ACCOUNT TAKE OVER

You read too much.

Thank you for clarifying that Pkshadow. I did run the scan yesterday as well on my home network but wasn't sure what to do with it and a bit frustrated so I shut it down for the evening. I did see this....Server:  www.routerlogin.com Pinging Yahoo and Google
 

The most recent log below is obviously not my home network. I need delete the IP and Mac address below, please let me know if I need to add that back in.

Thank you for assisting, I appreciate your time.

 

 

SSID:    Hacked iPhone 14
Protocol:    Wi-Fi 5 (802.11ac)
Security type:    WPA3-Personal
Network band:    5 GHz
Network channel:    149
Link speed (Receive/Transmit):    866/780 (Mbps)
IPv6 address:   
IPv6 DNS servers:   
IPv4 address:   
IPv4 DNS servers:   
Manufacturer:    Intel Corporation
Description:    Intel® Wireless-AC 9560 160MHz
Driver version:    22.170.0.3
Physical address (MAC):  
MiniToolBox by Farbar  Version: 13-05-2022
Ran by Stephanie (administrator) on 22-06-2023 at 03:39:00
Running from "C:\Users\Stephanie\Documents"
Microsoft Windows 10 Pro  (X64)
Model: HP ProBook 450 G8 Notebook PC Manufacturer: HP
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/21/2023 05:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program thunderbird.exe version 102.12.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2c90

Start Time: 01d9a48d19a34904

Termination Time: 8

Application Path: C:\Program Files\Mozilla Thunderbird\thunderbird.exe

Report Id: 4ebd9293-cf4e-40ae-a71a-8eae22cc5e3d

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/21/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/20/2023 05:24:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/20/2023 05:24:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/20/2023 03:23:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.2193 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 8a8

Start Time: 01d9a3559921f763

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 7948bf8f-134c-47aa-859e-aa70d7ba651b

Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Hang type: Navigation

Error: (06/20/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (06/19/2023 12:21:27 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (06/19/2023 10:01:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.2193 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1178

Start Time: 01d99fdde44f7be3

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 85e665b9-6623-4e70-9946-6b36d1417311

Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Hang type: Navigation


System errors:
=============
Error: (06/22/2023 02:50:37 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {7ca21dbd-8d3a-4cb6-bbd4-6e1bdbc81891}, had event 74

Error: (06/22/2023 12:28:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (06/22/2023 12:28:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (06/21/2023 10:25:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {7ca21dbd-8d3a-4cb6-bbd4-6e1bdbc81891}, had event 74

Error: (06/21/2023 08:12:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:49:58 PM on ‎6/‎20/‎2023 was unexpected.

Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Analytics service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Hotkey UWP Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Diagnostics HSA Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP System Info HSA Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (06/20/2023 05:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP LAN/WLAN/WWAN Switching UWP Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.


CodeIntegrity Errors:
====================
Date: 2023-06-15 05:02:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-06-14 16:17:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0b6ffde85292cc1e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

LibreOffice 7.5.3.2 (HKLM\...\{063CC195-EEF8-4601-89C6-CB18230BD5E6}) (Version: 7.5.3.2 - The Document Foundation)
Malwarebytes version 4.5.31.270 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.31.270 - Malwarebytes)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 114.0.1 (x64 en-US)) (Version: 114.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 114.0.1 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKLM\...\Mozilla Thunderbird 102.12.0 (x64 en-US)) (Version: 102.12.0 - Mozilla)
Proton Mail Bridge (HKLM\...\{B8374C4E-7127-4A6E-8DC3-105B5DCD6D29}) (Version: 3.1.3 - Proton AG) Hidden
Proton Mail Bridge (HKLM\...\Proton Mail Bridge 3.1.3) (Version: 3.1.3 - Proton AG)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.42.8 - TeamViewer)

Packages:
=========
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.40.284.0_x64__dt26b99r8h8gj [2023-05-15] (Realtek Semiconductor Corp)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.39.0_x64__v10z8vjag6ke6 [2023-05-15] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-01] (INTEL CORP) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-05-15] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-05-15] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 16064.26 MB
Available physical RAM: 11049.18 MB
Total Virtual: 32448.26 MB
Available Virtual: 27068.42 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:237.85 GB) (Free:164.13 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-1462P57

Administrator            DefaultAccount           Guest                    
Stephanie                WDAGUtilityAccount       


**** End of log ****

 

WOW, that is a lot of information. This is a personal device, and I should be the only user. Very suspicious, but I am just hushing it for now.

 

http://speccy.piriform.com/results/LkyxzjybxEofIDCucZVOkmV

Edited by Bionda, 22 June 2023 - 04:32 AM.

Are you connecting to your iPhone's Hotspot, because if you are someone who has physical access could have renamed your phone to hacked iPhone to play a joke on you.

lol, Yes, I was logging in my iphones hotspot I named Hacked.

And this just happened when I turned my computer on. Now what? Did I lose all of my files? Curious What kinda information did the logs reveal? What the heck is a boot device?

3465375048BootDevice Not Found
Please install an operating system on your hard disk.
Hard Disk - (3F0)
F2 System Diagnostics
For more information, please visit: ww.hp.com/go/techcenter/startup

Edited by Bionda, 22 June 2023 - 02:10 PM.

Just curious is my issue now for different topic in another forum?

Minor problematic issues.  Dcom being the hardest to fix.

 

0x8007045b = Windows Update issue.   From start Search type Troubleshooter and choose the update one and let us know how that turns out.

 

You are not providing enough information. 

 

Boot device is the device that boots, a Hard Drive, a SSD  , a USB.   

 

Please install an operating system on your hard disk.
Hard Disk - (3F0)   

Do this : https://support.hp.com/us-en/document/ish_3053911-2842957-16

Sorry for the delay. Chasing a 2 yr old all day. Thanks for assisting.
I am able to cut and paste text but not screenshots for whatever reason. Last night sent the two diagnostic reports back.
This am checked emails and BP. This afternoon turned on the PC I got a black screen
and error to install the operating system.

Th screen is still black.
HP PC Hardware Diagnostics
Processor
(My options are below)

Memory Test
Storage Tests
Power Tests
System Board Test
Keyboard Test
Language
Exit

Edited by Bionda, 22 June 2023 - 07:11 PM.

Would then think it is time to rescue your stuff and to do a clean install after :

 

See if repair : https://www.diskpart.com/articles/boot-sector-repair-4125.html

 

See if can get in :https://www.makeuseof.com/tag/bootable-windows-pe-based-recovery-discs/ as well tools on a couple. Rescue stuff and do a clean install.

Find a video by this forum member : https://www.google.com/search?q=computer+help+videos+by++FreeBooter&client=firefox-b-d&biw=1920&bih=872&tbm=vid&ei=J-mUZNWCGtSB0PEP-L-B-Aw&ved=0ahUKEwiVspeVk9j_AhXUADQIHfhfAM8Q4dUDCAw&oq=computer+help+videos+by++FreeBooter&gs_lp=Eg1nd3Mtd2l6LXZpZGVvIiNjb21wdXRlciBoZWxwIHZpZGVvcyBieSAgRnJlZUJvb3RlcjIFEAAYogRInT1Q8QdYsCxwAHgAkAEAmAFnoAGFCqoBBDE0LjG4AQzIAQD4AQHCAggQABiJBRiiBMICCBAhGKABGMMEwgIKECEYoAEYwwQYCogGAQ&sclient=gws-wiz-video

 

Has topics on everything.