As I looked at the findings of hijack, I see many service related issues.
Many of the files in Service: are missing.
Many of the tools we use for malware removal are designed for 32-bit systems and do not work
or can give misleading results
on 64-bit machines
. For instance, running HijackThis on a 64-bit machine may show log entries which indicate (file missing
) when that is NOT
always the case. Anti-malware scanners and many specialized fix tools have problems enumerating the drivers and services on 64-bit machines so they do not always work properly.
Microsoft created a new folder named SysWOW64
for storing 32-bit .dll files. WOW64
equates to "Windows on 64-bit Windows". This folder contains all the 32-bit .dll files required for compatibility which run on top of the 64-bit version of Windows. WOW64 is the x86 emulator
that allows 32-bit Windows-based applications to run on 64-bit Windows but x86 applications are re-directed to the x86 \syswow64 when seeking the x64 \system32.
For a more detailed explanation, please refer to:
Further, HijackThis only scans certain areas of a computer's system/registry
to help diagnose the presence of undetected malware in known hiding places. Given the sophistication of malware hiding techniques used by attackers in today's environment, HijackThis is limited in its ability to detect infection
and generate a report outside these known hiding places. This limitation has made its usefulness nearly obsolete
since a HijackThis log cannot reveal all the malware residing on a computer. As such, HijackThis has been replaced by other preferred tools
that provide comprehensive logs with specific details about more areas of a computer's system, files, folders and registry keys which may have been modified by malware infection.
As I cannot use notebook to save hijacker reports and there appears to be no way to highlight, copy and paste the information, I'm not sure how to post that
As I noted above, that log would be useless anyway.
Please follow the instructions in the Malware Removal and Log Section Preparation Guide
starting at Step 6.
- If you cannot complete a step, then skip it and continue with the next.
- In Step 7 there are instructions for downloading and running DDS which will create two logs.
When you have done that, post your logs
in the Virus, Trojan, Spyware, and Malware Removal Logs forum
, NOT here
, for assistance by the Malware Response Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the Malware Response Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.
Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. After doing this, it would be helpful if you replied back in this thread with a link to the new topic so we can closed this one.If HelpBot replies to your topic, please follow Step One and CLICK the link so it will report your topic to the team members.Note: If you can produce at least some of the logs, create a new topic and explain what happened with those logs you tried to create but could not. If you cannot create any of the logs, then still post the topic and explain that you followed the Prep. Guide but were unable to create the required logs. Again, describe what happened when you tried to create them.