Using HijackThis to remove malware

HijackThis , a hijacker detector and remover was originally created by Merijn Bellekom and then later sold off to Trend Micro. HijackThis is a very popular browser hijacker detector used by majority of security analyzers to identify the possible malware infections on a computer.

The problem with today’s malware is that they are very difficult to detect due to the advanced protective mechanisms used by them. Because of this, even a thorough scan by the latest updated anti virus or an anti spyware/malware  may miss out on the latest variants of a particular malware. In such cases, to make sure even the last traces of the malware is weeded out, security analysts suggest using HijackThis logfile through which they can analyze the registry and other program settings on a computer and based on the log, they can pinpoint towards the malware entry (and thereby their removal too ) with greater accuracy.

#-Link-Snipped-#It is rather a simple process.
•    Just download the HijackThis software from #-Link-Snipped-# and run the executable.
•    Then select the appropriate option to scan and generate the log file (the 1st option).
•    Once the log file is generated, get it analyses at www.hijackhthis.de or if you are still unwilling to take any risk, post the log to any security forum of your choice. Googling out for ‘hijackthis security forums’ will get you lots of relevant links.
•    Check out the bad settings and click on ‘Fix checked’. Additionally, if it is some program that had set the malicious entry, delete the file manually. If you are unable to delete it, Use the ‘Delete a file on reboot’ option at the ‘Misc tools section’. The file will get deleted after the computer is restarted.
•    The above technique is one of the most popular methods in malware removal and is supposed to almost guarantee a malware free computer.

Check out the short video tutorial below to see how it is done in few easy steps:



For those who are unable to check out the video tutorial for some reason, here’s a pictorial walkthrough below. Click on the images to see them at their full resolution.

Step 1:
Download the HijackThis executable from the link mentioned above and run it. Then click on
‘Do a system scan and save a logfile’ as showin in the picture.

#-Link-Snipped-#

Step 2:#-Link-Snipped-#

Step 3:
It will auto generate a log file after the scanning is completed. Copy all the contents of the notepad.

#-Link-Snipped-#

Step 4:

#-Link-Snipped-#

Step 5:

#-Link-Snipped-#

Step 6:

#-Link-Snipped-#

#-Link-Snipped-#

Step 7:

#-Link-Snipped-#

Step 8:
In case of any instability issues after you have deleted some entries using the above method, you can easily restore them back with the restore function.

#-Link-Snipped-#

#-Link-Snipped-#

Step 9:
Other tools such as the ‘process manager’ (similar to the Task Manager in Windows ), file deletion on reboot and startup list log file generator are some of the extra features that HijackThis offers for tackling malware that are relatively difficult to remove.
Remember that the startuplist log file is similar to the HijackThis log file but it scans only for the startup entries. This kind of a log file may be asked by experts to be posted in forums in case of tough malware.

#-Link-Snipped-#

#-Link-Snipped-#

#-Link-Snipped-#

#-Link-Snipped-#

#-Link-Snipped-#

Shoot out your additional queries at www.crazyengineers.com/forum

This article is a guest contribution by CEan Rishabh Ghosh. Rishabh is a tech enthusiast and is a regular contributor at the CrazyEngineers forums.

Replies

You are reading an archived discussion.

Related Posts

The worldwide financial crisis changed the landscape of the engineering industry, and left AEC organizations competing head-to-head for fewer available projects while client demands grow only stricter. With funding for...
The last movie I watched in theater in 3D was Avatar. And I must say that, putting on the glasses for watching 3D movies somehow ruins that whole enriching experience....
When we appear for an interview, we most often focus our preparations on our technical knowledge, our knowledge of the company, our past experience (if any) and little bit about...
SleepServer is a project of the MESL Lab SleepServer created by computer scientists of CSE Department of UCSD. Sleep Server Enterprise PCs can be accessed by remote connections and maintain...
How to get an idea for starting your company? As a part of our venture, we get lot of requests from people who want to become entrepreneurs but have no...