Using HijackThis to remove malware
@ce-infocus-ps8QOO
•
Oct 13, 2024
Oct 13, 2024
2.3K
HijackThis , a hijacker detector and remover was originally created by Merijn Bellekom and then later sold off to Trend Micro. HijackThis is a very popular browser hijacker detector used by majority of security analyzers to identify the possible malware infections on a computer.
The problem with today’s malware is that they are very difficult to detect due to the advanced protective mechanisms used by them. Because of this, even a thorough scan by the latest updated anti virus or an anti spyware/malware may miss out on the latest variants of a particular malware. In such cases, to make sure even the last traces of the malware is weeded out, security analysts suggest using HijackThis logfile through which they can analyze the registry and other program settings on a computer and based on the log, they can pinpoint towards the malware entry (and thereby their removal too ) with greater accuracy.
#-Link-Snipped-#It is rather a simple process.
•   Just download the HijackThis software from #-Link-Snipped-# and run the executable.
•   Then select the appropriate option to scan and generate the log file (the 1st option).
•   Once the log file is generated, get it analyses at www.hijackhthis.de or if you are still unwilling to take any risk, post the log to any security forum of your choice. Googling out for ‘hijackthis security forums’ will get you lots of relevant links.
•   Check out the bad settings and click on ‘Fix checked’. Additionally, if it is some program that had set the malicious entry, delete the file manually. If you are unable to delete it, Use the ‘Delete a file on reboot’ option at the ‘Misc tools section’. The file will get deleted after the computer is restarted.
•   The above technique is one of the most popular methods in malware removal and is supposed to almost guarantee a malware free computer.
Check out the short video tutorial below to see how it is done in few easy steps:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="640" height="505" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="https://www.youtube.com/v/8od2KE9xXiI&hl=en_US&fs=1&rel=0" /><param name="allowfullscreen" value="true" /><embed type="application/x-shockwave-flash" width="640" height="505" src="https://www.youtube.com/v/8od2KE9xXiI&hl=en_US&fs=1&rel=0" allowscriptaccess="always" allowfullscreen="true"></embed></object>
For those who are unable to check out the video tutorial for some reason, here’s a pictorial walkthrough below. Click on the images to see them at their full resolution.
Step 1:
Download the HijackThis executable from the link mentioned above and run it. Then click on
‘Do a system scan and save a logfile’ as showin in the picture.
#-Link-Snipped-#
Step 2:#-Link-Snipped-#
Step 3:
It will auto generate a log file after the scanning is completed. Copy all the contents of the notepad.
#-Link-Snipped-#
Step 4:
#-Link-Snipped-#
Step 5:
#-Link-Snipped-#
Step 6:
#-Link-Snipped-#
#-Link-Snipped-#
Step 7:
#-Link-Snipped-#
Step 8:
In case of any instability issues after you have deleted some entries using the above method, you can easily restore them back with the restore function.
#-Link-Snipped-#
#-Link-Snipped-#
Step 9:
Other tools such as the ‘process manager’ (similar to the Task Manager in Windows ), file deletion on reboot and startup list log file generator are some of the extra features that HijackThis offers for tackling malware that are relatively difficult to remove.
Remember that the startuplist log file is similar to the HijackThis log file but it scans only for the startup entries. This kind of a log file may be asked by experts to be posted in forums in case of tough malware.
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
Shoot out your additional queries at www.crazyengineers.com/forum
This article is a guest contribution by CEan Rishabh Ghosh. Rishabh is a tech enthusiast and is a regular contributor at the CrazyEngineers forums.
The problem with today’s malware is that they are very difficult to detect due to the advanced protective mechanisms used by them. Because of this, even a thorough scan by the latest updated anti virus or an anti spyware/malware may miss out on the latest variants of a particular malware. In such cases, to make sure even the last traces of the malware is weeded out, security analysts suggest using HijackThis logfile through which they can analyze the registry and other program settings on a computer and based on the log, they can pinpoint towards the malware entry (and thereby their removal too ) with greater accuracy.
#-Link-Snipped-#It is rather a simple process.
•   Just download the HijackThis software from #-Link-Snipped-# and run the executable.
•   Then select the appropriate option to scan and generate the log file (the 1st option).
•   Once the log file is generated, get it analyses at www.hijackhthis.de or if you are still unwilling to take any risk, post the log to any security forum of your choice. Googling out for ‘hijackthis security forums’ will get you lots of relevant links.
•   Check out the bad settings and click on ‘Fix checked’. Additionally, if it is some program that had set the malicious entry, delete the file manually. If you are unable to delete it, Use the ‘Delete a file on reboot’ option at the ‘Misc tools section’. The file will get deleted after the computer is restarted.
•   The above technique is one of the most popular methods in malware removal and is supposed to almost guarantee a malware free computer.
Check out the short video tutorial below to see how it is done in few easy steps:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="640" height="505" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="https://www.youtube.com/v/8od2KE9xXiI&hl=en_US&fs=1&rel=0" /><param name="allowfullscreen" value="true" /><embed type="application/x-shockwave-flash" width="640" height="505" src="https://www.youtube.com/v/8od2KE9xXiI&hl=en_US&fs=1&rel=0" allowscriptaccess="always" allowfullscreen="true"></embed></object>
For those who are unable to check out the video tutorial for some reason, here’s a pictorial walkthrough below. Click on the images to see them at their full resolution.
Step 1:
Download the HijackThis executable from the link mentioned above and run it. Then click on
‘Do a system scan and save a logfile’ as showin in the picture.
#-Link-Snipped-#
Step 2:#-Link-Snipped-#
Step 3:
It will auto generate a log file after the scanning is completed. Copy all the contents of the notepad.
#-Link-Snipped-#
Step 4:
#-Link-Snipped-#
Step 5:
#-Link-Snipped-#
Step 6:
#-Link-Snipped-#
#-Link-Snipped-#
Step 7:
#-Link-Snipped-#
Step 8:
In case of any instability issues after you have deleted some entries using the above method, you can easily restore them back with the restore function.
#-Link-Snipped-#
#-Link-Snipped-#
Step 9:
Other tools such as the ‘process manager’ (similar to the Task Manager in Windows ), file deletion on reboot and startup list log file generator are some of the extra features that HijackThis offers for tackling malware that are relatively difficult to remove.
Remember that the startuplist log file is similar to the HijackThis log file but it scans only for the startup entries. This kind of a log file may be asked by experts to be posted in forums in case of tough malware.
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
#-Link-Snipped-#
Shoot out your additional queries at www.crazyengineers.com/forum
This article is a guest contribution by CEan Rishabh Ghosh. Rishabh is a tech enthusiast and is a regular contributor at the CrazyEngineers forums.