does anyone know how to analyze "hijack this" logs?

i posted in the computer group forum, but it is a little slower moving there, and i am at my wits end with @#$%^&*(*^&%!@&^* smartsearch!

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=242x4379

if anyone knows how to analyze or a site where an analysis can be doner fairly quickly, i will be forever in your debt.

I've had to deal with that myself. I've got quite a bit of troubleshooting experience, so I might be able to help.

it seems to be the most thorough search for finding possible hijack registry keys. the problem is that it has returned things like .dlls and what not.

edited to add: pure evil is right!

I'll take a look at it.

I'm not an "expert" but I've never broken a computer by using Hijack This :)

Edit: I won't be able to look at it tonight. IF you post it, I'll get back to you in the morning.

in the lounge won't take long to hit the archives! ;-)

i'll bookmark this thread and PM you tomorrow if that's okay. thanks!

Or just post the log here, since you've achieved some attention. :)

restore to the day before the spyware installed itself.
Works like a charm for certain spyware that's really difficult to manually get rid of like that istsvc crap.
Another thing to do is open up msconfig to see what's going to be started and disable spyware from auto executing.
I only really use Adaware from Lavasoft. Between that and my general knowledge, I wipe them all out.

if i had realized how insidious this was, i would have restored for sure! unfortunately, i reset my homepage, and blocked the url, and thought i was good to go - smugly, i might add ;-)

i rarely restart my computer, so it was days, possibly weeks, before i realized that i had a real problem. and it seems to be getting more aggressive - randomly resets my homepage even without restart - plus i am getting numerous errors and program shut downs...

noAdware (same as adaware by lavasoft) is very good, by the way. even with all the nasty **it i have in my registry, i don't get pop-ups!

i've been fighting this for awhile now - i'm most often able to troubleshoot whatever is wrong with my computer, but this time i am just at my wits end!

thanks for the suggestion - how i wish i had restored when i first noticed the problem! next time... ;-)

they conflict with each other and really mess stuff up.
I had a room mate that kept going to Porn Sites that were linked from spam. He had so much freakin' spyware that once you got rid of one, you discovered a new layer of spyware. I spent a whole day getting his computer back to working only to learn that two weeks later he was doing the same thing and wanted me to fix it again.

A lot of Song Lyrics websites throw crap all over your computer as well as Cheat sites for games.

i think this hijack ocurred when i was researching genealogy! i went to a site hosted in another country and got a rash of pop-ups. that is very unusual because i always have anti-virus, spyware, and pop-up protection running. i properly closed them all, but it was quite a flurry and perhaps i made an inadvertant mistake.

and, of course, since i am so careful as a rule, i never get a simple run of the mill fix. no fair! ;-)

p.s. i'd tell your porn surfing friend that plenty of spyware will help lead him to even more porn! oh yeah, and that he's on his own ;-)

http://hijackthis.de/index.php?langselect=english

back up your registry before you take action. a semi-broken one is better than a really fucked up one

that is a site i have bookmarked! i couldn't find much else about that site - how long it's been around, who does the analysis, how long it might take someone to respond, etc. i have learned that there are a lot of people online who do want to help with this problem - probably because they hate this hijacking crap as much as everyone else ;-)

thanks!

Give me a bit, I'll get back to you. I know someone who used to work on them a lot, and if she's busy, I'm sure she knows other people..

you may be my new hero then! ;-)

thank you!

browser hijack has happened to somebody already. Therefore, what I normally do is google "HijackThis log" and the filename from any HijackThis result that doesn't look familiar to me. You should get any number of helpdesk threads where people are asking about their logs and being told that the item in question is either harmful or innocuous. Follow their advice.

Regarding smartsearch, here's a helpdesk thread about that. The instructions are in the next to last post, almost at the bottom: http://www.askmarvin.ca/forums/index.php?showtopic=2309

Good luck with it!

i have been thinking that if all else fails - which it has so far ;-) - that i would cut and paste every single item that hijack this has found. i even got started on it - but it never ocurred to me to search with "hijackthis log."

thanks undisclosed!