New Computer Hope tool

[Malware Removal Specialist]

Did you change anything just now? It's back to blocking my logs.

Did you change anything just now? It's back to blocking my logs.

Nope nothings been changed.

[Malware Removal Specialist]

Strange. 

Strange. 

Have an example log you can send me a link to or what you're doing so I can see if I can duplicate it?

[Malware Removal Specialist]

Okay. It took one log but blocks another. Could it be something in the logs (text, URL...) that it's hitting on?

2 logs. Blocked and not blocked.

[Saving space, attachment deleted by admin]

Hmm both of these worked for me with no issues. The blocked one worked but I did get a Kaspersky false warning, is it maybe something to do with that? What is happening when it's saying it's blocked?

[Malware Removal Specialist]

Using Firefox.

Yeah that's something to do Kaspersky and not the process tool. It's the false infection warning and I believe can be ignored to load the page or if a rule for it has been set it may have to be adjusted through Kaspersky.

Update: v1.6a

* Corrected issues with false detections when looking at the directory of the file. e.g. java.exe being found in program files directory and the tool believing it's a potentially infected file.

Update: v1.6c

- Updated structure of how files with directory locations are listed in database
- If malware found in /temp/directory additional suggestion of running a Windows cleanup to clear out all temporary files is suggested.
- Corrected files not getting logged if they're in the Windows directory even if they are unknown
- Corrected issue with seriously corrupted hijackthis logs containing HTML to not be parsed as HTML.
- Added several hundred more files to database

Update v2.0

- Big update to how this tool queries the files being looked up. The method of going through the files should be a lot faster and a lot less resource intensive on the server.
- When hovering the mouse over the folder icons to display the path if that particular file is in multiple paths it'll now show all paths, separating each path with >>> as shown below.

o2 - bho: swag bucks toolbar - {a057a204-bacc-4d26-b2fc-48f8ccab3ed4} - c:\program files\prodeg~1\prodeg~1.dll >>> o3 - toolbar: swag bucks toolbar - {a057a204-bacc-4d26-b2fc-48f8ccab3ed4} - c:\program files\prodeg~1\prodeg~1.dll

- Better file detection and listing for files embedded within missing files / potential protocol hijacks.
- Corrected file errors within database
- Added several dozen more files
- Few grammatical errors and other minor updates

Although I did spend about an hour going through the a few of the older stored logs I didn't fully test this as of yet. Although it seems stable because of the amount of re-write I did on the code it's possible that issues could still exist since so much was changed. Just got too tired for any more testing.

fantastic tool!

Nice tool.  However, I'm not sure that everything.exe can be defined as malware.

Nice tool.  However, I'm not sure that everything.exe can be defined as malware.

Everything??

http://www.computerhope.com/cgi-bin/process.pl?p=everything.exe

Thanks for the suggestion, the reason this is reporting as malware is infections of everything.exe that are stored in the \windows / \windows\system32 directory. It should probably be mentioned that if this file is in another directory that it is not likely an infection. Will add to my endless todo list.