Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This Logs Question


  • Please log in to reply
2 replies to this topic

#1 tufek22

tufek22

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 30 September 2008 - 11:59 AM

This is mostly directed at all the nice people helping everyone with their infection.

I was wondering if you use any parsing tools to figure out whats going on?

I have been looking over some of the tutorials because I would like to learn how some of this software works, and would be intrested in creating some kind of parser if it already doesnt exist.

Would appreciate any input on the type of functionality desired or possible modification to existing scripts.

I am guessing there is something like this already out there but it would be nice to help since I really appreciate everything you do here.

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:01 PM

Posted 01 October 2008 - 07:40 AM

For the most part, we do not believe in parsers as they become prone to false positives. There are too many malware that impersonate valid names, or replace legitimate files, that parsers just become too dangerous.

That means that we parse each line one by one.

#3 tufek22

tufek22
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 01 October 2008 - 06:55 PM

Good point,

Thanks for the answer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users