Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How would I run Hijackthis Remotely?


  • Please log in to reply
7 replies to this topic

#1 jdbaker82

jdbaker82

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 19 April 2010 - 11:08 PM

I have a hard drive connected to my netbook VIA USB adapter and would like to load the registry so I could do a Hijackthis scan anyone have any idea how I would do this? I know the UBCD Hijack this folder offers a CMD that lets you load a remote profile but I cannot find a way to do this booted normally to a machine.

Edited by Orange Blossom, 20 April 2010 - 04:09 PM.
Moving to AV forum. ~ OB


BC AdBot (Login to Remove)

 


#2 jdbaker82

jdbaker82
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 20 April 2010 - 09:15 PM

Is this impossible?

#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:12:10 AM

Posted 20 April 2010 - 10:07 PM

I have posed your question to the malware removal team.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,821 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:10 AM

Posted 21 April 2010 - 02:02 AM

Hello jdbaker82,

I am not sure I understand what you are trying to do. You hooked up a HD from another computer to your Netbook in the hope you can scan that drive with HJT?

That is not going to work I think, and besides, it makes no sense because HJT only scans the current running Windows installation, just as any other tool we use.

If you have a problem with a computer and need help with it, please let me know. We have the possibility to run scans from a PE environment, but that will only work if the HD is in the right computer, not when it is slaved to another computer.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 jdbaker82

jdbaker82
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 21 April 2010 - 06:40 PM

I have posed your question to the malware removal team.


Thank you very much :thumbsup:

#6 jdbaker82

jdbaker82
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 22 April 2010 - 11:38 AM

Hello jdbaker82,

I am not sure I understand what you are trying to do. You hooked up a HD from another computer to your Netbook in the hope you can scan that drive with HJT?

That is not going to work I think, and besides, it makes no sense because HJT only scans the current running Windows installation, just as any other tool we use.

If you have a problem with a computer and need help with it, please let me know. We have the possibility to run scans from a PE environment, but that will only work if the HD is in the right computer, not when it is slaved to another computer.


Thanks for the reply. I would think it would be possible because I know you can boot to the UBCD4WIN and load the HD remotely using the CMD prompt in the HJT programs folder. I don't see how its any different having a HD connected to a netbook externally I just cant find the CMD prompt thats included in the UBCD to load the registry remotely. Currently my job involves removing malware/viruses and I am just looking for every little trick in the book to help me.

If anyone would know how to do it I am sure SUBS would know could someone ask him for me? lol

Edited by jdbaker82, 22 April 2010 - 11:39 AM.


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,821 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:10 AM

Posted 22 April 2010 - 12:30 PM

Hello,
The reason we are not really interested in HJT running on a remote registry, is that we don't use HJT altogether in most cases. I think I can safely say that malware so serious it causes boot problems, will not show up in HJT.

When I am faced with a computer that cannot boot properly, I usually use the PE version of OTL, which is based on Reatogo-X-PE and works like a charm.

However, I cannot give you any more information on that one, since the developper has requested that information about his tools stays in private forums only and at BC we respect that decision. I hope you can understand that.

What I still don't understand is why you do hook the drives up. This brings a risk of spreading an infection to your netbook as well. If you have already a PE CD, its just as easy to use it directly on the infected computer.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 jdbaker82

jdbaker82
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 22 April 2010 - 02:37 PM

Hello,
The reason we are not really interested in HJT running on a remote registry, is that we don't use HJT altogether in most cases. I think I can safely say that malware so serious it causes boot problems, will not show up in HJT.

When I am faced with a computer that cannot boot properly, I usually use the PE version of OTL, which is based on Reatogo-X-PE and works like a charm.

However, I cannot give you any more information on that one, since the developper has requested that information about his tools stays in private forums only and at BC we respect that decision. I hope you can understand that.

What I still don't understand is why you do hook the drives up. This brings a risk of spreading an infection to your netbook as well. If you have already a PE CD, its just as easy to use it directly on the infected computer.


Some computers BSOD when booting to CD's which is the reason why I would want to be able to run programs like this remotely.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users