Protocol for HiJackThis and removal of stubborn infections.

Help and Discussion

Moderator: The Mod Squad

Protocol for HiJackThis and removal of stubborn infections.

Postby kltsin » Wed Jun 29, 2005 3:17 am

Protocol for HiJackThis and removal of stubborn infections. **

Using HiJackThis to determine an infection by your self or using automated HijackThis Analyzers can have very bad repercussions and it should be limited exclusively to identification of scumware but fixing should be done by experts only.
Remember that they don’t want to be removed from your system and blindly removing things may have serious consequences.

Step #1
Post a HiJackThis log

DownloadHijackThisand unzip HJT into its own folder, never run it from a temp file or from a program (WinZip, etc.).
C:\HJT or C:\Hijackthis is preferable since the program makes backups of all files removed and they me be needed if something goes wrong.
(Alternate Self-Extracting download of Hijackthis for users without XP or a ZIP utility.
Double click HijackThis_sfx.exe and select Unzip. When done click "OK".
Close the WinZip self Extractor window.
The program will be found in this location when you need to use it. C:\Program Files\HijackThis\HijackThis.exe.
)

A quick tutorial of How to use HijackThis is available Here along with links for security sites that can also review HJT logs.

Run HiJackThis.exe.
Click on the Do a System Scan and save a Log File button at the top.
A text file named "hijackthis.log" will pop up.
To copy the log to a forum simply copy all of the contents of that log into your post. Simplest and safest way is to hit Ctrl+A to select ALL of the text then Ctrl+C to copy that text, then use Ctrl+V to paste that text into the appropriate thread.

Since scumware compromises your system limit your access to secure sites and personal info on an infected computer until the issue is resolved and we know the extent of the damage.

Don’t "EDIT" your HJT log, there is no personal info given and you wont be judged by what’s in there.

Never post a HJT log in someone else’s thread.
Create your own since most infections are very complicated and requires one on one help.
Create a New Topic in the Virus/Spyware/Security area even if you have a thread in another area so it will be seen by those who can help in that field.

Include all issues you have and steps you have gone through to fix it up to this point.

Please be patient for a reply.

Feel free to continue to Step #2 if you have followed all of the above as it might clean your system of most issues.
If you do, make sure you reboot and post an updated HJT log.

Also note that when you reboot some file names may change and you must then post a new log.
This is mandatory and will help you get clean quicker.


Step #2
Run updated Security Programs

Once you have posted a HJT log, there are many free utilities that can possibly clean the system for you.
Note: “By posting a log first (step #1) we can access what was installed/damaged to begin with and any action that may need to be done to fix the “leftoversâ€
Last edited by kltsin on Wed Jun 29, 2005 11:20 am, edited 2 times in total.
kltsin
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2792
Joined: Tue Jun 29, 2004 9:05 am
Location: St. Augustine, Fl

Postby ~PJ~ » Wed Jun 29, 2005 5:45 am

Hey Mods - you going to sticky this? Excellent piece of work thanks.
Image

Let there be respect for the earth,
Peace for its people,
Love in our lives,
Delight in the good,
Forgiveness for past wrongs,
And from now on a new start.
~PJ~
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 5791
Joined: Fri Apr 11, 2003 5:59 pm
Location: Leeds, UK

Postby Tolemac » Wed Jun 29, 2005 11:01 am

I'll do ya one better there, PGGB. 8)
Tolemac
Mobo-fu Master
Mobo-fu Master
 
Posts: 14276
Joined: Tue Sep 12, 2000 12:01 am
Location: L-1 Bridge

Postby Tolemac » Wed Jun 29, 2005 11:28 am

Ok due to the nature of this thread and info, I'm locking this so that it won't get mucked up. Please create a new thread with your HIJACKTHIS log in it and we'll help you out the best we can. 8)
Tolemac
Mobo-fu Master
Mobo-fu Master
 
Posts: 14276
Joined: Tue Sep 12, 2000 12:01 am
Location: L-1 Bridge

Postby Toby B. » Wed Dec 29, 2010 7:01 am

It helps us a great deal with regaurds to helping get your system clean if we know what we are dealing with... IF you know of a certaing Virus/Trojan/etc, PLEASE help us help you faster by posting any and all availible information. This will in most cases help expediate getting you system cleaned up..

It will also help if your AV program finds a problem (i.e. Virus/Trojan/Worm) please be sure to provide the exact variant if known.. For example, if Norton finds your system infected with the MyDoom virus. Please dont just say "Help I got infected with the MyDoom Virus"; as there are many varients of most of these vireses/trojans/worms that require different tools/steps for removal...

Please keep an eye on this thread as it will be updated and/or modified periodically...
Compaq-Fu Master
Other sites:
Hydrocephalus-Talk
DSL/Cable Webserver
Toby B.
Lead Mobo-fu Master
Lead Mobo-fu Master
 
Posts: 14103
Joined: Sun Dec 16, 2001 1:01 am
Location: Maine


Return to Virus/Spyware/Security

Who is online

Users browsing this forum: No registered users and 0 guests