[Bubba]

I got booted from the malwareU program because I spent time researching this issue after my HJT results were dog squeeze on my Vista64 machine. I asked REPEATEDLY why I got null results and would not "progress" until my questions were answered satisfactorily. SO I will ask the two HJT experts here (and probably get booted) the same question.

Does HJT work on Vista, more specifically Vista64? Don't tell me do more research, I have researched my ass off. I have done everything but Email the creator of the program, which I probably shpould have done.

The fields I get on my Vista64 machine are goobly glop. Maybe I don't know enough to interpret them, but maybe I do and they are goobly glop. The registry does not show up. I had a thread here on that and got no answer. So "what's eh the deal" (pink floyd reference)? XP is dead, support is soon to be discontinued by MS and it's gonna be Vista or the new Windows 2007, which will be Vista under a new name without the baggage that Vista carries. Kinda like ME and XP if you know what I mean.

If I hit "analyze this" on ANY line I get the following response:
http://trendsecure.custhelp.com/cgi-...i=&p_topview=1

I'm sure that malware writers are hot and heavy on Vista, but it seems the "fighters" not only AREN'T, but are willing to stone to death those who question their Luddite attitude. So what's the real deal? Am I on my own here? I'm used to that so it's no big deal, I can think of very few instances in my life when I have asked questions that I have gotten meaningful answers.

What does HJT offer the current generation of computer users who use the current version of Windows?
The proof is in the pudding and HJT seems to be WAY out dated.

[Blind Dragon]

yes it works

it shows some valuable info when you are analyzing a victims machine - this may be of use to you moving forward -> http://www.bleepingcomputer.com/tuto...utorial42.html

you should never hit analyze this nor recommend anybody use that feature.

you should always install hijackthis to its own directory and not a temp directory or download directory.

=============

I feel that the program still serves a purpose and still does what it has always been intended to do.

There are programs out there they give you a more detailed look at the same registry keys - however they also tend to have side effects and require far more training.

The tutorial listed above should help the logs make more since

The basic thing to understand is that each section corresponds to a different section of the registry as you will see from the tutorial.

Regards,

BD

[evilfantasy]

Sorry to hear about getting booted.

HJT is not "fully" compatible with Vista64 but does work as it is intended. It hasn't updated in a while for one reason. It doesn't need to. It's intended to be a diagnostic tool for analyzing. There are extra functions but the use of actual antivirus and antimalware scanners is preferred. HijackThis points you in the direction you need to go next and is an excellent tool.

As Blind Dragon stated, you should never hit analyze this nor recommend anybody use that feature. It's use is not intended for what it sounds like. When Merijn sold HJT to Trend there was a small outcry and many vowed to never use the new 2.0 version from Trend doe to the AnalyzeThis button.

A quote from here: HijackThis is now spyware?

Quote:

In addition to improvements like support for Windows Vista, they’ve added a deceptively titled “AnalyzeThis” button. While the average user likely thinks the AnalyzeThis button provides helpful information for diagnosing their log, it’s main purpose is to send the HJT log data to Trend Micro. Unfortunately, unless you carefully read the Trend Micro End User License Agreement, you would probably never know that the AnalyzeThis button submits the data from your HijackThis log to Trend Micro for use by them and their partners.

Vista may be the future but XP is not going anywhere anytime soon.

[Bubba]

Thanks for the replies, I'll continue learning how to use it then. Thanks.

[Glaswegian]

Hey Bubba, sorry to hear about MU.

The guys have covered HJT nicely.

One thing I would add is that HJT is being used less and less now - mainly because it just doesn't show enough information -especially where rootkits are concerned. I haven't asked for an HJT log for some time.

[evilfantasy]

I'm stubbornly clinging to HJT in the Malware Removal Instructions. I will be changing it pretty soon to using RSIT instead.