to fix that)
5.when I start my computer my wallpaper or the desktop screen pops up or blinks for two or three times before being stable
6.Position of displayed icons on the desktop has changed a few times
6.Javascript has been disabled. And I am not able to fix it even though I changed all the required settings. Hence I am not able to run online virus scanner
7.when I use Internet Explorer most of the times it redirects me to some other websites.

Do these symptoms signify anything? After ... Read more

A:Please Help! I think My computer has been hacked

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.


F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\System\svchost.exe"


Reboot...


============================

Please download the OTMoveIt by OldTimer

Save it to your desktop.

Please double-click OTMoveIt.exe to run it

Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


C:\Program Files\Common Files\System\svchost.exe"



Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.

Click the red Moveit! button.

Close OTMoveIt

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


=====================================

Please download Combofix from any of the links below, and save it to your desktop. For further information regarding this download you can see this on this Information Page


Combofix Link 1
Combofix Link 2
Combofix Link 3


**Note: It is important that it is saved directly to your desktop**

1. Close any open browsers.

2. Close/disable all ant... Read more

Read other 13 answers
RELEVANCY SCORE 52.8

I restarted my computer earlier on then came back to it and was shocked to find that Nero Back Up and Restore had been opened, and about 53 times.   I, personally didn't open this program. 
 
I restarted my computer again after only one tab of Nero closed (after trying to close all 53 tabs simultaneously), which cleared them all, but I remain puzzled as to whether my computer has been hacked into.
 
I presently have Windows Vista as my operating system and am currently scanning with Super Anti-Spyware and will also scan with Malwarebytes' Anti-Malware when that has finished, to see if they detect anything, but any advice you can give me on determining if my computer has been hacked into and how to trace and remove the unwanted programs would be most helpful, so my computer is clear of viruses and malware.
 
I regularly scan my computer for viruses and malware, but it's odd how my Nero program opened up itself. 

A:Has my computer been hacked into?

Well the Nero BackItUp is a pretty shameful program to start with...

Read other 2 answers
RELEVANCY SCORE 52.8

hi, i have posted the same topic in kaspersky, mcafee forums.... but no one helped me... they asked me to contact this forum..hope u guys gonna help me.here is my problem.. .some body is leeching my bandwidth.... when ever i switch on my modem(wired) my internet gets connected and automatically downloading starts with out my knowledge( i dont use idm or utorrent).. if i sit idle in front of my pc... the download vll not stop.. i think somebody is leeching my bandwidth... and the persons ip is.. 117.121.249.60 its from australia.. and i stay in asia.... here is the screen shot.. check out for the yellow line one.. tats the leecher.. i formatted my hard drive completely.. but still am facing the same problem...also am uploading the doc of hijackthis.. pls help me if u can.

A:my computer is hacked?

is there no one who can give solution for this... common guys..

Read other 3 answers
RELEVANCY SCORE 52.8

Hello. I have been trying for weeks to figure out what has been going on with my computer. I have been reading one post after another on here and trying a variety of tools. None of these have helped my problems. I have Webroot and Malwarebytes running. I use RKill and Roguekiller. I have noticed that when I use Malwarebytes and start a scan, the computer starts acting better as soon as the scan starts. But, it never finds anything.
 
Today, I tried a program called TCPView and it shows a ton of connections, especially when I leave the computer alone and running for a while. I do not know if this is malware or some sort of back door access. I am finally going to ask for help.
 
The symptoms have varied from slow computer to network connection problems. Any advice on where to start? I would appreciate any help!

A:Computer Hacked?

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days. Hello there, sea_summit I'm Conspire, I'll be glad to help you with your computer problems.Please observe these rules while we work:Read the entire procedureIt is important to perform ALL actions in sequence.If you don't know, stop and ask! Don't keep going on.Please reply to this thread. Do not start a new topic.Stick with me till you're given the all clear.Remember, absence of symptoms does not mean the infection is all gone.Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on. ---------------------------------------------------------------------------------------------------Please download Farbar Recovery Scan Tool and save it to your Desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).When the tool opens, click Yes to disclaim... Read more

Read other 7 answers
RELEVANCY SCORE 52.8

I received an email from SWTOR for a purchase of 40.00 on my account that i didnt make so i gave them a call and found out that my SWTOR account had been hacked I ran a virus scan and found nothing even ran a malware bytes scan and nothing my windows firewall is turned off and I cant turn it on so I'm sure something is going on i am going to change my email password right now i am running windows 7 the error says windows firewall cannot change some of your settings error code 0x80070424
 
please help ,
 
thank you, Ken

A:Computer hacked

did I not supply enough info?

Read other 10 answers
RELEVANCY SCORE 52.8

Today I was accessing my computer remotely and stepped away for a moment. When I came back I noticed that my Outlook was open and the cursor wasn't moving to my moments. I proceeded to watch it open my Delete folder and an email. I hit Alt + L to lock the computer, but to my surprise they clicked my account and enter my password. After this they went back to Outlook to open another email. Next I hit the the Windows button and U, U, to shut off the pc. Luckily my wife was home, so I had her make sure the computer was actually off. Here are a few details about the computer:

XP SP3
AVG 8.5xx
Comodo Firewall
Logmein - Remote access

I'll be running MBAM, AVG, SAS as soon as I get home. What else should I do to get a jump on this?

Also, I've been checking my account to make sure the computer is still offline.

Thanks.

A:My computer has been hacked

Run those..post back the MBAM and SAS log ...then we can move on.

Read other 3 answers
RELEVANCY SCORE 52.8

Hello,I always run HiJack This and the log seems very strange with Unknown file in winsock entries. Computer has been a little slow and freezes up once in a while. I hope you can provide me with some info on my log to make sure I am safe. Thanks for your time.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:22:51 PM, on 4/3/2011Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exeC:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exeC:\Windows\ehome\ehmsas.exec:\P... Read more

A:Computer hacked?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

Read other 27 answers
RELEVANCY SCORE 52.8

Hi i have recently had my computer hacked, they got my email,facebook and paypal details, and took 800, have had my computer cleaned, but they still manage to keep changing my email address, after i change it, so i was wondering if anyone could look at my log file and tell me if there is still something on my system thank's ver much

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:16:45, on 14/02/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mi... Read more

Read other answers
RELEVANCY SCORE 52.8

Hi

Will appreciate your knowledge and insight. I noticed my drive being accessed a lot. Way more then usual. I am going to put up some logs and info and maybe someone can tell me what else to look at.

I see some logs that look very much like a continued attempt to access my drives
after seeing Wbem running a lot Process Explorer. It looks like the dates are off but htis is fresh today so there must be some date error in the logging. These are fresh this AM.

wmiprov.log

(Mon Jan 18 09:48:08 2010.297093) : Serivce ContentFilter has a non MSDN compliant or invalid Linkage Key
(Mon Jan 18 09:48:08 2010.297093) : Collect for service ContentFilter returned 0-Size BLOBs
(Mon Jan 18 09:48:08 2010.297250) : Serivce ContentIndex has a non MSDN compliant or invalid Linkage Key
(Mon Jan 18 09:48:08 2010.297250) : Collect for service ContentIndex returned 0-Size BLOBs
(Mon Jan 18 09:48:18 2010.306984) : Serivce ISAPISearch has a non MSDN compliant or invalid Linkage Key
(Mon Jan 18 09:48:18 2010.306984) : Collect for service ISAPISearch returned 0-Size BLOBs
(Mon Jan 18 09:48:48 2010.337218) : Skipping Object of index 870 of service RemoteAccess because index does not belong to the range 2014 - 2052 assigned to the service by LodCtr
(Mon Jan 18 09:48:48 2010.337218) : Skipping Object of index 906 of service RemoteAccess because index does not belong to the range 2014 - 2052 assigned to the service by LodCtr
(Mon Jan 18 09:48:48 2010.337218) : Skipping Object of index 870 of service R... Read more

Read other answers
RELEVANCY SCORE 52.8

Hello everyone, This is my first time posting on this forum so if I make a mistake i'm sorry. The problem started 2 weeks after I got a used computer from my uncle.My mousestarted acting crazy. I can be just browsing the internet and then my mousestarts jumping all over the screen as soon as I touch the touchpad or during it. I've reinstall windows3 times and used various anti-virus, anti-malware,etc trying to detect if it's a virus but they all come back negative!. For every time I reinstall windows, the mousedoesn't act up for a while and then two days later BAM!! it's jumping around the screen again. I know that this is symptoms of someone hacking me so I am wondering if there is a way to remove the hacker. Here are some other symptoms I encounter.

1. My graphics driver and mousedriver is uninstalled after a restart sometimes.
2. Windowslags up and shuts down.
3.After a mouseattack or weird encounter, my network card completely stop working and the light blinks on and off.

I have ALSO noticed that Computrace is installed in bios and I have read that it is vulnerable to hackers and I was wondering if theirs any BIOS mods for me . I have also noticed that after flashing BIOS my computer started acting up.

Laptop:
Lenovo3000 N200

THX IN ADVANCE.
 

Read other answers
RELEVANCY SCORE 52.8

my computer has been infected with a keylogger/trojan virus as i have had some of my online accounts/games details copied and other people have deleted some of the contents.
* Trend Micro HijackThis v2.0.4 *

See bottom for version history.
The different sections of hijacking possibilities have been separated into the following groups.
You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'.
R - Registry, StartPage/SearchPage changes
R0 - Changed registry value
R1 - Created registry value
R2 - Created registry key
R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
F0 - Changed inifile value
F1 - Created inifile value
F2 - Changed inifile value, mapped to Registry
F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
N1 - Change in prefs.js of Netscape 4.x
N2 - Change in prefs.js of Netscape 6
N3 - Change in prefs.js of Netscape 7
N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
O1 - Hijack of auto.search.msn.com with Hosts file
O2 - Enumeration of existing MSIE BHO's
O3 - Enumeration of existing MSIE toolbars
O4 - Enumeration of suspicious autoloading Registry entries
O5 - Blocking of loading Internet Options in Control Panel
O6 - Disabling of 'Internet Options' Main tab with Policies
O7 - Disabling of Regedit with Pol... Read more

A:my computer has been hacked

i was informed that i should post this hijackthis report here
 

Read other 2 answers
RELEVANCY SCORE 52.8

My computers at home were hacked. My wife was typing a Word document and someone was typing over her, mocking her. The only thing I noticed at first was that we could not access certain websites like microsoft.com, msnbc.com, mynetwatchman.com. After running numerous anti-virus and spam removal programs, I did not find any viruses or trojans, just some spyware which was removed. Panda software found eicor.mod virus. but this was not found by any other program and was never removed. But now I was able to access the above websites.But there is still a problem with other websites and downloading any network security programs.If I try to visit some websites, they are redirected to "The page cannot be displayed".Some of these sites are:http://www.eicar.org/anti_virus_test_file.htmhttp://www.lavasoftsupport.com/index.php?showtopic=48070http://www.spywareinfo.com/~merijn/http://tomcoyote.org/hjt//HijackThis.exehttp://www.sysinternals.com/Files/RootkitRevealer.zipThere are problems with download certain files: For example: Hijackthis.exe, lspfix.zip ,blacklight beta, etc.If I click on the file to download I get the same "The page cannot be displayed"If I right click to "Save Target As", I get "Internet Explorer cannot download <filename> from www.<website>. The connection with the server was reset." My current version of Hijack This is not the most current but at present I cannot download the newest version so I changed the version ... Read more

A:Computer was hacked

If you still need help, could you post a fresh log please?

Read other 7 answers