[It Wasn't me]

I found this to be a useful tool. I am posting this to find out what other people think of it. I in no way think that it should be used in the place of professional help with a hijackthis log. I am just looking for opinions.
http://hijackthis.de/index.php?langselect=english

[Skivvywaver]

I have used it. It is useful but definitely not a replacement for a good human.

It gives me some false positives. It hits popupcop every time as nasty. If popupcop is a HiJacker I have been willingly HiJacked for about 4 years.

It is good for people like me that know what is supposed to be on their machine but once in awhile might see a stranger lurking in the log.

[It Wasn't me]

Yes I agree. It is NOT to used as a replacement for a human but I believe it can be used as and educational tool that will help those who don't know how to read Hijackthis logs. Most times it states (possible nasty) unless you recognize it. Then those who don't know should Google the possible nasty and find out what it is.

[Skivvywaver]

Yep, I agree. If I get something I don't know about for sure I see the crew in the security forum.

They are so busy in there I try not to bother them unless I am for sure whacked. I don't read HiJack logs well, but I get by OK most of the time.

Remember the story about the Dutch boy that stuck his finger in the dam? I have about 50 Dutch boys on this machine. I run more security than is most likely needed but I don't get whacked very often.

Knock on wood I don't think I have had a log in security for almost a year.

[It Wasn't me]

Thanks SKIVVY
Good Humor your good you!

[hewee]

My log was looked at today as being clean, but here is the "Short analyzing" you get from clicking the link at the bottom.

O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\PROGRAM FILES\SPYCATCHER\SCACTIVEBLOCK.DLL - Unknown
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit - Unknown
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\KEM.EXE - Unknown
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE - Unknown
O4 - HKLM\..\RunServices: [BitDefender Communicator] C:\Program Files\Common Files\Softwin\BitDefender Communicator\\xcommsvr.exe - Unknown
O4 - HKLM\..\RunServices: [BitDefender Live! Init] C:\Program Files\Softwin\BitDefender Free Edition\\bdinit.exe - Unknown
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - - Possibly nasty === " This is for the inlone housecall "

So I have used just to look at a log but I go by what other people here say. Then I keep and date the log so I can look at it later and see if there are changes etc.

[foxfire]

Quote:

Originally Posted by It Wasn't me

I found this to be a useful tool. I am posting this to find out what other people think of it. I in no way think that it should be used in the place of professional help with a hijackthis log. I am just looking for opinions.
http://hijackthis.de/index.php?langselect=english

Yes, I have used this whilst learning to analyse HJT logs but I have found that it is NOT FOOLPROOF.

Unless the user understands exactly what it coughs up as malware, it can be
misinterpreted.

I would suggest that its useful as a guide but that a technical expert, as present in our Security Forum is far safer.

Foxfire

[sachinsurose]

From where to download HJT?

[hewee]

Quote:

Originally Posted by sachinsurose

From where to download HJT?

http://www.trendsecure.com/portal/en...ols/hijackthis