Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis being defeated?


  • Please log in to reply
6 replies to this topic

#1 aj46

aj46

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 17 April 2015 - 03:03 AM

My computer is doing several strange things, too many to list.  Every anti-malware tool I have run insists my machine is clean.

 

What has me doubting this is HijackThis insists it has fixed 20-odd issues in the 023 group (services?), all involving entries for which the file is not found.  However when I re-scan they all are still there.  It does not matter if I run it in SAFE mode and/or as Administrator.

 

Any idea what may be happening?



BC AdBot (Login to Remove)

 


m

#2 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,555 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:28 PM

Posted 17 April 2015 - 03:08 AM

HijackThis is no longer updated and should not be used. Moreover, it is a specialized diagnosis tool and just because you see "file not found" does not mean the file is absent from the system.

Edited by Valinorum, 17 April 2015 - 03:10 AM.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#3 aj46

aj46
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 17 April 2015 - 12:38 PM

V> ... just because you see "file not found" does not mean the file is absent from the system.

 

Even granting this, I have never heard of HijackThis stating it fixed a checked issue, but having the entry re-appear instantly (much less so many of them).  Have you?

 

This is only one of the strange things my computer has been doing for months.  This example seems so unusual to me I was hoping someone would recognize what was happening, and hopefully suggest a course of action (or anything!).



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,582 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:28 AM

Posted 17 April 2015 - 08:21 PM

As indicated by Valinorum...it is is a known issue that running HijackThis on 64-bit machines may show log entries which indicate (file missing) when that is NOT always the case. You need to verify that the file is actually missing.

HijackThis only scans certain areas of a computer's system/registry to help diagnose the presence of undetected malware in known hiding places. Given the sophistication of malware hiding techniques used by attackers in today's environment, HijackThis is limited in its ability to detect infection and generate a report outside these known hiding places. This limitation has made its usefulness nearly obsolete since a HijackThis log cannot reveal all the malware residing on a computer. As such, HijackThis has been replaced by other preferred tools like DDS, FRST, OTL, Zoek and RSIT that provide comprehensive logs with specific details about more areas of a computer's system, files, folders and registry keys which may have been modified by malware infection.

Unless you know how to read and analyze logs from DDS, FRST, OTL, Zoek or RSIT there's no point in downloading and using them. If those tools are needed for a malware infection you should seek assistance from an expert who will advise you accordingly. Like HijackThis, these are powerful tools which rely on trained experts to interpret the log entries, determine what needs to be fixed and plan a strategy for disinfection. Using such tools requires advanced knowledge about the Windows Operating System and can cause system damage if used incorrectly. If you do not have advanced knowledge about computers or training in the use of these tools, you should NOT attempt to use them or fix anything without consulting a expert as to what to fix.

If you need individual assistance with malware removal, please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.
When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 aj46

aj46
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 17 April 2015 - 08:44 PM

Thank you, people.

 

I would still like to know what is behind the many problems my machine has started experiencing.  In the past I have smiled at people whose logic process goes:  "A virus is a mysterious thing.  My computer is doing mysterious things.  Therefore I must have a virus."   However I also remember Sherlock Holmes saying, "Whenever everything else has been eliminated then whatever remains, whatever it is, must be true."  The only problem with that is he does not explain how to prove that EVERYTHING ELSE has indeed been eliminated.

 

Back to work I guess.

 

Again, thank you for your patience and your willingness to help others.



#6 aj46

aj46
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 17 April 2015 - 08:50 PM

Wow!

 

I've just had a look at Malware Removal and Log Section Preparation Guide This is written so clearly that even a Polack like me can understand and folllow it.

 

Whoever wrote tit can compose my User Documentation anytime!



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,582 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:28 AM

Posted 17 April 2015 - 08:50 PM

You're welcome.

Posting the required logs will provide a more detailed look at your system for possible malware. Many of the scanning tools tools we use in this forum are not capable of detecting (removing) all malware variants.

Edit: I fixed my previous reply...when doing a copy and paste, all the instructions were not included.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users