DarkestDream Posted November 29, 2005 Report Share Posted November 29, 2005 (edited) oh well, that what we have to put up with this Edited November 29, 2005 by DarkestDream Quote Link to post Share on other sites
JDoors Posted November 29, 2005 Report Share Posted November 29, 2005 ... You can theoretically delete everything in a HJT log ... Actually, I'm going to commend you for saying so. The guy had a point that Windows will boot and obviously any malware entries would be gone. But that's like swatting a fly with a nuclear bomb. It'll work, but nobody in their right mind would recommend it. My take is the guy just got a little full of himself. You know, "A little knowledge is a dangerous thing." It happens from time to time. I think people got carried away with the importance of his advice, though they are correct to defend TC's honor. BTW, TC showed a lot of restraint & class with his responses. Quote Link to post Share on other sites
Matt Posted November 29, 2005 Report Share Posted November 29, 2005 and obviously any malware entries would be goneWell, this is not entirely true. If you look at my first post in this thread (here), I talk about this. Most malware today won't be gone by just "fixing" the entry in HJT. Often, the helper will supply one or more other tools while analyzing a log. And, even if other tools aren't needed, certain lines in HJT , such as O4s also need to corresponding file to be deleted. So, once again, while it may be safe to do this with HJT, it probably won't help too much with your malware problem.Matt Quote Link to post Share on other sites
Chappy Posted November 30, 2005 Report Share Posted November 30, 2005 (edited) and obviously any malware entries would be goneWell, this is not entirely true. If you look at my first post in this thread (here), I talk about this. Most malware today won't be gone by just "fixing" the entry in HJT. Often, the helper will supply one or more other tools while analyzing a log. And, even if other tools aren't needed, certain lines in HJT , such as O4s also need to corresponding file to be deleted. So, once again, while it may be safe to do this with HJT, it probably won't help too much with your malware problem.MattPlus...as I mentioned, if there are O10 entries present in the log due to something injecting itself into the TCP/IP stack, they'll break the chain and lose Internet capabilities.His statement that "everything in the list is suspicious material", is in itself completely false. Windows processes are certainly NOT suspicious, nor are proper browser entries or startups such as AV and firewalls.Also, any wanted (browser O8 O9's) extras will be deleted by doing this causing the user to loose that funcionality and have to reinstall the extras again.So, it may be semi-true that you can delete everything, more bad than good can come of it by doing that. I'm still curious to see if W98 breaks trying this, due to systray and explorer being needed startups for that OS. Edited November 30, 2005 by Chappy Quote Link to post Share on other sites
JSKY Posted November 30, 2005 Report Share Posted November 30, 2005 Thats all I can say Quote Link to post Share on other sites
bozodog Posted November 30, 2005 Report Share Posted November 30, 2005 Quote Link to post Share on other sites
TheTerrorist_75 Posted November 30, 2005 Report Share Posted November 30, 2005 I posted to that guy....first time I've posted there since....well, you know.But this guy is an idiot X-trordinaire, and he deserves the roasting he's getting. If he ever did post at TC's, he'll never post again if he does tell us his username there, Gal will make sure of that after she reads that POS post.If they ever did post that kind of advice here baker7, we would have that post removed SO FAST, that nobody would have the chance to read it anyway.I went to TC's forums and researched some of that idiots posts. He would constantly butt into HJT logs. Many of them he would start then sya he had to leave for some purpose and notify someone that would "take" over. He is a danger period. People need to be aware that inayshu320(?) is also a danger with HJT logs. Quote Link to post Share on other sites
JDoors Posted November 30, 2005 Report Share Posted November 30, 2005 (edited) and obviously any malware entries would be goneWell, this is not entirely true. If you look at my first post in this thread (here), I talk about this. Most malware today won't be gone by just "fixing" the entry in HJT. Often, the helper will supply one or more other tools while analyzing a log. And, even if other tools aren't needed, certain lines in HJT , such as O4s also need to corresponding file to be deleted. So, once again, while it may be safe to do this with HJT, it probably won't help too much with your malware problem.Matt I chose my words carefully: "any malware entries would be gone" is technically correct since I was addressing the so-called advice to delete the entries. Since the advice is technically incorrect (that deleting all the entries would fix all your problems without causing any new ones) I didn't feel it was necessary to add the additional information you brought up, but yes, while the entries would be gone that's simply not enough to purge all malware from a system, hence the entire point of having to analyze the HJT log in the first place.<edit> Yup, they can reappear, so even on that level ... he fails: That guy was so wrong on SO many levels! Edited December 1, 2005 by JDoors Quote Link to post Share on other sites
Matt Posted November 30, 2005 Report Share Posted November 30, 2005 (edited) and obviously any malware entries would be goneWell, this is not entirely true. If you look at my first post in this thread (here), I talk about this. Most malware today won't be gone by just "fixing" the entry in HJT. Often, the helper will supply one or more other tools while analyzing a log. And, even if other tools aren't needed, certain lines in HJT , such as O4s also need to corresponding file to be deleted. So, once again, while it may be safe to do this with HJT, it probably won't help too much with your malware problem.Matt I chose my words carefully: "any malware entries would be gone" is technically correct since I was addressing the so-called advice to delete the entries. Since the advice is technically incorrect (that deleting all the entries would fix all your problems without causing any new ones) I didn't feel it was necessary to add the additional information you brought up, but yes, while the entries would be gone that's simply not enough to purge all malware from a system, hence the entire point of having to analyze the HJT log in the first place. That guy was so wrong on SO many levels! Hi JDoors. Actually, that is still incorrect--sometimes. For example, if a HJT log showed the following lines:O2 - BHO: MSEvents Object - {79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - C:\WINDOWS\system32\pmkhi.dllO20 - Winlogon Notify: pmkhi - C:\WINDOWS\system32\pmkhi.dllAnd you "fixed" them, or everything with HJT, those lines would come back. So, lines wouldn't nessescarily be gone. Certain infections, like this one reappear in HJT if you do not fix them with the correct tools. Anyway... I'm glad to see this guy is out of the spyware community. Yes, he was wrong on so many levels! Matt Edited December 1, 2005 by Matt Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.