BleepingComputer.com > Automatic Hijackthis Log Analyzer?

Full Version: Automatic Hijackthis Log Analyzer?

BleepingComputer.com > Security > AntiVirus, Firewall and Privacy Products and Protection Methods

Cricket57

May 23 2006, 06:40 AM

Hi guys,

Seeing as there's a lot of HijackThis log analysis going on in here, I thought I'd see what you all think to this new Automatic HijackThis analyzer Prevx are now offering? I've run a couple of logs through and it certainly seems to find offending items, although not in the highest of detail.

Could this spell the end of manual log analysis or will we all still have our little hobby and knowledge to share?

http://www.prevx.com/hijackthis.asp

KoanYorel

Jun 25 2006, 04:13 PM

A quote from one of the BC's Moderator's: Quietman7

QUOTE

Online HijackThis analyzers DO NOT always identify all the malware or all the files properly. They sometimes list legitimate files as bad and bad files as legitimate. Although these sites are open to the public, the user needs to know what they are doing and how to research the displayed log entries before using the original HijackThis application to fix anything.

HijackThis is an advanced tool that requires advanced knowledge about the Windows Operating System. Most of the log entries are required to run a computer and removing essential ones can potentially cause serious damage such as your Internet no longer working or problems with running Windows itself.

HijackThis is an enumerator and similar in some respects to a registry editor program which displays areas of the Windows registry where the majority of Viruses, Trojans, Spyware, Adware, and Malware reside. HJT will scan certain areas of your system and then create a log to help diagnose the presence of undetected malware in these known hiding places. It then relies on experts to interpret the log entries [the areas of the registry that it displays and all running processes in Task Manager at the time the log was created] and determine what needs to be fixed.

And just because you "fixed" something with HJT, that does not mean you have a clean system. The "Fix" button in HJT does NOT remove any malware but rather it removes the associated registry entry. Having HJT "Fix" listed entries in a log does not complete the cleaning process. There are specific files and folders which must be deleted afterwards. HJT does NOT delete them.

Futher, removing entries in HJT before the problem is properly identified can make the malware undetectable to other detection and removal tools. HJT this should only be used to clean up the entries left behind, after you have properly removed the malware.

If you do not have advanced knowledge about computers you should NOT fix anything using HijackThis based on information provided in any of the HJT online analyzers without consulting a expert as to what to fix. If you choose to fix anything by yourself, you do so at your own risk.

saint satin stain

Jun 29 2006, 07:51 PM

I say use both. Use the Prevx online analyzer, but you'd be a fool to depend on it alone. Humans are smarter than computers; we seem to forget that fact. Check out the size of the computed needed to get a robot to simulate human walking, a navigation miracle the brain achieves admirably. I prefer to bank with humans. I prefer human analysis of my logs. But use both. You can ask questions of the humans.

rms4evr

Jun 30 2006, 08:18 PM

I agree wholeheartedly. Unfortunately, it is very easy to delete files that are essential to your system, thus crippling your computer. I'd rather be safe than sorry, and have my log analyzed by people who know what they are doing. What saint satin stain said is all to true: Humans are smarter than computers.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.