Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Automatic Hijackthis Log Analyzer?


  • Please log in to reply
3 replies to this topic

#1 Cricket57

Cricket57

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 23 May 2006 - 06:40 AM

Hi guys,

Seeing as there's a lot of HijackThis log analysis going on in here, I thought I'd see what you all think to this new Automatic HijackThis analyzer Prevx are now offering? I've run a couple of logs through and it certainly seems to find offending items, although not in the highest of detail.

Could this spell the end of manual log analysis or will we all still have our little hobby and knowledge to share? :thumbsup:

http://www.prevx.com/hijackthis.asp

BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:02:34 PM

Posted 25 June 2006 - 04:13 PM

A quote from one of the BC's Moderator's: Quietman7

Online HijackThis analyzers DO NOT always identify all the malware or all the files properly. They sometimes list legitimate files as bad and bad files as legitimate. Although these sites are open to the public, the user needs to know what they are doing and how to research the displayed log entries before using the original HijackThis application to fix anything.

HijackThis is an advanced tool that requires advanced knowledge about the Windows Operating System. Most of the log entries are required to run a computer and removing essential ones can potentially cause serious damage such as your Internet no longer working or problems with running Windows itself.

HijackThis is an enumerator and similar in some respects to a registry editor program which displays areas of the Windows registry where the majority of Viruses, Trojans, Spyware, Adware, and Malware reside. HJT will scan certain areas of your system and then create a log to help diagnose the presence of undetected malware in these known hiding places. It then relies on experts to interpret the log entries [the areas of the registry that it displays and all running processes in Task Manager at the time the log was created] and determine what needs to be fixed.

And just because you "fixed" something with HJT, that does not mean you have a clean system. The "Fix" button in HJT does NOT remove any malware but rather it removes the associated registry entry. Having HJT "Fix" listed entries in a log does not complete the cleaning process. There are specific files and folders which must be deleted afterwards. HJT does NOT delete them.

Futher, removing entries in HJT before the problem is properly identified can make the malware undetectable to other detection and removal tools. HJT this should only be used to clean up the entries left behind, after you have properly removed the malware.

If you do not have advanced knowledge about computers you should NOT fix anything using HijackThis based on information provided in any of the HJT online analyzers without consulting a expert as to what to fix. If you choose to fix anything by yourself, you do so at your own risk.


The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 saint satin stain

saint satin stain

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huntsville, AL and Greenwich Village
  • Local time:01:34 PM

Posted 29 June 2006 - 07:51 PM

I say use both. Use the Prevx online analyzer, but you'd be a fool to depend on it alone. Humans are smarter than computers; we seem to forget that fact. Check out the size of the computed needed to get a robot to simulate human walking, a navigation miracle the brain achieves admirably. I prefer to bank with humans. I prefer human analysis of my logs. But use both. You can ask questions of the humans.

saint satin stain
Responsible for what I say,
not for what you understand.
www.leftinalabama.com


#4 rms4evr

rms4evr

  • Members
  • 812 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:East Coast
  • Local time:02:34 PM

Posted 30 June 2006 - 08:18 PM

I agree wholeheartedly. Unfortunately, it is very easy to delete files that are essential to your system, thus crippling your computer. I'd rather be safe than sorry, and have my log analyzed by people who know what they are doing. What saint satin stain said is all to true: Humans are smarter than computers.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users