Author Topic: Sites to analyse HJT  (Read 2621 times)

0 Members and 1 Guest are viewing this topic.

Avastfan1

  • Guest
Sites to analyse HJT
« on: October 26, 2009, 10:41:24 AM »
Dear Forum,

Are there any other sites apart from www.hijackthis.de which offer to analyse HJT logs?

Thanks!

Avastfan1

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
« Last Edit: October 26, 2009, 10:58:05 AM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Sites to analyse HJT
« Reply #2 on: October 26, 2009, 01:19:16 PM »
Hi you malware fighters,

The quality of the online HJT analyzers may vary greatly. The German analysis site is quite good. One should always google for all that is found and rings a bell with the helper whether it is legit, not necessary, suspicious and needs a second op (virustotals) or outright malicious, malcode or wrought by malcreator & cyberco.
So learn your HJT categories. Also go here: http://www.computer-support.nl/Systeemtaken/Scan.php
This is a HJT scan in Dutch with info on all system tasks involved. Database also in English and American English:
Quote
Analyse your HijackThis log files or systeminfo files with the Agics database.

HaijckThis is an often used tool to make an overview of running tasks. Agics offers the possibility to scan your Hijack log files with the AGics database. This will give a quick overview of the running tasks in your system without having to look them up one by one.

When you do not have HijackThis yet, download HijackThis then here
Start the program and create a log file
Copy the logfile and paste it in the form below (Click in the file and use CTRL+A to select everything. Use CTRL+C to copy. Go to this webpage, rightclick in the form and choose PASTE)
It is also possible to scan Systeminfo files from Windows XP and Vista. Export the file in .txt and copy the content in the form below.

The process of the data can take some time. It could look like your browser is not responding anymore. A proces time of 2 minutes is normal

There is also a sticky on HJT analysis in the virus and worms section.

Mind that HJT has not been updated by the developer and Trend Micro did not do much of a job, a modern alternative is freefixer - http://www.freefixer.com/static/freefixersetup.exe

Sometimes cleansing needs the additional functionality of modern eliminating tools like ComboScript,
sometimes a rootkit technique may be involved, or one should use tools in Safe Mode or disable/enable System Restore on cleansing. Sometimes tools have to be randomly renamed to evade disabling by malcode. Always remember the bright malcreant will use all tricks in the book as will the cybercriminal or spyware tracking fake or rogue sellers or ransom hijackers. Furthermore illegal activities and malcode is not far apart a crack will mean a load of trojans, keyloggers, infectors,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!