If I have a virus, will HiJackThis show it?

Discussion in 'malware problems & news' started by truthseeker, Jun 15, 2008.

Thread Status:
Not open for further replies.
  1. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    If a person gets infected with a virus, trojan or spyware or keylogger, will HiJackThis show it?

    I mean..... is my understanding correct that if I have a virus, trojan or spyware or keylogger on my PC that it will be running in memory, and HiJackThis would show something running when I do a HiJackThis scan?

    Because why would a virus, trojan or spyware or keylogger not be active in the memory? If not active and running in memory, then what would it be doing? Just sitting on my HDD doing nothing?
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    HJT was designed and intended to reveal the presence of browser hijackers. It was never intended to diagnose viruses/trojans in in general, though it may give useful clues.

    HJT is looking at specific areas, usually in the Registry, where changes may occur. It is not looking for malware files and cannot distinguish good from bad in memory. It is not a file scanner.

    In the era of rootkits, where system changes can be hidden, HJT may find nothing amiss even though you have rampant infection.
     
  3. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Please re-read my initial post. I never mentioned anything about HJT "diagnosing" viruses/trojans etc.

    My question is this...... If a person has a virus/trojan/keylogger etc, doesn't the virus/trojan/keylogger etc run in RAM/Memory? If so, then is there a program that shows all memory resident programs running? I thought HJT does it, but is that not so?

    If HJT doesn't show all current running memory programs, which would include any virus/trojan/keylogger etc, then what other program shows me everything that is running in RAM so I can look at it and see for myself?
     
  4. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    If you want to know what is running in memory you should look in TaskManager (or preferably Process Explorer) remembering that a rootkit can hide such info.

    For more detailed system info there are so many progs that I hardly know what to suggest. Try this for starters:-

    http://www.runscanner.net/
     
  5. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Ok thank you.
     
Loading...
Thread Status:
Not open for further replies.