Author Topic: A little help configuring and explaining HiJackThis ...  (Read 6528 times)

0 Members and 1 Guest are viewing this topic.

Happy-Dude

  • Guest
A little help configuring and explaining HiJackThis ...
« on: August 27, 2006, 02:07:55 AM »
Can anyone help me configure and explain to me the stuff that HiJackThis does ? I'm a basic home user, and since a lotta people use the program here for some lof filing, I downloaded it. But, it's kinda hard for me to understand ...

So can anyone help me understand what it does and help me configure it ?

drhayden1

  • Guest
Re: A little help configuring and explaining HiJackThis ...
« Reply #1 on: August 27, 2006, 02:49:47 AM »
if you don't know anything about the registry & hard drive of your computer....i would not mess around with it-ok ::)
 http://www.tomcoyote.org/hjt/#Top

link is a quick explain of hijackthis
« Last Edit: August 27, 2006, 02:53:26 AM by drhayden1 »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: A little help configuring and explaining HiJackThis ...
« Reply #2 on: August 27, 2006, 03:05:21 AM »
Using this utility incorrectly could leave you without an operating system.  :'(
As drhayden1 just said it's not a toy and definitly not something for a novice.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: A little help configuring and explaining HiJackThis ...
« Reply #3 on: August 27, 2006, 02:06:56 PM »
I concur with Bob.  I have been training how to use it now for a few months and it is hard going.  However, if you really wish to know and you have them time.  I could do no more than recommend you sign up for training at GeeksToGo or Tom Coyotes forum. At least then you will be able to use it with confidence..

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: A little help configuring and explaining HiJackThis ...
« Reply #4 on: August 27, 2006, 02:40:39 PM »
- HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2 or HiJackThis Tutorial 3

As has been mentioned exercise due care, HJT only gives information (not solutions) it is how you interpret this information that is difficult and can cause issues. There are on-line analysis sites but again they give information to help you decide and further investigate if you should fix something or not (this is just a start point to try and identify what needs further investigation). Namely looking at those program/file names that it flags as Unknown, possibly harmful, harmful, etc. Google the names and see what is returned.

For an on-line analysis - HiJackThis Log file - On-line Analysis OR HiJackThis Log file - On-line Analysis 2
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: A little help configuring and explaining HiJackThis ...
« Reply #5 on: August 27, 2006, 05:10:26 PM »
Howdy folks,

I would like to go on on a more positive note. Always when doing these things get the advice of someone who knows his or her way around evaluating the hjt log, and working the program as it was intended by Merijn Bellekom. When confronted with a problem, and before asking help from the people here that can handle hjt, always save the initial hjt log, before doing anything else.
Else the hjt handler cannot draw the right conclusion and the malware removal can go critically wrong.
But on the other hand learning about what a hjt log stands for, learning about what programs and processes should be or should not be present on a computer, cannot do any user any harm, as long as in working on the initial results you may suspect you don't go it alone, but do it with professional help.
Even the more advanced users, and I reckon myself to be one after my number of resolves here, if they are intelligent always do it in comparison, and with the help of expert friends, may it be only for a "second opinion". And always remember Google is your best friend here.
Like to go on an initial learning course, check this program X-RayPC, from here: http://www.x-raypc.com/
Using this free program will learn you about the workings of hjt.
And there are many fine hjt tutorials on the Internet, study those.

polonus.
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Happy-Dude

  • Guest
Re: A little help configuring and explaining HiJackThis ...
« Reply #6 on: August 28, 2006, 02:31:08 AM »
Okay, so the main things I need to do is:

Major one I see coming:
-Not to play around with the utility so much, because of horrible conseqences

And for basic using:
-Read the guides and try to understand them
-And posts HiJackThis logs if anything ever went wrong to allow other to analyze it
-And try to understand the logs myself

Is this basically it ? I will do it when I have time. I got my logs created from yesterday anyway, so I'll refer back to them in time.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: A little help configuring and explaining HiJackThis ...
« Reply #7 on: August 28, 2006, 01:14:36 PM »
Okay, so the main things I need to do is:

Major one I see coming:
-Not to play around with the utility so much, because of horrible conseqences

And for basic using:
-Read the guides and try to understand them
-And posts HiJackThis logs if anything ever went wrong to allow other to analyze it
-And try to understand the logs myself

Is this basically it ? I will do it when I have time. I got my logs created from yesterday anyway, so I'll refer back to them in time.

In a nutshell yes.   The more you play with it the easier it becomes, sometimes just looking at logs on other forums and seeing how they are worked and the problems they find  is very useful.  And as Pol says researching via google will help with yur understanding.  Another good site is http://www.castlecops.com/HijackThis.html  on the left side of this page you will see a list of HJT elements (02, 23, 16 etc) where you can search for data on a particular line.  For example
O2 - BHO: CATLEvents Object - {D487068E-9B04-4FE5-8A83-08344F800BF5} - C:\DOCUME~1\dug\LOCALS~1\Temp\litutac.dat

This line is an 02 (CLSID/BHO) if you copy this element D487068E-9B04-4FE5-8A83-08344F800BF5, select CLSID on the left  and paste it into the search part .  You will see that this is part of the Virtuemondo malware.  If you then click on the description hyperlink it will take you to a site with a description and possibly a removal tool or instructions.  In this case Symantec.

Obviously there is a lot more to it than this, but it should give you a feel for the process.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: A little help configuring and explaining HiJackThis ...
« Reply #8 on: August 28, 2006, 02:09:38 PM »
But what essexboy says is valid of course, then don't forget there is a whole lot more in connection with hjt, there are special removal tools and tools to evaluate certain malware infections (general and special), there is process explorer, there is dotomyco, StartDreck, toolbarcop, brute force uninstallers, dependency walker, etc. Every malware fighter has a range of these specific tools and tweakers to put the malware at bay.

So what we always say, and is much more important. See to it that you do not get infected in the first place. Use multi layered protection and in browser security, sane surfing habits, you can read enough about that here on this forum!

You know that when you do RIAA-risky-P2P-ing you are prone to end up with a "nicely" infested system to teach you in a subtle way not to do such illegal* things ("*as they see it"). Then don't do these things, or do it in such a clever way that you are no victim, or not caught out
.
Security is much more of an attitude than that it is a science,

Stay malware free,

polonus (malware fighter)
« Last Edit: August 28, 2006, 02:13:20 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!