hijack this for dummys

[hippiefreakcomputergeek]

Hello,

I am new to forums but have found some great knowledge from some realy smart people. In fact I feel down right stupid compared to some of you.

I am also new to hijack this. This is a very valueble tool and I am trying to learn how to use it the right way

What I am having problems with is after fixing problems with hjt how do I know what to; remove the folders, files, and programs ??? Is there a hijack this for dummys book?

[MysteryFCM]

Unless you are absolutely sure you are only deleting malicious/unnecessary items in HJT, I'd strongly recommend learning about the things it is detecting before using the program itself.

As to knowing what to remove (files/folders) after fixing items, you can have it create a log during the scan.

[hippiefreakcomputergeek]

I am learning how to research every line and read a log but the tuturals do not tell me what to do after I fix entries in HJT [or else I am too dense to see it]

[MysteryFCM]

The main reason the tutorials (on this and most other site's) for HJT do not tell you what to do is because they expect you to post a log on one of the many support forums, for a specialized analyst to help you (HJT analysts are trained (in most cases) in HJT).

As with most security programs, a certain level of knowledge on the system itself is normally expected. If you have specific questions, please feel free to post them here B)

Once again however, before fixing anything, you should be sure you know what you are removing/fixing, and know how to fully remove any file's/folders etc that are associated with the items you are fixing. This is where creating a log file comes in handy as it servers as a reference you can use after fixing the items in HJT.

[hippiefreakcomputergeek]

I am at geek u, learning, not trying to fix any thing for real. the tuturals are great but lacking and I do not know where to go. I can not ask for help on any log. Just hopeing thatnthere are other tuturals with extended info

hipiefreakcomputergeek MCDST

[MysteryFCM]

What you may want to consider, is joining one of the training camps?

To join the one associated with this forum, please send a PM to Marcin (RubberRDuckY) or nosirrah

[Tigger93]

Assuming your a GeekU at Geekstogo?

Read through the tutorials, twice or more if you need to. If you still can't figure it out, post in GeekU or send a message to Kat or ScHwErV and I'm sure one will send you along the right track. B)

If you don't know where to start, if you don't know what is legit and what is not, then a good way to see is to search Google of the CSLID or the filename. Take this entry for example:

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

Red is the CLSID (note that not all HJT entries have CLSID's)

Blue is the filename.

Searching the CSLID brings you here

which shows it's legit

Searching the filename also shows it's legit. That should give you an idea of how to find out whether or not a entry is legit or not.

[RubbeR DuckY]

Yup, I would suggest sticking with Geekstogo. Just keep learning, asking questions, and moving through the university at your own pace. You'll be fixing other people's computers including your own very soon B)

[hippiefreakcomputergeek]

not having any trouble with what is legit or not,[i research every single entry] but HJT leaves folders and files. thought I understood this but I do not so I was wanting to learn more example; if I remove an 04 do I follow the file path in windows explorer and delete the file [or folder] ? what does HJT leave behind? I was hopeing for step by step instructions in a tutural for HJT

[Tigger93]

Ok, using this again as an Example:

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

In this case, we know it's a program. Assume that it's not legit, you'd have them remove it with HijackThis, uninstall the program (In this case it would be "Google" or "Google Toolbar") and since it has it's own folder, you'd delete C:\Program Files\Google

The same would be with a file, except there would be no program to uninstall and very rarely a folder, you'd just have them fix it with HJT and delete the file (for example c:\program files\google\googletoolbar3.dll).

[hippiefreakcomputergeek]

ahh, THANK YOU this puts it in a whole new light for me. I get it now.