Classroom & Bootcamp - HijackThis Logs
I've joined Bootcamp and Classroom few weeks ago to learn how to analyze HijackThis logs.
It was fun to learn how to use the HijackThis tool. It's something like “hunting for spywares!”. The HijackThis is available for everyone but there are some stuff that is available only to Bootcamp and Classroom volunteeers. Yes, we've seen online tutorials on how to understand and use HijackThis but there are more to know if you will join Bootcamp or Classroom.
HijackThis Experts and Teaching Assistants will guide everyone on what are the first and important items to look for while analyzing the Hijack log because not all “bad” items can be fixed easily by using HijackThis. Special removal tools is recommended before you will let HijackThis to fix the system.
My very first serious HijackThis client is in ComputerCops. To my surprise the clients' system has Netsky worm though it has an antivirus program. I found it after closely looking at his logs. When he managed to remove the worm, I proceed in fixing his system with the help of HijackThis. It's great to help others in fixing their system but there is sadness...
There are users who has more than 10 spywares installed in their system. Browsers were hijacked. Search engine was replaced without their knowledge. Lots of unknown executable are added in startup.
Two things that made me sad while analyzing HijackThis logs is the fact that there are numbers (huge numbers!) of users that is missing the latest Windows Service Pack. There are numbers of system that aren't patched :-( and we all know that unpatched system is just like leaving your door open. Some users doesn't even run an Antivirus program and because of these I think I'll bite more logs to help them in fixing their system and hopefully educate those who has unpatched system to quickly PATCH after we've FIXED the system.