Qustion on HiJackThis logs

Discussion in 'privacy technology' started by Old Monk, Nov 2, 2006.

Thread Status:
Not open for further replies.
  1. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi Folks

    Does any infection get past being spotted in a HiJackThis log ? Put it another way, if your log is clean is it as near as damn a sure thing your machine is clean ?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,703
    Hello,
    Yes it can get past. And no, no as near damn sure it is clean.
    But a combination of parameters - how the pc feels, any new strange files, folders, processes, services, error, firewall alarms, hijackthis, and here and there a scan with an anti-something utility, if they are constant to what you're used to, no sudden changes, you're most likely clean.
    But you have to feel the machine.
    Mrk
     
  3. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi

    I'm confident I'm clean but I know what you mean. It's actually only security apps playing up that sometimes give me the heebie jeebies that's something amiss - LOL

    Example - just got Counterspy which first scan said I was infected with iSearch. Researched it, saw all kinds of references in HJT logs across the net. Got worried, my HJT log made no reference and eventually found in these forums that it was a known FP that actually pointed to the Windows Validation/ Notification wotsit.

    Thats really why I asked about HJT as a lot of forums ask for it, it appears to diagnose malware problems.

    What sort of malware can slip the HJT net out of interest ?
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,703
    Hello,

    Malware that goes into weird kind of places - those not scanned by HJT.
    Malware that injects into other processes.
    Who really knows - nothing is impossible in the code.

    But the best indication, in my opinion, is how you feel the machine. It's better than any scanner. Of course, you need to know how it should behave.

    Ask yourself is it possible that you got infected. And how.

    Mrk
     
  5. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Mrkvonic

    Thank you very much for your time and advice.

    It is good advice. With a lot of things in life we just know when something is just a hiccup and also when something is seriously wrong.

    When it comes to malware, it's also nice to have the tools to help when our senses betray us, especially for those who aren't proficient enough to see the signs.
     
  6. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,703
    Hello,

    Then imaging software might be the best one for you. Make a backup after you freshly format and install - and then every month or so. You'll have checkpoints to revert to if needed. That's the simplest peace-of-mind solution, I think.

    BTW, if you fear a serious infection, here are some super-leet tools:

    Make Ultimate Boot CD for Windows, boot it, search for hidden files and folders, run scans with available anti-virus and anti-spyware tools that come with it.

    Use Knoppix live CD (Linux) to examine the hard disks for hidden cuties.

    Use Helix live CD (Linux), an excellent forensics package, including special Windows examination tools.

    Need links? Aks and thou shalt be rewarded.

    Mrk
     
Loading...
Thread Status:
Not open for further replies.