Bug in HijackThis

Discussion in 'other software & services' started by Pieter_Arntz, Apr 29, 2008.

Thread Status:
Not open for further replies.
  1. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I assume this issue was present before TrendMicro took over, so it would be present in previous versions still offered, like 1.99.1. TM may not be able to find solution as they were not the authors, is what I'm getting at. I assumed it was more for promotion than development when they purchased HjT...
     
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    The same issue was present in 1.99.1 but we can't expect Merijn to fix the problem either, can we?

    I must add that Trends' support was excellent initially, but somehow they must have lost interest.

    Regards,

    Pieter
     
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Thankyou Pieter for the info.
    Groetjes,

    Gerard
     
  5. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Doesn't Merijn still distribute 1.99.1o_O Sorry, I looked it up & answered my own question. From Merijn's page "I no longer own, maintain or support HijackThis. In March 2007, I sold HijackThis to TrendMicro. This includes the complete rights, the source code and customer support. I can no longer help you with error messages in HijackThis, bugs or missing features. If you use an older version of HijackThis, upgrade. If you find a bug, contact TrendMicro." I still use 1.99.1 and got it from his site. I knew of the sale but not of his position after the sale...
     
    Last edited: Apr 30, 2008
  6. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    No problem. It is hard to find, especially with Merijn's sites and pages being offline.

    Regards,

    Pieter
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
  8. BoaterDave

    BoaterDave Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    62
    Location:
    Devon, England
    "Tony Klein has found a Fact Case exception in support of Metallica's study's conclusion. See: http://www.dslreports.com/forum/r20460519-"

    Bill Castner also says "The study is seriously flawed in methodology and erroneous in the conclusions drawn. Not to mention offensive in Tone. The author has revised his original study based on some of the criticism above."

    So .......... is Pieter's study flawed or not?

    Just interested! ;)
     
  9. Vietnam Vet

    Vietnam Vet Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    306
    BoaterDave,

    Not quite sure what exactly bcastner is all upset about. He appears to be reading things into Pieter's comments that just aren't there. As for his comments about whether the results were erroneous, I would suggest he back up and try again. Using the same example that Pieter used, adding funnyfile.exe to the shell=explorer.exe line in the system.ini file on a 98SE system will NOT show up in a HijackThis log. Rebooting the system will cause windows to complain about not being able to find the file, so obviously windows is seeing the change. That is precisely what the point was. HijackThis did not report the change.

    And as for the study being revised, the only change was to correct the reference to the system.ini folder to say system.ini file.
    Clearly not trying to mislead anyone as to changing the report after the fact.

    If someone using 98SE has problems and posts a HijackThis log somewhere to get help, there is a possibility that there may be more to the story than what meets the eye. Pieter did not say don't use HijackThis because it is seriously flawed. Lot of things don't show in it's logs. No secret there. The point is the people that are reading the logs to help others, should be aware of the fact the possibility exists.

    So what's the problem?

    Best wishes,
    VV
     
  10. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Where my reporting and testing methods may not have been up to academic standards, I do stand by my conclusions.
    And like Vietnam Vet, who was one of the kind people to test this for me, demonstrated, a helper that has read my comments will be quicker to have a closer look at system.ini then one that expects HijackThis to report the change.

    The same, although not as serious, can be true for the other problem.
    If HijackThis reports a line like this:
    O20 - Winlogon Notify: ffaabb - C:\WINNT\
    then they might remember that a possible cause is the DllName value to be missing.

    Regards,

    Pieter
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    @Pieter_Arntz

    Do you recommend against depending on Trend's HJT anymore or are these just unfortunately inherent flaws that are minimal but worth keeping a close eye on?

    Merjin always kept this great app at it's best and most of us can understand his purpose to finally part with it, but let's hope Trend studies reported issues and corrects them soon.

    EASTER
     
  12. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    There is not much reason to depend less on HijackThis then you did before.
    More and more it has become an app to take a first glance, based on which you can choose your follow-up.

    It would be nice if they saw fit to correct found flaws though. :)

    Regards,

    Pieter
     
Loading...
Thread Status:
Not open for further replies.