Buffythemouse, I just want to state that these statements are not directed towards you but are rather a rebuttal to the blog entry.
There are a few points that are valid and many others that are not. Let me also state that this is my opinion, though I am usually right
, and everyone is entitled to disagree or agree with them. I would love to hear other people's thoughts on this.
Let it first be said that I agree entirely that HijackThis is not a removal tool per se, but rather an enumeration tool. It allows the user to determine in an easy and quick manner what types of programs are being started from various popular run locations in the registry/system files and various settings that are known to be tampered with by malware. Then it is up to the log reader to figure out what needs to be done.
With that said, the whole elitist theory is a pile of ****. The only reason we, and the other boards like BC, do not allow untrained or inexperienced users to post to hijackthis logs is that there is a great deal that can go wrong if you fix the wrong the entry. For example, fixing a O10 entry in HijackThis will ultimately break your computer's network connection. No one who is properly trained will use hijackthis to fix these, but know instead to use a program like LSP-Fix which specializes in LSP removal.
Lets dig down further into this blog entry. They state:
Currently the top three applications for removal of Spyware also happen to be free:
Spybot Search and Destroy
Cwshredder is not a general purpose removal tool. For some reasonpeople always tend to include as a tool that should be generically run if you have a problem. This is a specialized tool that is used against specific infections.
This results in this never ending posting - counter posting of HijackThis logs until someone tells them to run a virus scan or use one or more of the Spyware scanners. Talk about ridiculous!
Agreed that would be ridiculous and sometimes it does happen. BC, though, has a very long winded preperation guide
that states that a user should run all these apps before posting a hijackthis log. I can't speak to what other forums do.
The other obvious problem is when new Spyware is detected before the scanners have had a chance to release an update. This happens but not that often at least not as often as some of the Elite try to say it happens.
BS. This happens more and more often these days. There are quite a few malware that we helpers know how to remove way before the software companies put it in their definitions. What are we supposed to do, tell the user to sit there and suck it up while waiting for the software companies to update their infections? No.. we create our own tools and guides so that the user can be cleaned immediately. There are some infections that even after months the software companies still do a worse job then what the helpers can do one on one.
The fact still remains that in the large number of cases if you run the correct scans in the correct order and then check HijackThis, it will be clean.
BS again. Totally untrue as you will see by many of the logs in this forum after they follow the prep guide. The reality is that people get infected and want to be fixed immediately. As I said above they dont want to wait for the antivirus or antispyware definitions to be updated before they can be fixed. Also there are many malware that are just to difficult to be removed via software due to various reasons that a one-on-one situation can do much easier. I can't say how many times I have run software products which get a lot of the malware but leave behind plenty to clean.
hey refuse to let anyone but those trained in their "special" HijackThis removal courses to help people on their forums. This is completely absurd and the most blatant example I have seen of Elitism yet.
No this is not elitism. It is simply protecting the users who come to my site. As I said previously there are many items in a HijackThis log that can affect the performance or operation of the operating system if fixed. Unless you know how to interpret these logs, then you may fix items that are not supposed to be fix. So if its a choice between elitism and protecting the people who come to my site or allowing anyone to help with a log and possibly cause a problem...I will choose elitism.
A responsible solution is simply recommending running a set of relatively simple scans. After which only if necessary (usually not) posting a HijackThis log. That is not even necessary anymore with the Online HijackThis Analyzer.
This last statement alone shows me how little this person knows what they are talking about. The online log analyzers are riddled with false positives that make it extremely confusing for a reader to understand unless they know what they are looking at. Then when the reader follows the suggestions they wonder why certain programs are not starting automatically, other programs dont work, etc etc etc. Now they are left with nowhere to turn and are stuck with a screwed up system. This would have been avoided if they instead posted a log to a forum.
On a last note, I will say that HijackThis logs have destroyed the search results. Anyone try to find info on a certain file or registry key without a whole slew of hijackthis logs coming up instead? Can make it very hard to find info you are looking for.