Domain: hijackthis.de
Stories and comments across the archive that link to hijackthis.de.
Comments · 9
-
Re:Not just for helpdesk and your family
Oh ya I'm on top of www.SysInternals.com became a fan with Process Explorer.
Sysinternals Suite is in my path as I find Process Monitor very helpful as well as WHOIS.
I've found with WinXP and below at least. if you run process monitor (log) and get a blueScreenOfDeath
searching the log for faultrep.dll -your problem is just lines above it (depending upon your filters).But I also use Hijackthis and have suggested it to a lot of people in my time on alt.24hoursupport.helpdesk
It's a down and dirty way of seeing how things look, I'll run it every so often then paste the results
to http://hijackthis.de/en bypassing the need to log in to Trend Micro. -
I got caught up in this myself (#2 on the list),
I even apologized to the site I posted it to. This was about
a week ago.
----Start of groveling
"The link I provided had a prefix that changed each time it was
used, I apologize for that. It wasn't intentional and it wasn't the
fault of http://www.tinyurl.com/ apparently I picked the link from ??
(no clue) I used Tinyurl as the link split in my editor.
http://hijackthis.de/en says everything's fine on my end.Peerblock stopped these prefix's and how I found it out
http://send.onenetworkdirect.net/z/30811/CD133407/wpfvns76cw7p&lnkurl=
http://affiliates.digitalriver.com/z/30811/CD133407/wpfvns76cw7p&lnkurl=
http://affiliates.digitalriver.com/z/30811/CD133407/1anre0fx5ksq&lnkurl=
End of grovelingAfter reading the article, it would appear I must of missed a letter or
two in the original link. -
Re:Two biggest things
Also, there are sites where you can upload your HijackThis! logfile to get information about the entries (with users ratings), especially the ones you don't know.
However, I'd advice to first try to use the normal uninstall methods for fixing things like spyware, unneeded search bars, etc. and then use HijackThis!' "fix" commands.
-
Some quality freeware
Notepad, Paint, Minesweeper
;)
alright, I've made a big collection of freeware once - I'll write down the most important:
Mozilla Firefox (webbrowser)
(also get the tabmix plus, adblocker and Search engine ordering plugins and some good search engines)
Mozilla Thunderbird (mail client)
Mozilla Nvu (web editor)
Open Office
Miranda (instant messenger)
Skype (VoIP)
Daemon Tools (virtual cd-drive)
WinAmp (media player - can play videos, but is mostly used for music playback)
BSplayer (video player)
XVid (video codecs)
Audiacity (audio editor)
blender (3d-modelling and rendering software)
VirtualDub (video editor)
gimp (image editor)
watcom (c++ compiler)
dexpot (great virtual desktop manager)
for security stuff:
AdAware (malware remover)
AVGfree (virus killer)
HijackThis (makes a list of your running applications - on http://www.hijackthis.de/ you can get a good analysis of the logfile) ZoneAlarm, SoftPerfect or SecurePoint (Firewalls)
you see - there is good freeware for any purpose.
for dvd playback and cd/dvd burning I can only say xenorate and AVSDiscCreator, but I haven't tested them myself... -
Re:HijackThis + GoogleThere is a HijackThis logfile analysis tool that comes in very handy for me--analyzes your logfile and seperates the wheat from the chaff, so to speak:
Thus ends my first Slashdot post...virgin no more!
-
Re:HijackThis + Google
Instead of just Googling, there are online log file anyalyzers that keep track of known malicious file. These are two that I use..
http://www.hijackthis.de/
http://hjt.networktechs.com/
My normal process it to run HJT and scan the log file, and then reboot into safe mode or off a PE CD to do the removal. KillBox is a nice little utility for removing stubborn files too, if for some reason you can't get to safe mode or boot from a PE CD (I have seen systems so hosed that safe mode doesn't boot). Also, make sure System Recovery is off -- malicious programs can hide there. And if all that still doesn't fix it, make sure that your partitions look like they should; I've seen spyware hide itself in a partition it created itself. -
Re:HijackThis + Google
http://hijackthis.de/ is another good log analyzer to look at.
-
cleaning the stubborn ones.
your going to want to get a few things first, and your going to need some time to do this.
First get these. do a google search if you dont know where to get them.
HijackThis
Microsoft Antispyware
spywareblaster
winsockfix (it's at majorgeeks if you do a google search)
First off, make a restore point, then if you cant get online at all run the winsock fix which should fix that, then install spywareblaster, update it and enable all protection
From there update all of your existing anti-virus/anti-spyware to the latest revisions and defs, Then Install Microsoft Antispyware and update it to the latest defs. The reason you want MSAS is because MSAS will start prompting about any questionable activity it detects. make sure you set anything it considers questionable to block or remove. This will at least give you a general Idea what to look for and keep the reinfection down to a point. Then in MSAS, do a full system scan. Remove everything that it finds and restart the PC in safe mode with no network.
When it boots up in safe mode, stop and keep in mind that if you open up any explorer windows you just reinfected your PC again, so make sure everything you need is on the desktop or accessable in the start menu. From there do another scan with MSAS, as well as any other anti-virus/spyware app you updated in the first part with full system scans. Then using the command prompt, delete everything in the following folders
C:\documents and settings\\local settings\temp
C:\documents and settings\\local settings\temporary internet files
C:\windows\temp
From there run hijackthis and look it over. anything you see there that looks questionable in there you remove. in particular, startup entries going to temp folders, random named exe files, exe files in C:\windows or C:\windows\system32 and any bho or dpf that you cant remember installing, or has the word search, bar, smiley, sounds fishy or like it's trying to benefit something that should be ok by itself, especially if you dont have it, such as "Microsoft Antispyware Helper" (yes I saw a real nasty one using this as it's name). If you are really in doubt, and have access to another machine, go to http://www.hijackthis.de/en put the hijackthis log into it, and it will tell you what to delete and why. After you clean it up make a clean log from hijackthis and restart.
From there restart and it should be clear or relitively clear. If it's not, then run hijackthis again and compare it to the old file. It should give you clues on what to look for, but there is a good chance that your system is rootkited (something rootkitrevealer will tell you). If it is, I'd recommend a reinstall since there's no telling whats going on in the background, but if you still need to clean it the only way is to insert the hard drive into another PC and do another full anti spyware/virus scan on the drive. or use pebuilder to boot the machine into windows and do it that way. -
Re:Oh good...
Why don't you try downloading hijack this. You could be blaming microsoft for spyware you downloaded. I fixed a computer just the other day that was exhibiting the same problems... it had AITwoUpdater loaded on it. You can see a forum posting of a similar situation here.