SpywareInfo Forum: Using a known good HijackThis log - SpywareInfo Forum

Jump to content

Posting Guidelines

DO NOT POST LOG FILES OR ASK FOR COMPUTER /

SPYWARE HELP IN THIS FORUM!

For help with spyware, read the SpywareInfo Forum FAQ and go to this forum. For help with other PC problems, go to this forum.
To sign up for Boot Camp go to The Boot Camp here

Please do not post your email address or other personal information. Spammers do lurk here and they also operate email harvester bots to scan for email addresses. If a moderator sees that you have posted an email address, it will be removed.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Using a known good HijackThis log to do a quick check for malware

#1 User is offline   cnm Icon

  • Mother Lion of SWI
  • PipPipPipPipPip
  • Group: Administrators
  • Posts: 15,196
  • Joined: 15-May 04

Posted 12 May 2009 - 01:21 PM

If you know your PC to be clean and working well, do this:
Run HijackThis, select 'Do a system scan and save a log file'. When Notepad opens, do Save As and name the file 'KnownGoodHijackThis.log'.

Then later, for a quick malware check: First save a new HijackThis log.

Do Start->Run, enter cmd and click OK.
In the cmd window that opens, cd to the folder that contains your HijackThis logs. Usually the command will be cd C:\"Program Files"\HijackThis
Then enter this: fc HijackThis.log KnownGoodHijackThis.log > comparison.txt
Enter type comparison.txt or open comparison.txt in Notepad.
That will show you what has changed.

This will not catch the newer, much trickier malware infections and is just a quick check for the obvious. If someone is helping you with an infection, it may be useful to post comparison.txt.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

#2 User is offline   cat-bomb Icon

  • Dr. web fan.
  • Pip
  • Group: Banned
  • Posts: 26
  • Joined: 20-May 09

Posted 25 May 2009 - 03:49 PM

Thanks, this will help me remove this fresh virus I think I got.
To me
Entries not Entrees
Make sure everything is spell checked.


Have you ever seen anything more scary than a clown?

#3 User is offline   cat-bomb Icon

  • Dr. web fan.
  • Pip
  • Group: Banned
  • Posts: 26
  • Joined: 20-May 09

Posted 25 May 2009 - 03:55 PM

Sweet, I am clean. Thanks Cnm! :-D
To me
Entries not Entrees
Make sure everything is spell checked.


Have you ever seen anything more scary than a clown?

#4 User is offline   cnm Icon

  • Mother Lion of SWI
  • PipPipPipPipPip
  • Group: Administrators
  • Posts: 15,196
  • Joined: 15-May 04

Posted 25 May 2009 - 03:59 PM

As noted above, an identical compare doesn't guarantee that you are clean. Some of the newer infections won't be caught this way. You should scan with MBAM.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users


SpywareInfo Forum is a member of ASAP and UNITE
Support the forum!