• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Acsell

Analyze your own HijackThis log

129 posts in this topic

dave 444

 

Read the topics in Bootcamp, specifically 'ComboFix' for more info.

Share this post


Link to post
Share on other sites
I have written the following tutorial to show you how to analyse your own hijackThis log-

 

http://hometown.aol.co.uk/jrmc137/hjttutorial/tutorial.htm

 

Tutorial Mirror (mirror located at spywarewarrior.com)

 

PDF Version

 

(All of the links above point to the same tutorial but are located on a different servers. These mirrors have been made available because some people were experiencing difficulty accessing the site. If you have problems with one link then try another.)

 

It will tell you how and where to look up and research each item in your log, which tools and databases you will need and where to get them. It will show you how to tell which items are good or bad and how to know which items need fixing with HijackThis.

 

It will also show you what these items represent in graphical form or provide a link to further information on the items so that you will know exactly what you are fixing.

 

Please note that not all problems can be fixed with HijackThis alone. In some cases you may need further help. In the tuturial I have tried to point out which cases this might relate to. If you find that your problem isn't solved by following the above tutorial or I have suggested in the tutorial that you may need further help then post your log in the forum.

Share this post


Link to post
Share on other sites

Hello Acsell

 

I found your HijackThis Tutorial - How to Analyse a HijackThis log very useful to analyse my problem. However, now i am not sure how to remove the problems. The initial problem is that my IE6 on my other pc cannot display any web pages at all :evilgrin: . I use Panda software and have also run spybot search & destroy, also Ad-aware to no avail. I am currently researching the problem on the net using my laptop. But the other strange problem is that my email and msn work fine, however the email on the laptop does not. Hopefully you can assist or someone..... :unsure:

 

anyway here is a picture of hijackthis log results:

 

suggestions please...thank you!

 

Edit: Log deleted...

Edited by Budfred

Share this post


Link to post
Share on other sites

CyberAstrid,

 

This isn't the place to post logs for help, please start a topic in the main Malware Removal sub-forum, and please use the latest HiJackThis when you do so, your version is long out of date:

http://www.trendsecure.com/portal/en-US/to...ools/hijackthis

Share this post


Link to post
Share on other sites

Just wanted to say thanks for what has to be the easiest to understand HJT tutorial out there. It was awesome in helping me determine stuff I really didnt need and help locate references to make sure whats good and whats garbage!

 

It definitly assisted in cleaning out at least 95% of the garbage that I had running (willingly or not). I appreciate the efforts you put out making sure links, etc are accurate & reliable. And that its the most current info in that regard. :thumbsup:

 

Thanx,

--Mike

Share this post


Link to post
Share on other sites

TY for this site.i used the BHO look up thing and i found out i have something in my comp to do with a Virtuemonde/undo virus

Share this post


Link to post
Share on other sites

That was an awesome guide, thanks for your efforts. :)

 

LT

Share this post


Link to post
Share on other sites

Thanks for making this tutorial. I'm going to go through it tonight and see how much time I can save the volunteers here by attempting to fix my own computer :). What a novel idea!

Share this post


Link to post
Share on other sites

just wanted to thank you for the good info; i'm a bit of a newb, so this was a nice start for understanding how to get rid of some malware/un-needed junk. Thanks! :thumbsup:

Share this post


Link to post
Share on other sites

Hi Acsell,

 

Thanks for the informative post, it is fun reading, and then nuking the little bastages by yourself, more satisfaction in their demise than somebody saying here point the gun here, now pull the trigger. A bug safari if you will. In my best Elmer Fudd voice I say we`re hunting spyware, malware, infostealing bastages, be vewy vewy quiet.

 

Thanks..........

 

gw53

 

I`ll probably still post a log, but wanna try this first.

Share this post


Link to post
Share on other sites
:thumbsup::thumbsup: I just wanted to thank you. Your tutorial helped me fix the annoying ad-ware problem I had with my computer. It linked me to all the right places and was fairly easy to use considering my computer illiteracy. Again....thankyou so much!

Share this post


Link to post
Share on other sites

:thumbup:Nice job :thumbup:

Well presented, detailed and needed by many, including helpers, it will hopefully reduce their work load substantially if people both to look around of course :bangbang:

Share this post


Link to post
Share on other sites

:bangbang: I love killin bugs... LOOOOVVVVEEEEE IIITTTT LOL

this is so much fun and with all the tutorials and help here it makes it a much less daunting task

Thank you Acsell :)

:thumbup:

Share this post


Link to post
Share on other sites

Great site , thanks :thumbup:

____________________________

 

Edit to remove links...

Edited by Budfred

Share this post


Link to post
Share on other sites

This is a 4 year old topic and it is possible that those sites have been hacked or it is possible that scanning identified it as infected based on some of the examples noted in the tutorial... Either way, I will disable the links and see if we can track down the problem...

Share this post


Link to post
Share on other sites
This is a 4 year old topic and it is possible that those sites have been hacked or it is possible that scanning identified it as infected based on some of the examples noted in the tutorial... Either way, I will disable the links and see if we can track down the problem...

 

Well, I just thought I'd mention it since I haven't seen anyone else mention it in their replies.

 

The efforts of yours (you and all the members) are much appreciated !

 

Greetz

FOTH

Smilywais.gif

Share this post


Link to post
Share on other sites
Well, I just thought I'd mention it since I haven't seen anyone else mention it in their replies.

 

The efforts of yours (you and all the members) are much appreciated !

 

Greetz

FOTH

Smilywais.gif

Your comment is appreciated since it gives us a chance to check into it... It is possible that it just recently happened, so no one else reported it because there was nothing evident... Whatever the situation is though, we can address it now that we know about it... :thumbup:

Share this post


Link to post
Share on other sites

A small update, AOL Hometown appears to have been shut down.

 

"Important information regarding the shutdown of AOL Hometown, Journals (blogs) and KW FTP.

 

We regret to inform you that AOL Hometown, AOL Journals (blogs) and KW FTP has been shut down.

 

Sincerely,

The AOL Team

 

 

 

AOL (UK) Limited. Registered in England and Wales under number 03462696 with its registered office at 68 Hammersmith Road, London W14 8YW. VAT Registration Number: 766 45 16 05."

 

The mirror at spywarewarrior is working.

Share this post


Link to post
Share on other sites

Hi! Just find this tutorial, and it is fantastic for a housewife-computer-user like me!! :p

Anyway, i am trying really hard and you are a great help.

but I am stuck not far from the beginning!!!:

 

http://www.allsecpros.com/bholist.txt (right click> save target as)

 

Open the text file and go to edit>find then copy the CLSID (e.g. {00000762-3965-4A1A-98CE-3D4BF457D4C8}) or file name e.g. ddm3dia.dll into the search box that appears. Click "Find next". If the BHO name is found then you will notice a letter at the start of the line. This letter will be one of the following-

 

 

When I open that link and go to edit and find, all I get is the line at the buttom left of the page. and it doesn´t find anything.

If I go to edit and find in my hijackthis notepad, I have got your little window with the find stuff, but it doesn´t find anything and doesn´t give me the letters X,L,O... either!

:techsupport:

 

So I am stuck there!! and don´t know what to do anymore!

Thanks for your help, and I will " see" you soon!! :wave:

 

 

Just find something : if I go to the other link you gave: http://www.allsecpros.com/toolbarlist.

it takes me to the same place that the link which ends with "bholist"

Edited by oceanediam

Share this post


Link to post
Share on other sites

I really love this tutorial, but it's starting to show its age.

 

Dead sites linked to in the tutorial

-------------

hometown.aol.co.uk/jrmc137/hjttutorial/tutorial.htm -- The link to the tutorial (the mirror is still up).

allsecpros (compromised, according to the first post) -- The only BHO list, the CWS domain list, the IE toolbar list.

computercops.biz -- The only CLSID list and the startup list.

www.fbeej.dk -- The "Extra protocols and protocol hijackers" ("O18s") list.

www.spywareinfo.com -- Information about The O20, O21, and O22 entries.

www.antispyware.nextdesigns.net -- For research on NT Services.

 

Most of the dead sites have replacements listed either in this thread or in the tutorial itself. Will anyone ever update the tutorial?

Share this post


Link to post
Share on other sites

No, that isn't likely... Ascell is not really around anymore, so someone else would need to do it and then it would be an entirely different tutorial... It may be worthwhile to unpin it since it is so outdated however...

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0