Author Topic: Check your program task hashes with this tool -  (Read 4517 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Check your program task hashes with this tool -
« on: December 27, 2009, 05:15:11 PM »
Hi you malware fighters,

Polonus and CharleyO already use this, but you can also benefit from these free scans of
running system scans.

You scan your HJT logfile to get a tasks survey here: http://www.computer-support.nl/Systeemtaken/Scan.php
Then scan these processes automatically and download the Agics Hashcheck, download from here:
http://www.computer-support.nl/Software/AHC/Setup.exe

I found that free tool for us here: http://www.computer-support.nl/Systeemtaken/Taakinfo/18636/jqs.exe/
American version:
http://www.backgroundtask.eu/Systeemtaken/Index.php

Additionally also use ThreatExpert Memory Scanner: download and tutorial here: http://www.threatexpert.com/memoryscanner.aspx

Enjoy my good friends,

polonus
« Last Edit: December 27, 2009, 06:14:45 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

news

  • Guest
Re: Check your program task hashes with this tool -
« Reply #1 on: December 27, 2009, 05:20:28 PM »
Thanks so very much Polonus for the links and the information for the download and tutorial on ThreatExpert. Great info. as always.
« Last Edit: December 27, 2009, 05:23:24 PM by news »

Alan|Cvette

  • Guest
Re: Check your program task hashes with this tool -
« Reply #2 on: December 27, 2009, 07:04:03 PM »
Going into my AV arsenal.  :)

Can you post this in http://forum.avast.com/index.php?topic=19387.1755 for future reference?

CharleyO

  • Guest
Re: Check your program task hashes with this tool -
« Reply #3 on: December 27, 2009, 07:33:40 PM »
***

Hashcheck works very well and quickly.   :)


***

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Re: Check your program task hashes with this tool -
« Reply #4 on: December 27, 2009, 08:39:59 PM »
Hi CharleyO,

For more info on a particular process, click through or get it here:
http://www.backgroundtask.eu/Systeemtaken/More_info.php

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

CharleyO

  • Guest
Re: Check your program task hashes with this tool -
« Reply #5 on: December 28, 2009, 03:41:58 PM »
***

Thanks Polonus -

I checked that out when I visited the site a few days ago.   :)


***

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3357
  • Avast shall conquer the whole world
Re: Check your program task hashes with this tool -
« Reply #6 on: December 28, 2009, 04:59:51 PM »
Found a huge mistake by Agics Backgroundtasks after I've done a HJT saying hm.exe is a spyware/virus, why I ask well hm.exe is a belongs to HostsMan http://www.abelhadigital.com/ is what I have on my PC how do I ask Agics Backgroundtasks to recorrect this mistake. ??? ??? ??? ???

http://www.backgroundtask.eu/Systeemtaken/Taakinfo.php?ID=7169
ASUS G75VX-T4153H | Avast Premium v22.4.6011 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | W8.1 64bit | Firefox 64bit | Thunderbird 64bit | MBAM Premium | Adguard Premium | CryptoPrevent Premium | CCleaner Portable | MCShield | Macrium Reflect | 7-Zip

CharleyO

  • Guest
Re: Check your program task hashes with this tool -
« Reply #7 on: December 28, 2009, 06:04:25 PM »
***

It appears that hm.exe can be related to some malware and perhaps this is what Agics is finding.

http://www.prevx.com/filenames/X818103419012961514-X1/WMISPVC.EXE.html

If so, the location of the file and a comparison of hashmarks would be needed ... or at least a checking of the hashmark of the supposedly good file should there be a reason to do this.


***

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33628
  • malware fighter
Re: Check your program task hashes with this tool -
« Reply #8 on: December 28, 2009, 08:42:13 PM »
Hi malware fighters,

And here are some online MD5 Hash Checkers?

http://md5-hash-online.ewebdev.com/

http://www.miraclesalad.com/webtools/md5.php

But Notice the following information:

The purpose of a file hash is to see if what you received is exactly equal to the source's copy. Since calculating the hash requires every bit of the file, you'd have to upload the entire file to an "online hash checker", and if there were a difference, you couldn't tell whether it happened during downloading or uploading. That's why there is no such thing and you should get an utility to do it on your machine,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!