PDA

View Full Version : Hijack this..???



Magnu420
13-07-2006, 09:22 PM
hi guys first time ive posted on here ive found out me pc has got
some serious malware probs through no fault of my own (my other half has done it) ive scanned it with symantec A.V, AVG,ADAWARE,SPYBOT, all in normal mode aswell in safe,turned of system restore deleted internet files
and the things are still appearing ive came across a proggie somware called
HIJACK THIS i want to know if this is safe for me to use ie can a idiot work
this also when i have used it where do i send the log to also does it tell me how to delete these little parrasites sorry for sooo many things at once
thanks

Hitman
13-07-2006, 09:40 PM
Hi
Hijack this will scan your registry in likely spyware locations

You have to be very carefull what you delete

you delete by applying a tick and pressing fix checked

you may need to check online for what to delete

one of the best programs i have seen for removing spyware is smitrem and smitfraudfix (not sure if you need one or both of these).

Run it in safe mode

These are free programs and are easy to get via google search

Wee Gordon
13-07-2006, 10:17 PM
yes i use hijack this but i dont do it its my uncle who does

Jabo
13-07-2006, 11:26 PM
I *highly* recommend you go to microsoft.com and download Windows Defender.
It's ****-hot.

Magnu420
14-07-2006, 03:51 AM
i would do that but this is not genuine windows so thats out
of the question so im looking for sum tutorials on the subject
thanks

jay
14-07-2006, 09:33 AM
Sorry cant help you with Hijack this but here's what I do, task manager/processes go through each one and identify using google and/or liutilities.com, also start/run/type msconfig/start up/ and deselect everything bar the essentials.

How do you know you have mailware? what are the symtoms? different mailware needs differrent software e.g. if you have pop-ups or are being redirrected or have the about:blank page or your homepage default keeps changing the you are suffering from CWS and you will need CWS shredder

CWShredder and free online anti-everything check (http://housecall.trendmicro.com/)

hope this helps

The-Wappy-One
14-07-2006, 09:47 AM
Hijack this works when all else fails ;)

is a single app no need to messaround just double click the exe it runs click the top button after a while notepad will open up with a load of text starting

Logfile of HijackThis v1.99.1
Scan saved at 08:27:31, on 14/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
ECT
ECT
ECT

what you can do then is select all copy and paste it in a email to To view links or images in this forum your post count must be 1 or greater. You currently have 0 posts. and i'll checkit out for you and mail you back with what you need to do and also if your pc is clean ;)

Download it form here

To view links or images in this forum your post count must be 1 or greater. You currently have 0 posts. and it you want to try and understand the logs go here

Merijn.org (http://www.spywareinfo.com/~merijn/htlogtutorial.html)

Magnu420
14-07-2006, 07:10 PM
thanks for the info guys @ jay yeah my browser keeps changing now and then
sometime get redirected and pop ups and me settings sumtimes change also
ive noticed when the pc turned off the modem lights still flicker for a few seconds @ the-wappy-one i will download the program and see what comes
up and i will email to you later tonight again thanks

jay
15-07-2006, 05:28 PM
Try this little tool

797

Magnu420
15-07-2006, 09:09 PM
cheers for that jay ive ran through pc and accorrding to cws it was ok
all clear from cws crap i also ran hijack this and that came up with
something intresting a particular p2p site which ive not used in 8 months
ive log the file and emailed it to the wappy one to see what he thinks
il will keep you all informed thanks

jay
16-07-2006, 11:11 AM
Wappy is a busy man so you may want to try trend anti-spyware while you wait, I found it very good. It has the normal spyware scan and cwsheadder although it is a trial version.

800

801

Hitman
18-07-2006, 11:37 PM
Hi
Check this out HijackThis Log file (To view links or images in this forum your post count must be 1 or greater. You currently have 0 posts. Gives you online analysis of hijack this log files!!!

The-Wappy-One
19-07-2006, 09:23 AM
Hi
Check this out HijackThis Log file (To view links or images in this forum your post count must be 1 or greater. You currently have 0 posts. Gives you online analysis of hijack this log files!!!


Actually this is verry good site but it dont tell you all you need to know (One day it might ;))

Eg logfile i recently scanned contained

C:\windows\system32\rlvknlg.exe

and hijackthis.de diden't actual know what it was so then its a case of looking throught google and finding out what it does manualy.

its great for picking up common spyware ect ect but its not 100%

best is to scan with hijackthis.de then manualy check the other entries and see what they are and what they do after a time of dooing a few you get to notice whats good and whats bad without even using scans like that and then all you need is google to find out what the commands / exe's do ;)

eg rlvknlg.exe and result What is rlvknlg.exe? - rlvknlg explanation. (To view links or images in this forum your post count must be 1 or greater. You currently have 0 posts. also if doesen't cover applications that run on startup that eat resources that are fine to remove and just click when you need them eg quicktime ect ect that are handy if your pc is running a little slow.