I’m very concerned with the recent proliferation (perhaps equivalent to the summertime bunny population) of online HijackThis readers. I’ve seen them popping up more and more in blog posts as viable alternatives to a proper log reading. More and more on forums, I notice the abundance of people seeking help with their logs. Sadly, these forums are staffed primarily by trained volunteers - and there just aren’t enough of them to satisfy the rising demand. As viruses and malware continue to become more sophisticated and prevalent, I’m sure the demand is going continue this increasing trend.

Follow up:

A HijackThis log takes several hours to read properly. It’s a big time investment. Remember, HijackThis is a very powerful tool. Used improperly, you can render many aspects of your machine useless. You should always know exactly what you are removing and be sure it’s safe and appropriate to do so. No two machines are the same. No two situations requiring assistance are exactly the same. Thus trying to fully automate the log reading process with any accuracy is virtually impossible (in my humble opinion).

In my Hijack This blog entry I linked to a download for a HijackThis reader. I’d like to say I still firmly believe these have a purpose, and can be useful in some instances for a quick overview to look for immediate problems. BUT they are NO SUBSTITUTE for an accurate and detailed manual reading of a log. The reader I linked to is no exception. It should never be treated as "the answer". It however, is extremely good at linking every entry to Castlecops and/or Google so you can easily find additional information on any given item. This can be a big time saver vs. copy and pasting each entry into your browser search box.

My biggest concern comes in the items these sites do not interpret properly. They overlook some potentially dangerous items, and I’ve even seen them flag necessary items (especially ones Vista requires) as ones that should be removed. Further, scan the same log on multiple sites, and you’re going to get different opinions as to how to handle items. Not to mention, some sites don’t give you any links to other references, just the information they alone provide. So if you don’t know how to do more research on your own - you have no idea if what you are seeing is good information or bad.

Many people do not have the time nor the inclination to learn to read a HijackThis log. That’s fine. I totally understand. It is an odd breed for sure that actually enjoys the tedious searching for each and every entry on a log. (Yes, I fully admit I am one of these odd people - I get a personal sense of satisfaction from it.) And certainly waiting for help in a forum, when your machine is in obvious need of help is extremely frustrating. But unless you are willing to learn how to double check each and every one of the items online interpreters find, then you risk really messing up your machine by using them blindly. And if you are willing to look up those items, then you’re more than capable of learning to read the entire log on your own and making far better decisions. There are any number of reputable sites to assist in researching items found on a log, and perhaps the best one is Google. It will show sites that can give you the best information to help you make your own determination on log file items.

Almost anyone can learn to read HijackThis logs if they want to - but if you aren’t willing to make the time investment to learn to read your own files, then I strongly suggest you have someone you trust implicitly look it over, or post in a forum and patiently wait for assistance. Relying solely on an online site to interpret your file for you is foolhardy and if you choose to go this route, be forewarned of the dangers. Ultimately, you are the one responsible for the changes you choose to make. Would you rather have someone who took the time to read your file (whether it be you or anyone else) or a computer that only knows how to compare this to that and spit out an answer?