Jump to content

hijack this for dummys

Recommended Posts


I am new to forums but have found some great knowledge from some realy smart people. In fact I feel down right stupid compared to some of you.

I am also new to hijack this. This is a very valueble tool and I am trying to learn how to use it the right way

What I am having problems with is after fixing problems with hjt how do I know what to; remove the folders, files, and programs ??? Is there a hijack this for dummys book?

Link to post
Share on other sites

Unless you are absolutely sure you are only deleting malicious/unnecessary items in HJT, I'd strongly recommend learning about the things it is detecting before using the program itself.

As to knowing what to remove (files/folders) after fixing items, you can have it create a log during the scan.

Link to post
Share on other sites

The main reason the tutorials (on this and most other site's) for HJT do not tell you what to do is because they expect you to post a log on one of the many support forums, for a specialized analyst to help you (HJT analysts are trained (in most cases) in HJT).

As with most security programs, a certain level of knowledge on the system itself is normally expected. If you have specific questions, please feel free to post them here B)

Once again however, before fixing anything, you should be sure you know what you are removing/fixing, and know how to fully remove any file's/folders etc that are associated with the items you are fixing. This is where creating a log file comes in handy as it servers as a reference you can use after fixing the items in HJT.

Link to post
Share on other sites

Assuming your a GeekU at Geekstogo?

Read through the tutorials, twice or more if you need to. If you still can't figure it out, post in GeekU or send a message to Kat or ScHwErV and I'm sure one will send you along the right track. B)

If you don't know where to start, if you don't know what is legit and what is not, then a good way to see is to search Google of the CSLID or the filename. Take this entry for example:

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

Red is the CLSID (note that not all HJT entries have CLSID's)

Blue is the filename.

Searching the CSLID brings you here

which shows it's legit

Searching the filename also shows it's legit. That should give you an idea of how to find out whether or not a entry is legit or not.

Link to post
Share on other sites

not having any trouble with what is legit or not,[i research every single entry] but HJT leaves folders and files. thought I understood this but I do not so I was wanting to learn more example; if I remove an 04 do I follow the file path in windows explorer and delete the file [or folder] ? what does HJT leave behind? I was hopeing for step by step instructions in a tutural for HJT

Link to post
Share on other sites

Ok, using this again as an Example:

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

In this case, we know it's a program. Assume that it's not legit, you'd have them remove it with HijackThis, uninstall the program (In this case it would be "Google" or "Google Toolbar") and since it has it's own folder, you'd delete C:\Program Files\Google

The same would be with a file, except there would be no program to uninstall and very rarely a folder, you'd just have them fix it with HJT and delete the file (for example c:\program files\google\googletoolbar3.dll).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.