|
MUST READ before posting HijackThis Logs!
Folks:
Over the past little while, we've seen this rash of HijackThis logs being posted on this site. It's a wonderful tool that helps diagnose issues with your computer, but there are a couple of things that must be kept in mind before randomly posting it on the forum. 1) Tell us why you are running Hijack This. It is very unproductive to have us guess why you are posting your log in the first place. If you have a virus, let us know what the virus was, if you got spyware, tell us what it was. 2) Tell us what you have done before posting your logs. And it would be nice if you did something before someone suggests that you do what you should have done in the first place. <b>Run an online virus scan like Housecall, run a spyware/adware scan like Spybot S&D, AdAware</b>. As much as we would like to help you, you have to first learn to help yourself. 3) Help us help you by making our job easier. It is ridiculous to run your logger while you have a million other programs running in the background. The more unnecessary lines you make someone parse through, the more likely it is that the person will miss something important. Either take the time to shut down everything or run it as soon as you perform a reboot. I hope that with these methods you will find help faster on these forums. Cheers |
This thread is open for procedural discussion, but NOT for posting logs or obtaining help. Please open your own threads for obtaining assistance.
|
I'm finding that one of the most difficult obstacles in using a Hijack This! log is finding a valid explanation for some of the files it finds. So many logs have been posted all over the web that a google search invariably lists a large number of these posts but no reference to a description of some of the items listed. Does anyone have a good source to id some of these files?
|
Quote:
<b>Adaware 6</b>: (<font color="blue">http://www.lavasoftusa.com/</font>) Spybot Search & Destroy 1.3: (<font color="blue">http://www.safer-networking.org/</font>) TrendMicro's Housecall: (<font color="blue">http://housecall.trendmicro.com</font>) HiJack This! and CWShredder: (<font color="blue">http://www.spywareinfo.com/~merijn/downloads.html</font>) Hope that helps, kram |
If I understand your question correctly, the following might be of help to you.
HijackThis Tutorial Pacmans Startup List for checking 04 entries and running processes. BHO and Toolbar List for checking 02 and 03 entries. LSP List for checking 010 entries. CWS Domains for checking R0 and R1 entries to see if they are CoolWebSearch related. |
Great tutorial for hijackthis by Acsell
BHO's Tools Bars Use this for 02's & 03's in the log CLSID - BHO List - Toolbar List @ CC Tony KleinsBHO's Start Up Items Use this for 04's in the log answersthatwork Startup Applications Windows Startup Online Startup Programs Active X controls Use this for 016's in the log Spywareblaster Lobos |
Thanx for the input guys.
Kram, the post was closed temporarily to make sure that the thread started off on the right foot. It seems to have. |
Steve1 and Lobos, Thank you very much. Those are all going to be bookmarked in a "spyware" folder!
|
Quote:
Those resources will be extremely valuble to me in the future. Mike |
Thank you, Statica, for posting this as a sticky and thank you, Steve1 and Lobos, for the excellent references. I am going to send this link to someone and I hope she will join PCMechanic as a result - after she gets her computer working well enough to go online.
|
Great info in this thread, keep it coming.
With the increase in hijack activity lately, it's good to have a thread like this that we can all reference back to. One thing, the creator of CoolWebShredder won't be updating it anymore (or not as often) since he's busy with school. So watch out for newer CoolWebSearch hijacks...they're said to be harder to deal with and remove. Hopefully, something else will come along to help with this problem. :) Cricket |
|
efficiency
MAN!
Every day I become more impressed with the efficiency with which this forum is administrated. Thanks guys for all of the very useful links. I was a bit stumped as to what to make of all the data in a HijackThis log. -Kev |
|
|
posted a thread for this a while ago but im gonna add it here.
http://majorgeeks.com/download4265.html Its a very nice little program to help with looking through HJT logs. |
Tutorials
Understanding Spyware, Browser Hijackers, and Dialers
tutorial Using Ad-aware Tutorial Using Spybot S/D Tutorial Using SpywareBlaster I put these in here because it is a safer browser if anyone has a question on how to set it up Here are some tutorials Howto Switch from Internet Explorer to Firefox Enhancing Firefox with Browser Extensions |
You should make a special section in the forum just for HiJack logs :D
|
Thanks, Statica and all else who have posted links here. I have taken Panama Red's suggestion and created a folder on spyware info.
The links to HiJackthis tutorials and start-up items have been especially helpful. -Kev ,, |
Current version is 1.99, and is available here:
http://www.spychecker.com/program/hijackthis.html Please use this version when you post a log. |
Updated to show current versions of recommended applications:
HijackThis - see previous post (#20) Spybot S&D 1.3, http://safer-networking.org/en/download/index.html Ad-Aware 1.05 SE, http://www.lavasoftusa.com/ CWShredder 2.12, http://cwshredder.net/bin/CWShredder.exe Update and run your existing antivirus, then follow up with Housecall (http://housecall.trendmicro.com/hous...start_corp.asp) and Panda Active Scan (http://www.pandasoftware.com/actives..._principal.htm) to be totally thorough. IE required as they both require ActiveX. |
1 Attachment(s)
Please could somebody take a look at my Hijack This Log file and see if anything is wrong. I posted a recent thread about Windows Media player 9 constantly starting evertime I booted up Windows XP and GLC recommended posting my logs up here. Thanks for any help ;)
http://forum.pcmech.com/showthread.php?t=120314 |
Davsl.
You need to start a new thread in the securities forum, then copy and paste your HJT log into the thread in order for people to see it, it is not going to get picked up tagged on the end of this thread. |
Ok thanks very much will do ;)
|
Not to chew on you, but the second post in this thread says:
Quote:
|
Hotsearchbar.com popup - how do I purge it?
Post removed, please see below.
|
Quote:
|
I don't know if this is old news but there is a hijackthis log interpreter from the HijackThis site. I have attached the link below. Just copy and paste your log into the textbox and it tells you a little more about each entry. Good for those of us who aren't experts but are want to work out our own problems.
HijackThis analysis |
Nice linky there, PMich! Think I'll give that a try with the next infestation I'm asked to fix.
|
Good link Mich.
|
| All times are GMT -5. The time now is 02:49 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.1