BACROP_HiJackThis
By Guest, 03/25/2015
- 88 downloads
- Updated:
File Details
- Website URL http://sourceforge.net/projects/hjt/files/2.0.5%20beta/
- User Agent
- Category BACROP\Portable\02 Analyze\Logs
- User Notes * Trend Micro HijackThis v2.0.5 Beta * 1. Description -------------- Trend Micro HijackThis is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer. IMPORTANT: HijackThis does not determine what is good or bad. Do not make any changes to your computer settings unless you are an expert computer user. Advanced users can use HijackThis to remove unwanted settings or files. 2. System Requirements ---------------------- Operating System * Microsoft™ Windows™ XP * Microsoft™ Windows™ 2000 * Microsoft™ Windows™ Me * Microsoft™ Windows™ 98 * Microsoft™ Windows™ Vista * Microsoft™ Windows™ 7 Software * Microsoft Internet Explorer 6.0 or newer * Mozilla™ Firefox™ 1.5 or newer 3. Version History ------------------ The different sections of hijacking possibilities have been separated into the following groups. You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'. R - Registry, StartPage/SearchPage changes R0 - Changed registry value R1 - Created registry value R2 - Created registry key R3 - Created extra registry value where only one should be F - IniFiles, autoloading entries F0 - Changed inifile value F1 - Created inifile value F2 - Changed inifile value, mapped to Registry F3 - Created inifile value, mapped to Registry N - Netscape/Mozilla StartPage/SearchPage changes N1 - Change in prefs.js of Netscape 4.x N2 - Change in prefs.js of Netscape 6 N3 - Change in prefs.js of Netscape 7 N4 - Change in prefs.js of Mozilla O - Other, several sections which represent: O1 - Hijack of auto.search.msn.com with Hosts file O2 - Enumeration of existing MSIE BHO's O3 - Enumeration of existing MSIE toolbars O4 - Enumeration of suspicious autoloading Registry entries O5 - Blocking of loading Internet Options in Control Panel O6 - Disabling of 'Internet Options' Main tab with Policies O7 - Disabling of Regedit with Policies O8 - Extra MSIE context menu items O9 - Extra 'Tools' menuitems and buttons O10 - Breaking of Internet access by New.Net or WebHancer O11 - Extra options in MSIE 'Advanced' settings tab O12 - MSIE plugins for file extensions or MIME types O13 - Hijack of default URL prefixes O14 - Changing of IERESET.INF O15 - Trusted Zone Autoadd O16 - Download Program Files item O17 - Domain hijack O18 - Enumeration of existing protocols and filters O19 - User stylesheet hijack O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key O22 - SharedTaskScheduler autorun Registry key O23 - Enumeration of NT Services O24 - Enumeration of ActiveX Desktop Components Command-line parameters: * /autolog - automatically scan the system, save a logfile and open it * /ihatewhitelists - ignore all internal whitelists * /uninstall - remove all HijackThis Registry entries, backups and quit * /silentautuolog - the same as /autolog, except with no required user intervention [v2.0.5 Beta] * Fixed "No internet connection available" when pressing the button Analyze This * Fixed the link of update website, now send you to sourceforge.net projects * Fixed left-right scrollbar when in safe mode or low screen resolution
(Show)XML Contents
<?xml version="1.0" encoding="utf-8"?>
<Jobs>
<ApplicationJob xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" Guid="dbbe6cfd-abae-45e0-b5fb-efb324a0094d">
<WebsiteUrl>http://sourceforge.net/projects/hjt/files/2.0.5%20beta/</WebsiteUrl>
<UserAgent/>
<UserNotes>* Trend Micro HijackThis v2.0.5 Beta *
1. Description
--------------
Trend Micro HijackThis is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.
IMPORTANT: HijackThis does not determine what is good or bad. Do not make any changes to your computer settings unless you are an expert computer user.
Advanced users can use HijackThis to remove unwanted settings or files.
2. System Requirements
----------------------
Operating System
* Microsoft™ Windows™ XP
* Microsoft™ Windows™ 2000
* Microsoft™ Windows™ Me
* Microsoft™ Windows™ 98
* Microsoft™ Windows™ Vista
* Microsoft™ Windows™ 7
Software
* Microsoft Internet Explorer 6.0 or newer
* Mozilla™ Firefox™ 1.5 or newer
3. Version History
------------------
The different sections of hijacking possibilities have been separated into the following groups.
You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'.
R - Registry, StartPage/SearchPage changes
R0 - Changed registry value
R1 - Created registry value
R2 - Created registry key
R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
F0 - Changed inifile value
F1 - Created inifile value
F2 - Changed inifile value, mapped to Registry
F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
N1 - Change in prefs.js of Netscape 4.x
N2 - Change in prefs.js of Netscape 6
N3 - Change in prefs.js of Netscape 7
N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
O1 - Hijack of auto.search.msn.com with Hosts file
O2 - Enumeration of existing MSIE BHO's
O3 - Enumeration of existing MSIE toolbars
O4 - Enumeration of suspicious autoloading Registry entries
O5 - Blocking of loading Internet Options in Control Panel
O6 - Disabling of 'Internet Options' Main tab with Policies
O7 - Disabling of Regedit with Policies
O8 - Extra MSIE context menu items
O9 - Extra 'Tools' menuitems and buttons
O10 - Breaking of Internet access by New.Net or WebHancer
O11 - Extra options in MSIE 'Advanced' settings tab
O12 - MSIE plugins for file extensions or MIME types
O13 - Hijack of default URL prefixes
O14 - Changing of IERESET.INF
O15 - Trusted Zone Autoadd
O16 - Download Program Files item
O17 - Domain hijack
O18 - Enumeration of existing protocols and filters
O19 - User stylesheet hijack
O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
O22 - SharedTaskScheduler autorun Registry key
O23 - Enumeration of NT Services
O24 - Enumeration of ActiveX Desktop Components
Command-line parameters:
* /autolog - automatically scan the system, save a logfile and open it
* /ihatewhitelists - ignore all internal whitelists
* /uninstall - remove all HijackThis Registry entries, backups and quit
* /silentautuolog - the same as /autolog, except with no required user intervention
[v2.0.5 Beta]
* Fixed "No internet connection available" when pressing the button Analyze This
* Fixed the link of update website, now send you to sourceforge.net projects
* Fixed left-right scrollbar when in safe mode or low screen resolution</UserNotes>
<LastFileSize>388608</LastFileSize>
<LastFileDate>2015-03-25T13:35:35.1883993</LastFileDate>
<IgnoreFileInformation>false</IgnoreFileInformation>
<DownloadBeta>Default</DownloadBeta>
<DownloadDate xsi:nil="true"/>
<CheckForUpdatesOnly>false</CheckForUpdatesOnly>
<VariableChangeIndicator/>
<CanBeShared>true</CanBeShared>
<ShareApplication>true</ShareApplication>
<ExclusiveDownload>false</ExclusiveDownload>
<HttpReferer/>
<SetupInstructions/>
<Variables>
<item>
<key>
<string>url</string>
</key>
<value>
<UrlVariable>
<RegexRightToLeft>false</RegexRightToLeft>
<VariableType>StartEnd</VariableType>
<Regex/>
<Url>http://sourceforge.net/projects/hjt/files/</Url>
<StartText>
<a href="</StartText>
<EndText>"</EndText>
<Name>url</Name>
</UrlVariable>
</value>
</item>
<item>
<key>
<string>dl</string>
</key>
<value>
<UrlVariable>
<RegexRightToLeft>false</RegexRightToLeft>
<VariableType>StartEnd</VariableType>
<Regex/>
<Url>http://sourceforge.net{url}</Url>
<StartText>exe" class="file ">
<th scope="row" headers="files_name_h">
<a href="</StartText>
<EndText>"</EndText>
<Name>dl</Name>
</UrlVariable>
</value>
</item>
<item>
<key>
<string>version</string>
</key>
<value>
<UrlVariable>
<RegexRightToLeft>false</RegexRightToLeft>
<VariableType>StartEnd</VariableType>
<Regex/>
<Url>http://sourceforge.net{url}</Url>
<StartText>HijackThis v</StartText>
<EndText/>
<Name>version</Name>
</UrlVariable>
</value>
</item>
<item>
<key>
<string>dl2</string>
</key>
<value>
<UrlVariable>
<RegexRightToLeft>false</RegexRightToLeft>
<VariableType>StartEnd</VariableType>
<Regex/>
<Url>{dl}</Url>
<StartText>ResponseUri: </StartText>
<EndText/>
<Name>dl2</Name>
</UrlVariable>
</value>
</item>
</Variables>
<ExecuteCommand/>
<ExecutePreCommand/>
<ExecuteCommandType>Batch</ExecuteCommandType>
<ExecutePreCommandType>Batch</ExecutePreCommandType>
<Category>BACROP\Portable\02 Analyze\Logs</Category>
<SourceType>FixedUrl</SourceType>
<PreviousLocation/>
<DeletePreviousFile>true</DeletePreviousFile>
<Enabled>true</Enabled>
<FileHippoId/>
<LastUpdated>2015-03-25T13:35:35.1883993</LastUpdated>
<TargetPath>{startuppath}{category}\{appname}.exe</TargetPath>
<FixedDownloadUrl>{dl2}</FixedDownloadUrl>
<Name>BACROP_HiJackThis</Name>
</ApplicationJob>
</Jobs>