does a clean HJT log mean im prob. ok?

Discussion in 'other security issues & news' started by iceni60, Jul 29, 2004.

Thread Status:
Not open for further replies.
  1. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    HJT log question. please help me

    hello, i wanted to find out what the chances of having something unwanted on my computer are if i have a HJT 1.98 clean log. i was just reading about rootkits from a link from paranoid2000, and wondered what does a clean log mean? id really like to know because i want to buy something on the internet :) thank you
     
    Last edited: Jul 30, 2004
  2. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    if you know the answer please help. it would be a great help to me. thanks
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Re: HJT log question. please help me

    A clean log to me means that every process that shows in the log is indeed a legit process that I am aware of and the same goes for the alpha\numeric locations....R0-019.

    HighJackThis logs should only be reviewed by those knowledgeable of it's findings....therefore I suggest that any user unsure read\follow the advice given in the below link of how to be analyzed by those individuals that are fully capable of annalyzing HJT logs.

    This link---> Stopping HijackThis Log Cleaning Services!

    For those interested in HJT log analysis....follow the below link.
    This link---> Understanding the Hijackthis log file
     
  4. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thank you, Bubba. i had my log checked afew days ago by technical when id clicked a funny link. i also have a clean log, from awhile ago, to compare with. im very happy you posted a reply to me :D . thank you
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Your more than Welcome and if I may I'd also like to offer you a suggestion concerning a seldom used feature of HighJackThis(HJT).

    Once a log has been determined to be clean....emphatically cleaned by the experts....one should then utilize the HJT feature....Add checked to ignore list. If that is done immediately following a clean log reviewby the experts....any and all future scans will then show any new items found and the user might be able to determine themselves what is or isn't legit.
     
  6. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thank you again. i did notice that, but didnt touch it, incase i disabled everything. if i have time i might go through my log now, and the technical one line by line, and also with an earlier clean log, and may use it. but only if i am 100% sure about it thanks :)
     
  7. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Having a clean HJT log does not mean that you are guaranteed to have no hijackers/viruses/worms etc on the computer

    HJT examines certain areas of the registry and displays them in an easily readable form with the ability to delete those keys if needed.

    Unfortunately a lot of the latest baddies use techniques that either hide those registry keys so a HJT log or any other form of registry editor cannot see them or add to other registry areas that HJT doesn't look in

    Also several worms/trojans etc lie dormant in files on the computer until either a specific time has elapsed or it receives a command to activate from an external source.

    A scan with acombination of a good anti trojan and an upto date antivirus should eliminate most posssibilities and if all show clean then the likelyhood is that you are.

    But I never say that you are now clean just based on a hjt log as lots don't show ( especially CWS & VX2)

    Provided you have no symptoms of hijacks, like pop ups or page diverts then it's unlikely that you have been infected
     
  8. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thank you, dvk01. i will keep that in mind. i DL taskinfo 2003, autoruns, NTFILMON,process explorer and afew more, is it regdat i cant find it now, but i was looking for things like that. i also just got TDS and i have ewido and do some online scans, and while im at it i also have nod and antivir PE. as far as i know im ok, but im a newbie and im not always 100% sure. is there any one program that you would recommend, or do you think i should be ok. it may seem a silly question to you, after i have said i have all that, but because i dont fully understand things like rootkits, im never really sure. o_O :)
     
  9. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Very good point and appologize for not covering that in either one of my posts. :(
     
  10. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    Re: HJT log question. please help me

     
  11. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    hi
    thanks for the link to this wonderful site--am going to go check it out in depth right away
    Rita
     
Loading...
Thread Status:
Not open for further replies.