While on the internet, I saw a window pop up saying a cleansing software was loading. That's when I unplugged the laptop. I disconnected the modem (using a Linksys wireless router for the laptop). I erased out all cookies, webpages, visiting history, etc., in case I hadn't stopped the malware. Then, I plugged in the modem, and downloaded Malwarebytes and AVG updates. Ran both for full scans, and both came up clean.
Then, after the laptop had been hibernating, I went to shut down and the "awakening" screen asked if I wanted to shut down because another user was on the computer. That's why I wonder if someone has hacked into my computer. I ran TCPView, as suggested in the How to Receive Help. I noticed while I was reading the log, some lines would highlight in red and then disappear.
I know I'm supposed to wait for instructions. But, I ran Rkill last night and nothing came up. Ran a full Malwarebytes scan afterward and nothing came up. But, this morning, I booted and ran Rkill again. Here's the log.
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 03/28/2011 at 6:38:04.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
Rkill completed on 03/28/2011 at 6:38:33.
I thin rapimgr.exe is part of MS ActiveSync, and I run a Windows phone. I haven't sync'd in at least a week. And, I don't know why Rkill caught it this morning, but not last night. Hope this helps. Thanks very much for your help with this. Anything else you want me to run and log? Thanks again.
Edited by notalk, 28 March 2011 - 10:03 AM.