misleading reports with Diagnostic Tools inWindows 7 64 bit

Hi this is a follow up question of this one:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_7/Q_26101036.html

I started this because of RPGGAMERGIRL comment.

So I will definetely need to use Windows 7 64 bit, (in a new Dell computer that i will buy, XPS 9000), because of Powerfull application such as 3dsmax, Adobe , etc....  But what i am afraid of is if i run into trouble with my computer, will i be able to fix those problmes myself with the help of the applications most of you have recommended me in the past?

For example, i am interested to know if this applications will work well in Win 7 64 bit, and not give misleading reports:

HijackThis
ComboFix
FlashDisinfector
etc...  

Note: @rpggamergirl: You have helped me solve my problems plenty of times,is there an essential tool that you have that you think does not work well on 64 bit?

Thank you in advance.



unrinoceronteAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gdadkinsCommented:
I have not run into any software that is fairly up to date (which includes those you have listed) that has had any issues with a 64-bit operating system. I've been running 64-bit for awhile now and haven't had any problems thus far. Back when Windows XP 64-bit came out, there was a lot of software that wasn't compatible due to it all having to be rebuilt. Several years later though, most people provide a 32 and 64-bit version of any software they supply. There is always the option of XP mode with Windows 7 if you have a really old piece of software that just for some reason won't run in 64 bit.
0
unrinoceronteAuthor Commented:
Thanks gdadkins, but remmeber what i am interested to know here is only regarding to DIAGNOSTIC TOOLS, like the one you mention, Hijack this, so i raise a new question, because, correct me if i am wrong, but If i have a Problem with my PC, say Virus, or spyware, or similar, when using Normal Windows 7 64 bit, and the Diagnostic tool only works on 32 bit, if i go on XP MODE it will not work for my problem since XP Mode is Virtualization, and the problem is over the Windows 7 64 bit side.... Am i wrong? i dont see how that will work.. please let me know.
0
gdadkinsCommented:
HijackThis does work in 64-bit windows. Other free tools such as Malwarebytes Anti-malware, Adaware, superantispyware, etc. all diagnostic tools work fine under 64bit. I haven't seen any popular diagnostic tool that hasn't been made accessible on a 64-bit platform(I run or have run most all of the popular diagnostic tools). I was referring to XP MODE only for any kind of non diagnostic software that will not run on 64-bit that you may require. The diagnostic tools would only check for the Windows 7 install and not XP MODE. If you did run XP MODE, you would need to install anti-virus software for it as well.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

rpggamergirlCommented:
For backward compatibility Microsoft makes use of the WOW64 emulator so 32-bit apps can run in a 64-bit environment. These 32-bit apps are running within the emulator like they are running in 32-bit environment. All 32-bit calls for DLLs etc are redirected to the \Windows\SysWOW64 folder where 32-bit files are kept.
So scanners/tools will run on 64-bit Windows(fully compatible or not).


<<<"is there an essential tool that you have that you think does not work well on 64 bit?">>>

ComboFix a very powerful tool is not compatible and should not be run on 64-bit systems.
FlashDisinfector <-- created by sUBs author of ComboFix, so I don't think it's compatible either when CF isn't.

BUT: MalwareBytes is fully compatible with 64-bit OS.

All OldTimer's tools are also compatible.
SUPERAntispyware runs but not fully compatible, AFAIK only scans the 32-bit locations.

Hijackthis is a 32-bit app, will run in 64-bit OS but it's not fully compatible so when you run a scan it will have misleading report as I've mentioned in your other thread.
I'm thinking of writing an article about this when I get the time.

It will report those legit 023 services as having "file missing" when in fact the files are not at all missing.
Examples below: And I have seen users who are alarmed when they see these entries in their Hijackthis logs, while some of our top EE Experts advising askers to fix these entries when they shouldn't be fixed.

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)


Most 32-bit scanners runs on 64-bit environment but a lot of them are not fully compatible which means they only have access to the 32-bit locations but don't have access in the native environment(64-bit locations) as 32-bit code and 64-bit code don't mix so they are kept separate.

All of OldTimer's tools runs on 64-bit, OTL,and OTS are fully compatible though you need someone who knows how to interpret the logs as it will only delete files/reg entries using a script. We're always here if needed.

Compatible:
OTL <-- since a lot of nasties can now hide from a hijackthis scan, this one is like a replacement and is better than HijackThis as it scans all locations that HJT does and more, even does a customize scan.
TFC <-- temp file cleaner
exeHelper <-- an excellent tool to use when executables are blocked and utilities are disabled by nasties.

while some removal tools are not compatible but will run in 64-bit OS, I wouldn't worry too much since 64-bit OS is pretty much secure... so far I don't think rootkits can even infect in 64-bit native environment since most rootkits are still 32-bit based and 64-bit windows won't let rootkits install their drivers. So when a 64-bit OS is infected it's most likely only the 32-bit portions are infected and those 32-bit removal tools will suffice.

Hope that helps.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
unrinoceronteAuthor Commented:
!!!! Thanks RPGGamergilr!, thats what i needed to know!.. I understand everything you said, and i am better prepared if something happens in the future with my new  computer with win 7,  64 bit.  And definetely, any trouble that may come up, i will check it here with EE people. (good to know that i have to be carefull with reports of some of these tools like what you said about Hijackthis.)

A shame about COMBOFIX, i liked that tool a lot, (yourself helped me a lot of times with that tool in the past)

What is OTL , OTS, ?
0
rpggamergirlCommented:
Maybe someday ComboFix will be 64-bit compatible.

OTL.exe and OTS.exe are diagnostic tools (created by OldTimer) that scan the system like Hijackthis but scanning more locations.. these are very good tools and can also perform custom scans.

It will not delete any files/reg entries during the diagnostic scan.... will only remove malware using a script.
0
unrinoceronteAuthor Commented:
Thanks very very much!!
0
rpggamergirlCommented:
You're welcome!
Thank you for using Experts-Exchange.
 
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.