Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Hijack This

  1. #1
    Most Appreciative Member Lovelee's Avatar
    Join Date
    Dec 2004
    Location
    Waikato
    Posts
    536

    Default Hijack This

    Do you guys still check HJT for issues and advise what to remove?

    Computer has been lagging to the mouse for the last 3 - 4 days .. wanna see if theres anything in there causing the problem
    You make something idiot proof, and they make a better idiot.

  2. #2
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    With Kim-Jong-Mum
    Posts
    1,652

    Default Re: Hijack This

    It sure remains a useful program. Post your log.
    Ex-pctek

  3. #3
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    6,322

    Default Re: Hijack This

    Its old and no longer updated. Doesnt properly support Win7,8,10 , you'll get some strange results
    Its still usuable though, possibly not as useful as it once was.

    10's Resource monitor might show whats causing high CPU use/ HD access . Also add/remove programs & MSCONFIG can be a good start for de-cluttering

    Is it only the mouse thats lagging . If you use the kb only (eg win key + I ) does that lag ?

  4. #4
    Most Appreciative Member Lovelee's Avatar
    Join Date
    Dec 2004
    Location
    Waikato
    Posts
    536

    Default Re: Hijack This

    Quote Originally Posted by piroska View Post
    It sure remains a useful program. Post your log.
    Cheers pctek this is so frustrating

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 9:48:04 a.m., on 5/09/2019
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.18362.0001)


    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
    C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
    C:\Users\User\Downloads\HijackThis (1).exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
    O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [HP ENVY 5530 series (NET)] "C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN55J510SR067B:NW" -scfn "HP ENVY 5530 series (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [Advanced SystemCare 12] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
    O4 - Startup: Facebook Gameroom.lnk = C:\Users\User\AppData\Local\Facebook\Games\Faceboo kGameroom.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
    O23 - Service: Advanced SystemCare Service 12 (AdvancedSystemCareService12) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: activeMARK Instant Service (AMInstantService) - GameHouse - C:\Program Files (x86)\GameHouse Games\aminstantservice.exe
    O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager .exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.ex e (file missing)
    O23 - Service: CredentialEnrollmentManagerUserSvc_5af4328b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.ex e (file missing)
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
    O23 - Service: Driver Support AO Service (DSAO) - PC Drivers HeadQuarters LP - C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elev ation_service.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%systemroot%\system32\PerceptionSimulation\Percep tionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\Perceptio nSimulationService.exe (file missing)
    O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
    O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: WinZip Compression Smart Monitor Service - Unknown owner - C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13623 bytes
    You make something idiot proof, and they make a better idiot.

  5. #5
    Most Appreciative Member Lovelee's Avatar
    Join Date
    Dec 2004
    Location
    Waikato
    Posts
    536

    Default Re: Hijack This

    Its google chrome not responding
    You make something idiot proof, and they make a better idiot.

  6. #6
    Most Appreciative Member Lovelee's Avatar
    Join Date
    Dec 2004
    Location
    Waikato
    Posts
    536

    Default Re: Hijack This

    CryptoTokenExtension whats this .. I just spotted this while doing a reset of the browser
    You make something idiot proof, and they make a better idiot.

  7. #7
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    6,322

    Default Re: Hijack This

    Quote Originally Posted by Lovelee View Post
    Its google chrome not responding
    Chrome has a reset to default option. Do that first

    I would remove IOBIT to start with .
    O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart


    suspicious
    O23 - Service: Driver Support AO Service (DSAO) - PC Drivers HeadQuarters LP - C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe

    Uninstall Winzip. Its not the same as the Winzip that we used to love. Its often flagged as Malware/PUP's
    O23 - Service: WinZip Compression Smart Monitor Service - Unknown owner - C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe

    Install Malwarebytes & do a scan. Then uninstall it. Make sure your AV is disabled while doing a Malwarebytes scan.
    I'd bet your machine is full of PUP's . Hijackthis was the tool I used to run last after a cleanup.
    Last edited by 1101; 05-09-2019 at 11:17 AM.

  8. #8
    Most Appreciative Member Lovelee's Avatar
    Join Date
    Dec 2004
    Location
    Waikato
    Posts
    536

    Default Re: Hijack This

    Ive been using OBIT for years .. in fact just updated it and run it .. I also run Advanced system Care .. just run that too

    CryptoTokenExtension whats this?? It shows in the reset option for extensions .. but I cant find it anywhere else .. about to reset browser
    You make something idiot proof, and they make a better idiot.

  9. #9
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    6,322

    Default Re: Hijack This

    "Advanced system Care .."
    say..no..more..
    these sort of programs are generally garbage (just my opinion)


    Reset Chrome
    Run a Malwarebytes scan , get ready for a a shock as to what it finds
    Dont waste your $ on IOBIT (my opinion)

  10. #10
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    6,322

    Default Re: Hijack This

    OBit uses the Bitdefender scan engine (thats a good point).
    So could be better off just using Bitdefender, than than a AV/Malware protection product that just rebrands another brands product in a pretty wrappy

    Also
    "snake Oil" was mentioned :-)
    https://answers.microsoft.com/en-us/...7-1a424658609b

    If you're having issues, you need to Clean up things and remove bloatware and scamware .

Similar Threads

  1. Hijack this
    By mardyskywalker in forum PressF1
    Replies: 18
    Last Post: 31-01-2017, 07:38 AM
  2. Hijack this
    By macian999 in forum PressF1
    Replies: 3
    Last Post: 28-02-2010, 10:58 PM
  3. hijack this plz
    By password in forum PressF1
    Replies: 23
    Last Post: 27-04-2008, 10:27 PM
  4. hijack this
    By password in forum PressF1
    Replies: 3
    Last Post: 08-04-2008, 06:03 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •