• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

The hijackthis thread

Confuseling

Irreligious fanatic
C
Joined
Feb 26, 2008
Messages
1,243
I have been told by many computer literate people that hijackthis, a small program that will produce a dump of many config files and registry entries so as to allow a technically competent person to scan through them and identify problems, is probably the most powerful virus (or malware generally) killing software available for free.

The problem is, having run it, you then have to post its output on a forum and follow the advice given. The program is potentially quite dangerous, and you need to be able to trust the forum. This thread, a spin-off from here, is for people to post advice or reviews about such sites, discussion about hijackthis itself, or similar virus killing strategies.

Thanks.
 
(snip) hijackthis (snip) is probably the most powerful virus (or malware generally) killing software available for free.
Click to expand...
It is probably also the most powerful computer killing software available for free, which shows just how powerful it is. And I don't think it actually does anything against viruses in the proper sense of the word.

The easiest way to check its log files is the LogFileAuswertung. It sometimes claims that a program found in the "Program Files" folder is supposed to be in a "Programme" folder as it assumes a German language version of Windows, but other than that it hasn't steered me wrong yet.
 
Good to hear you can get the logfile interpreted automatically. I think novice users (myself included) wouldn't really feel comfortable poking around to that extent without advice - as you noted, it is a dangerous toy in the wrong hands - so I think the forums are still very necessary. Here's the one I originally heard of:

http://www.geekstogo.com/forum/forums.html

I was under the impression that it was useful for isolating viruses and preventing them from loading themselves at boot, allowing you to delete them properly - though I may have been entirely mistaken.
 
Last edited:
I don't know... I don't want to denigrate a tool that others find useful, but personally I've never used it. And computing support is my profession.

HijackThis output logs always annoyed me because it would do an "everything and the kitchen sink" dump of registry settings, etc., and it would just take forever to parse through. I've always been able to work faster by identifying the infection/compromise from the symptoms displayed, then either making sure the antimalware/antivirus program was capable of removing it, or looking up details on the infection and manually removing the keys that the documentation says belong to the infection. It's a lot easier to discover that HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\...\whatever key was the problem through a notice or website by Trend, Symantec, F-Secure, Microsoft, etc. and remove it manually than try to make heads or tails of a HijackThis dump.

Then again, if others find there's utility in using the app, then that's a good thing.
 
I do the same work as ElMondo and I never go anywhere with HJT on a flash drive. Since pretty much all of my uni's PCs are set up exactly the same way, I can scan through its log quickly just looking for anything that's outside the norm. Once I find something, I can go from there to figure out if it's a bad something outside the norm.

I may rely on it and like it more than El because I have a very House, M.D. approach to listening to users describe their problems: I don't. At best, they misremember or leave out important details. At worst, they lie.
 
Wasn't there a little stink a while back about a version of 'hijackthis' exposing software activation keys? I may misremember which 'security' product. But I do remember the keys were posted for all to see once somebody spotted them and pointed them out.

Nothing like discovering you can't 'upgrade' or even re-activate after a nasty crash because your product ID is officially 'warez'.

If you're going to use Windows, run Windows in a virtual machine and browse the web from that. You can always revert the virtual machine state back to the snapshot you took when you set the VM up.

Back up your work to offline storage. Back up your boot partition. Restore if anything goes wrong.

Oh, and NEVER store anything 'sensitive' on your PC. You can copy your personal stuff to a USB flash drive, back up that drive and don't leave it plugged into the PC. Plug it in, access it, unmount it, remove it. There's nothing any bogey-man software can do to 'steal your secrets' if they aren't present to be stolen.
 
pingnak - that does sound like a slight design flaw. Oh well. :)

Can't find any mention of it, so presumably it has been fixed, if indeed it is hijackthis you are thinking of.

After a little more surfing, I'm starting to think I may have been misinformed as to its virus killing potential, as Earthborn suggested. Anyone got any insight?
 
You must log in or register to reply here.

Back
Top Bottom