Highjack this solution please

Discussion in 'Windows 7 Help and Support' started by 3doz, Jan 16, 2012.

  1. 3doz

    3doz Senior Member

    Joined:
    Jun 6, 2010
    Messages:
    310
    Likes Received:
    0
    see attachment for the information on my computer and the highjack problems
    see the lower section missing files in the sevice areas .
    the reason I tries this was to see why the computer went real slow in loading and running all of a sudden
    have chaecked for virus and other problems spy ware , nothing showing up
    removed the last program I installed , no change
    memory tested OK (ram)
    opens and clossed down about normal time
    would appreciate any assistence

    previous problem was having trouble in loading in programs using 32 so I installed the 64 on a different drive .. after settting it up < I removed the 32 windows using easy bcd without a problem
    this 64 ran well untill last week , Yes I have used a restore without any difference as this problem remains
     

    Attached Files:

  2. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    Don't know if anyone here is versed at reading the Hijackthis logs, but most of the things depend on what you might recognize. Have you gone through the log and looked to something that looks out of place?

    You have many Google entries..these will probably take up time, but not sure if they are the problem. One I noticed I did not recognize was

    which looks like it might not belong.

    Also, the numbers on the left of the log will, in some cases, highlight which entries might be suspicious. I do not remember what the numbers are, but you can check using HijackThis definitions.
     
    #2 Saltgrass, Jan 17, 2012
    Last edited: Jan 17, 2012
  3. zvit

    zvit Honorable Member

    Joined:
    Nov 3, 2009
    Messages:
    2,455
    Likes Received:
    84
  4. davehc

    davehc Microsoft MVP
    Premium Supporter Microsoft MVP

    Joined:
    May 1, 2008
    Messages:
    5,116
    Likes Received:
    301
    1 person likes this.
  5. Elmer

    Elmer Extraordinary Member

    Joined:
    Mar 5, 2010
    Messages:
    3,873
    Likes Received:
    284
    Good shout Dave. Bleeping are, in my opinion, the experts in that type of thing.
     
  6. 3doz

    3doz Senior Member

    Joined:
    Jun 6, 2010
    Messages:
    310
    Likes Received:
    0
    hi all thanks for the assistance
    I have been working though it and have some results . but these are a pain in the ***
    if the files are missing and the services are stopped why have them running in the first place
    How does one get rid of them
    23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
     
  7. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    I show all of those files on my system. Have you checked yours?

    I think it might be a case of temp files being created in a virtual system, but not sure.

    Does the O23 number indicate a hazard in Hijackthis?
     
  8. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Most if not all are programs responsible for critical Microsoft services
    And on a properly updated and patched machine should not be managed or manipulated in any fashion unless there is reason to suspect that they are corrupt or otherwise causing problems with the computer.
    These services often start and stop and I suspect that perhaps what you are seeing is a limitation in HiJackThis as to how it is reporting these specific items.
    It has been months if not a year or more since I have seen any of these identified as a possible problem, the last one being a lsass.exe exploit which I believe has faded (due to hotfixes, patches, updates and malware protection) into oblivion.
    Regards
    Randy
     
  9. Elmer

    Elmer Extraordinary Member

    Joined:
    Mar 5, 2010
    Messages:
    3,873
    Likes Received:
    284
    You're running a 64 bit system aren't you? HJT is not fully 64 bit compliant. Those (file missing) entries are "errors". Do not attempt to be doing anything with those.

    O23 = NT Services
     
    #9 Elmer, Jan 21, 2012
    Last edited: Jan 21, 2012

Share This Page

Loading...