What is HijackThis ?
What is Spy and Seek ?
What does GOOD mean?
What does BAD mean ?
What does UNKNOWN mean ?
Why is the Lookup_Info coloumn on an UNKNOWN entry highlighted blue ?
Interpreting HijackThis Entries - R0 to N4
Interpreting HijackThis Entries - O1 to O9
Interpreting HijackThis Entries - O10 to O23

















What is HijackThis ?


* HijackThis is a program used by experienced users to detect spyware, malware, trojan horses and worms.

* Wikipedia definition

* Download HijackThis v1.99.1 created by the folks at Merijn.org But it was bought by TrendMicro

Back to Top


What is Spy and Seek ?


* Spy and Seek is designed to help analyze log files created by HijackThis.

* Spy and Seek enables the community to decide what is and what is not legitimate software.

* You do not need an account to use Spy and Seek.

* In fact you should be an expert guru computer wizard if you sign up for an account.

* You must be logged in to SAS. (vote)

* Your SAS (vote) on an Entry only counts once.

* You can change your SAS by SASin on the same Entry again.

* If You have SASed on an Entry before the SAS Good and SAS Bad columns will be highlighted.

* The SAS Good and SAS Bad columns are totals of all SASes on an Entry.

* Some people are wackos. If only one or two people have SASed on an Entry you should take that into account.

* It's not my fault if your product or application is listed as Bad.

Back to Top



What does GOOD mean?


* Green = Good

* Good Entries are considered by the community to be legitimate.

* Some people are wackos. If only one or two people have SASed on an Entry you should take that into account.

* In General if an Entry has several more Good SASes then its usually safe.

* Remember that this site is a guide and not all knowing.

Back to Top



What does BAD mean ?


* light orange = Bad

* Bad Entries are considered by the community to be a threat.

* Entries that are broken or unnecessary maybe considered Bad.

* Some people are wackos. If only one or two people have SASed on an Entry you should take that into account.

* In General if an Entry has several more Bad SASes then its usually a threat.

* Remove Bad Entries with HijackThis.

* Remember that this site is a guide and not all knowing.

Back to Top



What does UNKNOWN mean ?


* Yellow = Unknown

* Unknown Entries need your attention but are not automatically a threat.

* If no one has SASed on an Entry before it is Unknown.

* The path (location) of a file can cause an Entry to have an Unknown Result listing.

* HijackThis.exe may come up as unknown because the path is not recognized. (this is on purpose)

Back to Top



Why is the Lookup_Info coloumn on an UNKNOWN entry highlighted blue ?


* Blue = Similar Match

* This is to bring attention to UNKNOWN entries that are similar to others in the database.

* These similar matches might help you decide if the UNKNOWN entry is GOOD or BAD.

Back to Top