Britec Tech Support Forum

Britec Tech Support Forum > Technical Support > Operating Systems > Windows 10 > High resources lead to me feeling as if i have been hijacked
Full Version: High resources lead to me feeling as if i have been hijacked
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

smirk24

11-24-2016, 02:30 PM
has anyone came accross the following key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\{7746D80F-97E0-4E26-9543-26B41FC22F79} i noticed my resources increasing while i was just on the main desktop looking at the screen well when id try to do something i noticed it was taking longer than usual so i checked my task manager and sure enough my ram disk and cpu was pretty high so i did some investigating and found this key {7746D80F97E0-4E26-9543-26B41FC22F79} and when id click on it i kept getting an error message saying i dont have the permissions to edit the key so i went into permissions and i found mine and a few other accounts but then i found account uknown [attachment=2147] and i also noticed [attachment=2148]  have i been hijacked or whats going on?

System Specs
https://speccy.piriform.com/results/Qg4aXt6nyRxWL4wXYZsZuLQ

Farbar Recovery scan tool Reports
[attachment=2149]
[attachment=2150]
[attachment=2151]

I also ran a full scan of mrt which said i had 2 infections but when the scan completed it said my system is clean and the same goes for mbam and hitmanpro

And i opened process explorer and found the services surrounded by the red rectangle and there something to do with service host

Compton

11-24-2016, 08:28 PM
run a sfc scannow

Britec

11-24-2016, 09:05 PM
I think its something to do with Microsoft, I think it even creates allow firewall rules. Got to be some sort of service, maybe Cortana....who knows.

Mike

11-27-2016, 12:41 AM
Check out the tool SysInspector. Doesn't rely on definitions. My techs and I use it at our shop when doing preliminary scans and investigation into whether a PC is infected or not. It has filtering based on levels. Red is almost always for sure a trojan, droppers, etc. It's pretty accurate. In the orange, about level 5, you can see things that are semi-suspicious, and would help you narrow down what corrupt processes are causing those entries.

I would also recommend SFC /ScanNow. And follow up with DISM /Online /Cleanup-Image /RestoreHealth if SFC says "found corruption but was unable to fix some of them."

Event Log can also be very handy when diagnosing issues. Not everything is a hijack or virus. Especially since Windows 8, corruption within the Component Store and other areas of the system can be delicate and can cause all sorts of weird issues.

Compton

11-27-2016, 01:24 AM
I think what happen is that the system was tweak causing the corruption remember windows 10/8,1 is already optimize for performance
Britec Tech Support Forum > Technical Support > Operating Systems > Windows 10 > High resources lead to me feeling as if i have been hijacked