Ergebnis 1 bis 4 von 4

Thema: Know how - HijackThis

  1. #1
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    Know how - HijackThis

    Welcome to HijackThis.eu
    (Deutsche Version)



    Download HijackThis from one of the following download locations:


    HijackThis v1.99.1

    TrendMicro™ HijackThis™

    Please post the logfiles like this example...

    Code it


    HijackThis log file analysis

    analysis

    Welcome to HijackThis.de Support Board!

    English-Help

    Please read our basic rules:
    • Each thread should contain all logs for the same user.
      Please do NOT post your log file in a thread started by someone else, even if you have the same problem as someone else.

    • Do not post a new thread for each log or if you are not getting any responses.
    • Please do not 'bump' your post. If you want to add information to your post, use the button instead of adding a new reply. Our helpers search for posts by date, so replying in your own thread will only delay you receiving help.

    • Please do not post your email address without replacing @ with [at] and {.dot.} or something similar.
      Spambots may search the forum looking for email addresses.

    • Try to give a short explanation of what the problem is.
      Just posting the logfile doesn't help us to help you.
    • Make sure you have the latest version as it is updated often to keep up with the latest threats.

    • Please do not send personal messages to our helpers.
      We don't answer PMs containing HijackThis logs or questions.
      Post all your questions, answers and results into your own thread on English-Help.

    • Our users are asked to omit from assistance to other users, unless it concerns certified, effective help.
      We are no user2user forum.
      If you are interested in becoming a helper on English-Help, please read our Advertisement of a Vacancy and contact Matze.
    • Helpers will take action as quickly as possible. Please be patient.

    English Spoken?

    Go to "Kontrollzentrum" (User Control Panel/User CP)
    "Einstellungen ändern" (Edit Options)
    "Verschiedene Einstellungen" (Miscellaneous Options)
    "Sprache der Benutzeroberfläche" (Forum Language)
    [Auswahl / choose it]
    [Änderungen speichern / Save Changes]


    Install HijackThis

    --> C:\Program Files\HijackThis

    do you need IZArc?

    Tutorials for HijackThis

    How to post a HijackThis Logfile
    How to use HijackThis

    Information about HijackThis

    HijackThis Tutorial

    More Information

    Free Tutorials

    Do you know this unknown application, entry, process of website?
    Please give us this information to be added at the database:


    Feedback

    Welcome to the File Database!

    File Database

    Where can unknown files be found?

    ProcessLibrary - I am not a geek
    Processes in Windows NT/2000/XP
    Google

    Online analyse for unknown files
    www.virustotal.com and virusscan.jotti.org

    some more new online multi virus scanner:
    virscan, viruschief, virus.org

    Load up of unknown files for manually analyse
    UploadMalware.com and www.thespykiller.co.uk
    You could better ask us - we will help you.


    Need Help at once?

    HJT-First Help - Security Tips - Need Help ?



    Malware Guide



    Donations are Welcome

    Konto EN - PayPal-US PayPal-DE - Konto DE

    Work together with us?

    Advertisement of a Vacancy

    Meet each other?
    Come to
    :


    HijackThis Chat
    (irc.quakenet.org #hijackthis)


    Geändert von Ruby (23.12.2007 um 11:15 Uhr) Grund: ~Know how - HijackThis~

  2. #2
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: Know how - HijackThis

    Malware is getting more and more pushy.
    So, while cleaning up your machine, it can happen that it crashes down.
    Need software to backup your own files?

    Cobian Backup and CDBurnerXP or DeepBurner
    are free.
    Note: Save your own files on DVD-RW, DVD+RW or DVD-RAM.
    First Steps to analyse your system

    STEP 1
    Make sure you set Windows to see the hidden files and folders

    STEP 2
    Start Spybot Search&Destroy, deactivate the "Resident TeaTimer".
    (Click onto "Advanced mode" > "YES" > "Tools" Menu > Click
    onto "Resident" > take off the checkmark with "Resident TeaTimer"
    "activ." Box > exit.)

    STEP 3
    (Windows 2000 and Windows XP)
    The first thing you could do to get rid of malware is: restore the operating system to a previous state - have a look here:

    • 1. Log on to Windows as Administrator.
    • 2. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore. System Restore starts.
    • 3. On the Welcome to System Restore page, click Restore my computer to an earlier time (if it is not already selected), and then click Next.
    • 4. On the Select a Restore Point page, click the most recent system checkpoint in the On this list, click a restore point list, and then click Next. A System Restore message may appear that lists configuration changes that System Restore will make. Click OK.
    • 5. On the Confirm Restore Point Selection page, click Next. System Restore restores the previous Windows XP configuration, and then restarts the computer.
    • 6. Log on to the computer as Administrator. The System Restore Restoration Complete page appears.
    • 7. Click OK.


    STEP 4
    Download one of these two versions of HijackThis

    HijackThis v1.99.1 or HijackThis.v2.02 by TrendMicro.

    • Double-Click onto HTJInstall
    • Install it



    • Use HijackThis with a Double-Click onto its Icon.
      (Getting problems, please use: run with administrator rights) > run it.
    • Click onto Do a system scan and save a Logfile
    • Click OK
    • You will get a new window with a textfile copy its content and paste it to your thread.


    STEP 5
    Due to many malware which is attacking HijackThis by the moment, we need to ask our users to rename HijackThis v1.99.1

    Hijackthis.exe -> into -> HJT1991.exe.



    Run HJT1991.exe and let it scan.
    Save the fresh HJT logfile and post it.

    STEP 6
    NOTE: Please use ONE of these File list Versions !

    (NOT Windows Vista)
    1. Download the filelist.zip
      (FAQ) to your desktop.
    2. Unzip this file to your desktop (free Zip-Tools)
    3. Restart your system
    4. Doubleclick onto the filelist.bat to run it
    5. Your editor program will open
    6. Highlight the content, chose copy & paste it to your following posting
    7. Please note: we only need the last 30 days of every directory of this file

    • Many Thanks to our Moderator Karl83 for creating this new tool.


    • Directory of C:\
    • Directory of C:\WINDOWS\system32
    • Directory of C:\WINDOWS
    • Directory of C:\WINDOWS\Prefetch (Windows XP)
    • Directory of C:\WINDOWS\tasks
    • Directory of C:\WINDOWS\Temp
    • Directory of C:\DOCUME~1\Name\LOCALS~1\Temp

    -> Please post all wanted information.

    (Windows Vista)

    1. Download VistaFindbat. zip to your desktop
    2. Unzip the vistafind.zip > extract all...
    3. Open the new folder VistaFindbat on your desktop.
    4. Double-Click onto vistafind.bat
      (Getting problems, please use: run with administrator rights) > run it.
    5. You will get a textfile.
    6. Copy & paste its content to your thread.
    7. Note: Post the Logfile in [code]
      We only need the last 30 days of every directory of this file


    Many Thanks to our Moderator Xeranox for creating this new tool.

    • These are the directories which can be read using the VistaFind.bat:


    • Directory of C:\
    • Directory of C:\WINDOWS
    • Directory of C:\WINDOWS\system
    • Directory of C:\WINDOWS\system32
    • Directory of C:\USER\Name\Temp
    • Directory of C:\WINDOWS\Prefetch
    • Directory of C:\WINDOWS\tasks
    • Directory of C:\USER\Name\Temp
    • Directory of C:\Program Files\ <--please post all files of this directory

    -> Please post all wanted information.
    • Delete now the vistafind.txt

    (Windows All)

    1. Download the hjtscanlist.zip to your desktop
    2. Unzip it to your desktop
      (IZArc is free)
    3. Windows Vista: Rightmouse Click onto the file hjtscanlist.bat > chose (run as an administrator),
    4. all other Windows: Doubleclick the file hjtscanlist.bat to run it


    • Windows XP: "XP"
    • Other Windows Versions: "X"
    • Windows Vista: "V"
    • -> Chose "Q" for Exit > [Enter]


    • Chose the selection what was given to you in your thread "1", "2", or "Q" > [Enter]
    • Notepad will open, copy&paste the contents of this new text file to your thread


    Lots of Thanks to our Team Member Mopao for creating this new tool.

    • These are the files, which we want to see:

    • Directory of C:\
    • C:\Windows
    • C:\Windows\System
    • C:\Windows\System32
    • C:\Windows\Prefetch
    • C:\Windows\Tasks
    • C:\Windows\Temp
    • C:\Users\Name\AppData\Local\Temp
    • C:\Program Files
    • C:\ProgramData\..
    • C:\Windows\system32\drivers\etc\hosts
    • Additional Information

    -> Please post all wanted information.


    The logs can be very big, so please use vB Code

    Geändert von Ruby (29.11.2007 um 05:52 Uhr) Grund: Update

  3. #3
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: Know how - HijackThis

    Introduction of our Helpers on HijackThis.eu

    Admin
    Matze

    Super Moderator
    Speedy

    Moderators
    Karl @ Marco Polo @ Petra @ Xeranox @ Yourhighness @ Jintan

    Team-Members
    Argos @ Atribune @ ElPiedra @ ipl_001 @
    @ Mopao @ Runa @ S!Ri @Spirit

    Team-Candidates
    cosinus @ Troja

    Malware Experts
    AndyManchesta @ JoK @ Laur3n7 @ Lutz @ Marc @ Marckie
    @ miekiemoes @ mmk @ Ninja @ raman @ sUBs @ TonyKlein
    and some experts from other boards who are well known with us

    Free Helper
    Robert


    We all will do our best
    to help you as fast and good as possible,
    to clean up your systems from malware.



    Regards
    Ruby


    Geändert von Yourhighness (12.07.2008 um 19:29 Uhr) Grund: Update

  4. #4
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: Know how - HijackThis

    Donations are Welcome



    Konto EN - PayPal-US - PayPal-DE - Konto DE






    Geändert von Ruby (23.12.2007 um 11:19 Uhr) Grund: ~Know how - HijackThis~

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Hijackthis logfile
    Von Johnny im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 13.02.2005, 05:28
  2. Dummi bittet um Hilfe
    Von 47jopi im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 06.02.2005, 16:32
  3. Hijackthis - Logfile
    Von Gr3yh0und im Forum Archiv
    Antworten: 8
    Letzter Beitrag: 28.01.2005, 14:47
  4. HIJACKTHIS - weiß nicht mehr weiter
    Von Captain im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 22.01.2005, 11:33
  5. I need help with this log of HijackThis
    Von steph im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 15.01.2005, 14:46

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •