It's normal for windows to install drivers for something you plug in but to do a screen shot:
HELP PLEASE!COMPUTER BEING ATTACKED THROUGH IP
#16
Posted 04 December 2014 - 07:45 PM
#17
Posted 04 December 2014 - 08:10 PM
Yeah I know it installs drivers but it has also installed imaginary things into an f drive I dont have yesterday I had unknown devices and when I try to remove them I cant ...I plugged the ipod in this morning and it uploaded another 6 drivers and I cant see them untill I plug the ipod in but if I do its going to install even more imaginary devices I don't have an F drive as far as I know and also my browser settings keep changeing ..after the drivers to day my screen keeps blacking out every time I try to do something..I just have to wait for it to settle again ..I only just installed a new hard drive and I am starting to freak out.. I really appreciate your help I want you to know that I am soo tnankful I feel like crying at the moment who ever this [bleep] is he has fooled the system into thinking everything is fine when I KNOW it isnt!!Some of these drivers I can't delete as I don't have permission I have tried everything to change that but cant!!!
#18
Posted 04 December 2014 - 08:12 PM
Yeah I know it installs drivers but it has also installed imaginary things into an f drive I dont have yesterday I had unknown devices and when I try to remove them I cant ...I plugged the ipod in this morning and it uploaded another 6 drivers and I cant see them untill I plug the ipod in but if I do its going to install even more imaginary devices I don't have an F drive as far as I know and also my browser settings keep changeing ..after the drivers to day my screen keeps blacking out every time I try to do something..I just have to wait for it to settle again ..I only just installed a new hard drive and I am starting to freak out.. I really appreciate your help I want you to know that I am soo tnankful I feel like crying at the moment who ever this [bleep] is he has fooled the system into thinking everything is fine when I KNOW it isnt!!Some of these drivers I can't delete as I don't have permission I have tried everything to change that but cant!!!
sorry I didnt realise there was extra options to post I thought it would be at the top sorry I also have these WOW files I dont play WOW and I certainlt never put those files on my computer anything athat has been added from about the end of nov to the 4 dec bis probably suspect I know what I installed!!!I din't install these and they are nearly impossible to delete as they put themselves in a drive I dont have
Edited by angel959, 04 December 2014 - 08:16 PM.
#19
Posted 04 December 2014 - 08:17 PM
#20
Posted 04 December 2014 - 08:29 PM
#21
Posted 04 December 2014 - 08:33 PM
As far as windows is concerned your IPOD is a USB drive so I'm not surprised to see a drive letter associated with it.
Are you talking about SysWOW64? That's just where windows keeps the files which are only 32 bit. If that's not what you mean how about a screen shot?
If you have unknown drivers you may need the chipset utility or there may be a missing driver file. These are normally not malware.
I need some context for the AdvancedInstallers and Users stuff. Where did you find them?
#22
Posted 05 December 2014 - 02:27 AM
ok I know you know what you are doing ..so are you saying I am worrying over nothing !the shots I have put here for you are of unknown devices I don't think I have...I have no Idea what that toshiba thing is with the music thing attached as of this morning there is zero in the usb ports the toshibeI/N and the csb 2.0 are in some drive I cant find are they meant to be there ....sorry I don't want to frustrate you I am not the most computer savvy but I know all weekend (last weekend) I was hacked I had to get my provider to change my ip and I have 3 or driver store packs am I meant to have that many? I know 1 has thousands and thousands of drivers in it and if I touch it drivers will install maybe i am panicking over nothing but I just dont know how to tell?!Maybe i have blocked something I shouldnt?!!
IHow do I tell??! What is the F drive? what is an svc host file? all this stuff I ran would have shown Hijack software etc?! I may just be [anicking and need to reset my comodo becaquse I did block EVERYTHING I didnt know what to block and what NOT TO!! So WOW files are meant to be there yes?!
Should I just let these drivers install or should I reset comodo and see if I have blocked something?
And again Thankyou for your time and PATIENCE I can frustrate the best of people =)
Edited by angel959, 05 December 2014 - 02:40 AM.
#23
Posted 05 December 2014 - 02:46 AM
Something has changed after the disc check etc I can't see those files anymore?? the driver store ones??! My screen isn't blacking out anymore I have set everything to ask me first before it installs anything and now when I look at the toshibai i/n thing it shows me it is VLC audio and wants to apply icons that are missing ...Did that help it sort it self out???!! I s it worth running disc checks regularly ?? In your opnion is everything cool and I am just panicking because of what happened on the weekend and interpreting everything as an attack?? My comodo was showing red on the svc host l that has calmed down too!!!!! It has dropped to half WOW Also you know that stuff I uploaded I didn't run any of the cleanup stuff because you didn't tell me too..trying to follow instructions to the letter =) do I need to ? I am guessing no
Edited by angel959, 05 December 2014 - 02:57 AM.
#24
Posted 05 December 2014 - 08:27 AM
You might want to uninstall Bonjour Service. It's not happy. Perhaps your firewall is blocking it. You will get a new one next time you install an Apple product.
Sounds like the disk check was needed. Let's run Speccy and see if the drive is getting sick:
#25
Posted 05 December 2014 - 11:01 AM
well i have been searching around and i have found out my cd rom driver is missing and it cant load a new one it also says pnp missing and my registry editor flashes up and shuts again instantly even running as admin??!! Hey THANKS FOR ALL THIS!!!!! I spotted security warnings in that mix of stuff from speccy!!!here are a couple of screen shots to show you what I found I don't know how to put it into a file so just broke it down into a few shots
TOSHIBA2.txt 165.07KB 226 downloads
Edited by angel959, 05 December 2014 - 11:27 AM.
#26
Posted 05 December 2014 - 06:03 PM
Speccy doesn't really have any security warnings. You are probably seeing the Windows update descriptions which explain why you got an update. Your temps are OK for a notebook and your hard drive is not showing any errors.
Let's run the builtin memory test to make sure the memory is good:
http://www.sevenforu...stics-tool.html
For your CD problem:
Start, right click on Computer and select Manage (Yes) then click on Device Manager. You should see an entry for DVD/CD ROM drives. Click on the arrow in front of it and it should show your CD. Right click on it and Uninstall. Then reboot. Windows should install it from scratch. Does it work now?
#27
Posted 06 December 2014 - 06:28 AM
Hi hope your trip went well So the memory check came up fine but the system tries to re install driver but says it fails!!! Also I can open the command prompt but the reg ed is still flashing up and dropping straight away and this happens with all the other windows of the same type!! Am I missing reg keys I read online that it could be a possibility? Also the page you sent me to is still there but when you hi the link to the memory diagnostic help it throws up a 404 screen...just thought you might like to know is all...luckily I know how to run the memory check I did that with the portable device driver and it worked that was yesterday sometime because I was having trouble with that too ...so that works but the windows 32 driver for the cd rom can't do what it needs to do!!!
Edited by angel959, 06 December 2014 - 06:41 AM.
#28
Posted 06 December 2014 - 07:19 AM
Start, All Programs, Accessories then right click on Command Prompt and select Run As Administrator. Wait for the popup and answer Yes. Command Windows should open.
cd \windows dir regedit.*
It should say something like:
C:\Windows>dir regedit.*Volume in drive C has no label.Volume Serial Number is 2352-6AF2Directory of C:\Windows07/13/2009 08:39 PM 427,008 regedit.exe1 File(s) 427,008 bytes0 Dir(s) 925,413,531,648 bytes free
Does it show more than one file? What is the number before regedit.exe? 427,008?
sfc /scanfile=\windows\regedit.exe
This should take a few seconds and come back with:
Windows Resource Protection did not find any integrity violations.
regedit.exe
Do you get any error messages? If it still doesn't work then
copy regedit.exe george.exe george.exe
If that doesn't work then try:
copy regedit.exe george.com george.com
IF the SFC command did not work or it said it could not fix the file then let OTL look for another one:
/md5start regedit.exe /md5stop
#29
Posted 06 December 2014 - 08:38 AM
While you were gone I ran a sfc scan and it said I had corrupted files when I went to look for the log it also said it was corrupted
So I ran the first 2 things they show exactly what you have written
Sorry can you explain a bit more I did the regedit.exe and it open a little file window which says reg editor and some of them say value not set...can you explain a wee bit more how to get the otl to fix please I have a screen shot and the last four things say not set the first one doesnt though ....well I cant seem to post a screen shot I don't know if thats me or you guys!!!
#30
Posted 06 December 2014 - 08:40 AM
Microsoft Windows [Version 6.1.7601]
Similar Topics
Also tagged with one or more of these keywords: hacked, rootkits.hijack software, malware viruses
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users