A Revolution is the Solution
Leave us hanging again PG, what are you chatting to the FBI about?
"and when the same guy that runs off to check out some red, hot porno, gets infected and turns up looking for a "quick fix" for the tenth time on your website, you do start to think, well, sorry, I'm all out of happy juice to wipe your infected PC down with."
I agree with you there. For now my plans are simple. Get experience with infections out there by helping with HJT logs. Use other applications to bust the scumbags before they can carry out there "task". For someone like me. I can't just jump in and know what type this installation is to the other. Once I get to know how. If you can guide me in someway. Shoot me a PM. LOL
But on the whole I agree that we arent fighting Malware. We are just cleaning after it.
Andy I'm always here for teh win :D
Great write up PG, kudos. Your absolutely right. What we needs is more dedicated group of fighters, focused with one thing in mind, search and destroy the enemy where they live.
Another important thing, which is what I like to do, is spread the word about sites, groups, vendors who perpetuate this stuff. Lowlife scumbags, like Direct Revenue, Transponder Gang, 180Delussions. Get the word out to as many people as I can, hence people find my postings when I feel they merit it, posted in as many as a dozen different forums.
Exposer is our greatest weapon.
Carry on my brother!!!
I know you're here to teh win :D Everyone knows about you and your ways.
I agree, but was caught off guard by your perspective that HJT doesn't really do as good a job anymore. I hadn't really thought about it, but you make a very good observation.
It really should be seen as more a diagnostic tool than removal-hammer. I've been waiting patiently like many others for Merjin to release a new update--hopefully he will with it kicked up a few notches! Komperssored?
I have to rely on HJT at work to help me understand what I am trying to respond to when I clean the multitude of pc's I support. As you know, this requires a complex, multi-front approach using a variety of tools.
Short of hand combing the registry for those extra bits, can you or your readers suggest a better or alternative for HJT to target/clean the registry of malware items? I use Sysinternals Autoruns, A2HiJackFree http://www.hijackfree.com/en/ , HJT, the advanced tools in SpyBot S&D, maybe a couple others, but I am always looking for the best of the best to use. Since I'm a sysadmin techncial levels don't concern me...and manually diving into registries is second nature now.
Any suggestions would be greatly appreciated.
Any plans--Paperghost--to do a 10-Bbest anti-malware tools of the year roundup?
Thanks for any help you can give a fellow warrior in the good fight.
--Claus
on the whole Hjt help is just Garbage removal next thing you know is another pile of Garbage appears the answer seems to be stop the garbage in the first place PG uses the words Hack The Planet..
maybe he's right if a few 1000 dedicated users hit the Walware sources a few times taking out sites blogs and other stuff
after all in most cases its not as if we dont know where this is coming from..
im sure we have all seen the boasters on the blogs i virused so and so lets combine unite and destroy the Scum of the web , no legal twisting no excuses Blah
End of rant 
Now would'nt it be karma if the 180solution website got the F.Error makeover!!!112
A bit short on time at the moment, but thanks for the kind words A round up of the best tools, eh? may well have a go at that. and a compilation of "alternative" manual removal tools, too - thatd be an interesting read (and a challenge to put together!)
Hopefully a new version of HJT will be with us shortly (crosses fingers) - I'll have a think about what alternatives there are too..
As someone who has used Hijackthis to fix things since early 2004, I can say that it is not as usefull as it used to be. Gone are the days when you could fix everything with just hijackthis. Simple infections like Roings that were simple to fix have evolved to mega nasties like Look2me. While Hijackthis is still usefull, it isn't enough.
Even more important, is the fact that it takes much longer to help one person now. It used to be that a log that took alot of time and work would have 10 to 15 replies from both parties. Now that is normal and a hard log can go on for 50 or more replies over wekks.
So yes, taking the offensive and doing things differently is going to be a must. Otherwise, the volume of Hijackthis logs will drown every help board out there.
Commenting by HaloScan
