You read too much.
Posted 21 June 2023 - 08:06 PM
You read too much.
" mosquitoes really wake up everyday and choose violence " — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
I-7 ASUS ROG Rampage II Extreme / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme
Posted 22 June 2023 - 03:59 AM
Thank you for clarifying that Pkshadow. I did run the scan yesterday as well on my home network but wasn't sure what to do with it and a bit frustrated so I shut it down for the evening. I did see this....Server: www.routerlogin.com Pinging Yahoo and Google
The most recent log below is obviously not my home network. I need delete the IP and Mac address below, please let me know if I need to add that back in.
Thank you for assisting, I appreciate your time.
SSID: Hacked iPhone 14
Protocol: Wi-Fi 5 (802.11ac)
Security type: WPA3-Personal
Network band: 5 GHz
Network channel: 149
Link speed (Receive/Transmit): 866/780 (Mbps)
IPv6 address:
IPv6 DNS servers:
IPv4 address:
IPv4 DNS servers:
Manufacturer: Intel Corporation
Description: Intel® Wireless-AC 9560 160MHz
Driver version: 22.170.0.3
Physical address (MAC):
MiniToolBox by Farbar Version: 13-05-2022
Ran by Stephanie (administrator) on 22-06-2023 at 03:39:00
Running from "C:\Users\Stephanie\Documents"
Microsoft Windows 10 Pro (X64)
Model: HP ProBook 450 G8 Notebook PC Manufacturer: HP
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (06/21/2023 05:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program thunderbird.exe version 102.12.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2c90
Start Time: 01d9a48d19a34904
Termination Time: 8
Application Path: C:\Program Files\Mozilla Thunderbird\thunderbird.exe
Report Id: 4ebd9293-cf4e-40ae-a71a-8eae22cc5e3d
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (06/20/2023 05:24:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (06/20/2023 05:24:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (06/20/2023 03:23:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.2193 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 8a8
Start Time: 01d9a3559921f763
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Report Id: 7948bf8f-134c-47aa-859e-aa70d7ba651b
Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy
Faulting package-relative application ID: WindowsDefaultLockScreen
Hang type: Navigation
Error: (06/20/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/19/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (06/19/2023 10:01:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.2193 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1178
Start Time: 01d99fdde44f7be3
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Report Id: 85e665b9-6623-4e70-9946-6b36d1417311
Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy
Faulting package-relative application ID: WindowsDefaultLockScreen
Hang type: Navigation
System errors:
=============
Error: (06/22/2023 02:50:37 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {7ca21dbd-8d3a-4cb6-bbd4-6e1bdbc81891}, had event 74
Error: (06/22/2023 12:28:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Error: (06/22/2023 12:28:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
Error: (06/21/2023 10:25:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {7ca21dbd-8d3a-4cb6-bbd4-6e1bdbc81891}, had event 74
Error: (06/21/2023 08:12:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:49:58 PM on 6/20/2023 was unexpected.
Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Analytics service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Hotkey UWP Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Diagnostics HSA Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP System Info HSA Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP LAN/WLAN/WWAN Switching UWP Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
CodeIntegrity Errors:
====================
Date: 2023-06-15 05:02:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-06-14 16:17:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0b6ffde85292cc1e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
LibreOffice 7.5.3.2 (HKLM\...\{063CC195-EEF8-4601-89C6-CB18230BD5E6}) (Version: 7.5.3.2 - The Document Foundation)
Malwarebytes version 4.5.31.270 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.31.270 - Malwarebytes)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 114.0.1 (x64 en-US)) (Version: 114.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 114.0.1 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKLM\...\Mozilla Thunderbird 102.12.0 (x64 en-US)) (Version: 102.12.0 - Mozilla)
Proton Mail Bridge (HKLM\...\{B8374C4E-7127-4A6E-8DC3-105B5DCD6D29}) (Version: 3.1.3 - Proton AG) Hidden
Proton Mail Bridge (HKLM\...\Proton Mail Bridge 3.1.3) (Version: 3.1.3 - Proton AG)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.42.8 - TeamViewer)
Packages:
=========
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.40.284.0_x64__dt26b99r8h8gj [2023-05-15] (Realtek Semiconductor Corp)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.39.0_x64__v10z8vjag6ke6 [2023-05-15] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-01] (INTEL CORP) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-05-15] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-05-15] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
========================= Devices: ================================
========================= Memory info: ===================================
Percentage of memory in use: 31%
Total physical RAM: 16064.26 MB
Available physical RAM: 11049.18 MB
Total Virtual: 32448.26 MB
Available Virtual: 27068.42 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:237.85 GB) (Free:164.13 GB) NTFS
========================= Users: ========================================
User accounts for \\DESKTOP-1462P57
Administrator DefaultAccount Guest
Stephanie WDAGUtilityAccount
**** End of log ****
Posted 22 June 2023 - 04:20 AM
WOW, that is a lot of information. This is a personal device, and I should be the only user. Very suspicious, but I am just hushing it for now.
http://speccy.piriform.com/results/LkyxzjybxEofIDCucZVOkmV
Edited by Bionda, 22 June 2023 - 04:32 AM.
Posted 22 June 2023 - 06:18 AM
My Linux Systems Specifications: My Desktop - https://dpaste.com/AKGGCBGSW - My Server - https://dpaste.com/8M228Z6ZM - My laptop Arch - https://dpaste.com/FKSMU4MM2
-----------------------------------------------------------------------------
Posted 22 June 2023 - 08:13 AM
lol, Yes, I was logging in my iphones hotspot I named Hacked.
Posted 22 June 2023 - 01:42 PM
Edited by Bionda, 22 June 2023 - 02:10 PM.
Posted 22 June 2023 - 02:27 PM
Posted 22 June 2023 - 03:07 PM
Minor problematic issues. Dcom being the hardest to fix.
0x8007045b = Windows Update issue. From start Search type Troubleshooter and choose the update one and let us know how that turns out.
You are not providing enough information.
Boot device is the device that boots, a Hard Drive, a SSD , a USB.
Please install an operating system on your hard disk.
Hard Disk - (3F0)
Do this : https://support.hp.com/us-en/document/ish_3053911-2842957-16
" mosquitoes really wake up everyday and choose violence " — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
I-7 ASUS ROG Rampage II Extreme / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme
Posted 22 June 2023 - 07:10 PM
Edited by Bionda, 22 June 2023 - 07:11 PM.
Posted 22 June 2023 - 07:32 PM
Would then think it is time to rescue your stuff and to do a clean install after :
See if repair : https://www.diskpart.com/articles/boot-sector-repair-4125.html
See if can get in :https://www.makeuseof.com/tag/bootable-windows-pe-based-recovery-discs/ as well tools on a couple. Rescue stuff and do a clean install.
" mosquitoes really wake up everyday and choose violence " — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
I-7 ASUS ROG Rampage II Extreme / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme
Posted 22 June 2023 - 07:38 PM
Has topics on everything.
" mosquitoes really wake up everyday and choose violence " — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
I-7 ASUS ROG Rampage II Extreme / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme
0 members, 1 guests, 0 anonymous users