HijackThis is an English free software developed by a Dutch student, Merijn. Its personal home page has Merijn's own profile and offers its own software developed in the spare time for everyone to download. HijackThis can scan the registry and the specific files on the hard disk, and find the entry of some malicious program "hijack" browsers. However, it is important to note that the content may be being used by normal procedures, so it cannot be dealt with lightly and must be analysed.
The HijackThis scan is exhaustive and can fix most of the content that was maliciously modified. In particular, it is worth mentioning is its log, HijackThis can be scanned to save the content as a log file, and directly to open Notepad (Notepad). The user can send its log directly in the post to facilitate the enthusiastic person to help solve the problem.
"Chinese explanation"
Software has been all finished, including the interface, tips and reports, to facilitate the use of novice.
Personal level is limited, if you find any problems in the use process, please go to the new century or to my homepage for feedback,
Your support is the author's best driver for perfecting the software.
For more security information, please visit the Card Food Forum (kafan.cn)
======================================================================================
* Trend Technology HijackThis v2.0.0 *
View version history at tail end. (2.0 edition only)
The different parts of the hijacking may be differentiated into the following groups. You can select a found item or a highlighted selection from the list and click the selected item Information button to get more information about the project.
R-Registry (Registry), start Page/search page change
R0-Change registry values
R1-Create a registry value
R2-Create a registry key
R3-Create a registry value that only needs to be expanded once
F-ini file (inifiles), automatically read entries
F0-Changed INI file value
F1-the INI file value created
F2-Changed INI file value, mapped to registry
F3-Create INI file value, map to registry
N-netscape/mozilla Start Page/Search page change
N1-Change Netscape 4.x's prefs.js
N2-Change Netscape 6 's Prefs.js
N3-Change Netscape 7 's Prefs.js
N4-Change Mozilla's prefs.js
O-Others, representing a number of parts:
O1-Hijack Hosts file with auto.search.msn.com
O2-List the existing Microsoft IE BHO
O3-List the existing Microsoft IE toolbar
O4-list Suspicious auto read Registry entries
O5-Prevents Internet options from being read in the control Panel
O6-Use Policy to disable home page labels for Internet options
O7-Disable Registry Manager using policy (Regedit)
O8-Microsoft IE Extended right Key menu item
O9-Extend Tools menu items and buttons
O10-destroys Internet access through New.net or webhancer
O11-Microsoft IE "Advanced" settings tab extension options
O12-Microsoft IE Plugin extensions or MIME type
O13-Hijacking the default URL prefix
O14-iereset. INF Change
O15-Automatically add to trust zone
O16-Download program file entries
O17-Domain Hijacking
O18-Enumerating existing protocols and filtering
O19-User style sheet hijacking
O20-appinit_dll automatically run registry values, Winlogon Notify registry keys
O21-shellserviceobjectdelayload (SSODL) Auto Run registry key
O22-sharedtaskscheduler Auto Run registry key
O23-List NT Services
O24-Enumerate ActiveX desktop components
Command line arguments:
*/autolog-Automatic scanning system, save a log file and open the file
*/ihatewhitelists-Ignore all internal white lists
*/uninstall-Remove all HijackThis registration entries, back up and exit
*/silentautuolog-As with "/autolog", the difference is that no user intervention is required
* Version History *
[v2.00.0]
* Add analysis for log file statistics (analyzethis)
* Identify Windows Vista and IE7
* Fix a small number of bugs handled by O23
* Fix a small BUG in O22 processing (sharedtaskscheduler)
* made a few changes in the log format
* Repair and improve ADS Spy
* Improve the Refinement Process Manager (the process will be frozen before the end)
* Added O4 list to run automatically from other users
* Added a list of O4-processed policy run items, used by the Smitfraud Trojan
* Added the system administrator's "/silentautolog" parameter
* Added the system administrator's "/deleteonreboot [file]" parameter
* Added O24-Enumerate ActiveX desktop components
* Added enhanced security condition (enhanced Confirguration,esc) zone to O15 Trust site check
System Requirements:
Operating System:
Microsoft™windows™vista
Microsoft™windows™xp
microsoft™windows™2000
Microsoft™windows™me
Microsoft™windows™98
Software:
Microsoft Internet Explorer 6.0 or 7.0
mozilla™firefox™1.5 or 2.0
More information:
http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php
Official Downloads:
Http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis_v2.zip
Http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis_v2.exe
"Ppwangs" Chinese version:
http://www.hanzify.org/?Go=Show::List&ID=11633