5 Ways to Automatically Analyze HijackThis! Log File

**Bamboo** · 02-25-2008, 12:15 PM

I don't know how many of you have ever had a knock down drag out battle with a computer virus or Trojan, but if you have you may already know about the awesome HijackThis program. If you do you also know that the report it creates is not very user friendly and can be very confusing. You usually have to post the log file to a help forum where people that know WAY more about the subject will review it and help you get rid of the bad guys.

Here is something from their homepage about HijackThis for those that don't know about it:

"HijackThis is a virtual standard in the anti-spyware world and has received many accolades including a 5-star CNET editor’s review. Over ten million users world-wide have downloaded HijackThis. On CNET’s download.com web site, members voted HijackThis as one of the top two anti-spyware programs. HijackThis enables technical users to quickly defeat browser hijackers and other hard-to-remove spyware threats. Rather than using a database of spyware signatures, HijackThis simply lists the places in Windows and your browser where spyware can hide itself. Widely used by web forums that provide help to people with infected computers, HijackThis creates detailed log files that aid community forums, who use this information to solve spyware problems. The new HijackThis 2.0 beta version works with Microsoft™ Vista™ and Internet Explorer 7. Other developments include an “AnalyzeThis” function that allows users to see how prevalent the threats detected on their PC’s are when compared to other HijackThis users. Trend Micro will host HijackThis 2.0 beta on the consumer-oriented TrendSecure portal."

Well I have some good news, cause this morning in my RSS feed I spot the article 5 Ways to Automatically Analyze HijackThis! Log File

http://www.raymond.cc/blog/archives/...this-log-file/

There are some sites where you can copy and paste your log file and it will auto analyze it to see any known evils.

It does state at the link and on most of the linked sites that it is not a definitive answer, but is rather a guide to help you further investigate problems.

I ran 2 of the links, and didn't spot anything out of the ordinary, but I do run a pretty tight ship anyway.
I have fixed friends computers though that were pretty much useless when they handed them over to me and I was able to return them like new after using HijackThis and some help forums.
With these sites everyone should take the time to check out their own rig.
Will even hook you up with the links

http://www.trendsecure.com/portal/en...kthis/overview

Download and run HiJackThis, and save a copy of the log it produces to like your desktop.
Then copy and past the whole thing into one of the websites listed in the article above.

For instance, I did this one 1st because it looked very user friendly:
http://hijackthis.de/index.php?langselect=english

And it was. Came back with 1 thing it said might be "nasty", but I looked into it and it was fine.

At least with this if you come back with a lot of nasties, you know you need to seek further help.

Good luck!

**A_Grounded_Pilot** · 02-25-2008, 04:24 PM

Hey Bamboo that's pretty cool. HJT saved my butt one time when I picked up a really tenacious trojan from a questionable 'security' website. I just ran it again for kicks and it flagged a winlogon entry - gave me a quick scare. However, apparently you're good as long as winlogon.exe is running out of windows/system32.

Acreo Aeneas · 02-25-2008, 04:41 PM

Hmm, interesting. I've always wonder how to make sense of the HJT output file. I'll read up more on your links later since this really helps with some of the messy viral infected systems I've dealt with in the past.

**Long Bow** · 02-27-2008, 11:23 AM

Wow thanks a bunch Bamboo that is a very usefull set of links. I have used HJT several times. It is usually the only program that can completely get the job done. I of course had to post my log files to get help with them.

02-25-2008, 12:15 PM	#1 (permalink)
Bamboo Join Date: Nov 2006 Location: On the beach north of Jacksonville, NC Posts: 3,017	5 Ways to Automatically Analyze HijackThis! Log File I don't know how many of you have ever had a knock down drag out battle with a computer virus or Trojan, but if you have you may already know about the awesome HijackThis program. If you do you also know that the report it creates is not very user friendly and can be very confusing. You usually have to post the log file to a help forum where people that know WAY more about the subject will review it and help you get rid of the bad guys. Here is something from their homepage about HijackThis for those that don't know about it: "HijackThis is a virtual standard in the anti-spyware world and has received many accolades including a 5-star CNET editor’s review. Over ten million users world-wide have downloaded HijackThis. On CNET’s download.com web site, members voted HijackThis as one of the top two anti-spyware programs. HijackThis enables technical users to quickly defeat browser hijackers and other hard-to-remove spyware threats. Rather than using a database of spyware signatures, HijackThis simply lists the places in Windows and your browser where spyware can hide itself. Widely used by web forums that provide help to people with infected computers, HijackThis creates detailed log files that aid community forums, who use this information to solve spyware problems. The new HijackThis 2.0 beta version works with Microsoft™ Vista™ and Internet Explorer 7. Other developments include an “AnalyzeThis” function that allows users to see how prevalent the threats detected on their PC’s are when compared to other HijackThis users. Trend Micro will host HijackThis 2.0 beta on the consumer-oriented TrendSecure portal." Well I have some good news, cause this morning in my RSS feed I spot the article 5 Ways to Automatically Analyze HijackThis! Log File http://www.raymond.cc/blog/archives/...this-log-file/ There are some sites where you can copy and paste your log file and it will auto analyze it to see any known evils. It does state at the link and on most of the linked sites that it is not a definitive answer, but is rather a guide to help you further investigate problems. I ran 2 of the links, and didn't spot anything out of the ordinary, but I do run a pretty tight ship anyway. I have fixed friends computers though that were pretty much useless when they handed them over to me and I was able to return them like new after using HijackThis and some help forums. With these sites everyone should take the time to check out their own rig. Will even hook you up with the links http://www.trendsecure.com/portal/en...kthis/overview Download and run HiJackThis, and save a copy of the log it produces to like your desktop. Then copy and past the whole thing into one of the websites listed in the article above. For instance, I did this one 1st because it looked very user friendly: http://hijackthis.de/index.php?langselect=english And it was. Came back with 1 thing it said might be "nasty", but I looked into it and it was fine. At least with this if you come back with a lot of nasties, you know you need to seek further help. Good luck! __________________ LINKS 10th Tactical Guard Server Rules and SOP * Kicked? Banned? READ THIS FIRST!* Contact an Admin * Nominate your teammates for a ribbon Stoop and you'll be stepped on; stand tall and you'll be shot at. -Carlos A. Urbizo-

02-25-2008, 04:24 PM	#2 (permalink)
A_Grounded_Pilot Join Date: Aug 2007 Location: Chicago! Age: 25 Posts: 355	Re: 5 Ways to Automatically Analyze HijackThis! Log File Hey Bamboo that's pretty cool. HJT saved my butt one time when I picked up a really tenacious trojan from a questionable 'security' website. I just ran it again for kicks and it flagged a winlogon entry - gave me a quick scare. However, apparently you're good as long as winlogon.exe is running out of windows/system32. __________________ \|TG-X\| A_Grounded_Pilot 10th Tactical Guard Kicked? Banned? READ THIS FIRST! \| Server Rules and SOP Contact an Admin \| Nominate your teammates for a ribbon

02-25-2008, 04:41 PM	#3 (permalink)
Acreo Aeneas Join Date: Nov 2006 Location: DePaul University (Chicago) Age: 22 Posts: 3,994	Re: 5 Ways to Automatically Analyze HijackThis! Log File Hmm, interesting. I've always wonder how to make sense of the HJT output file. I'll read up more on your links later since this really helps with some of the messy viral infected systems I've dealt with in the past. __________________ Acreo_Aeneas Former 9th Member "People usually see me and ask if I speak Chinese. I respond by asking if they speak American." "Tomorrow's high-end tech today? Why bother, it'll be old when tomorrow arrives anyways."

02-27-2008, 11:23 AM	#4 (permalink)
Long Bow Join Date: Apr 2007 Location: Ontario, Canada Age: 30 Posts: 1,301	Re: 5 Ways to Automatically Analyze HijackThis! Log File Wow thanks a bunch Bamboo that is a very usefull set of links. I have used HJT several times. It is usually the only program that can completely get the job done. I of course had to post my log files to get help with them. __________________

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Sponsored links

Sponsored links