Jump to content


Photo

HijackThis 1.98


  • Please log in to reply
44 replies to this topic

#1 Merijn

Merijn

    Coding monkey

  • Developer
  • PipPipPipPip
  • 260 posts

Posted 29 June 2004 - 02:47 AM

Finally, HijackThis 1.98 is ready for public release.

New in this version:
* Added freaking 50 new Registry value to scan for IE!
* Added status text during scan.
* Added a ton of new files to the LSP whitelist (missing imon.dll shouldn't show anymore as well).
* Support for non-US character sets (Japanese, Traditional/Simplified Chinese and Korean)!
* Fixed a bug where R3 entries ending in '}_' weren't fixed.
* Backups are now placed in a seperate folder labelled 'backups'.
* Improved detection of O4 Registry autoruns, RunServicesOnce key is now also checked.
* Fixed a possible catastrophic bug in fixing of F2 Userinit entries (incorrect backup restore).
* Added small process manager and hosts file editor (Misc Tools).
* Disabled routine to fix O10 items, since this can break the Winsock LSP stack.

http://www.spywarein.../hijackthis.zip

Have fun :)

#2 808chick

808chick

    SWI Junkie

  • Retired Staff - Helper
  • PipPipPipPip
  • 262 posts

Posted 29 June 2004 - 05:28 AM

Thanks Merijn...this is great news!!

#3 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 29 June 2004 - 06:46 AM



:wtf:

Hello, Merijn !

I downloaded the new HJT v.1.98, and I got an error during the very first scan!

I followed the instructions that you included with the "Error Report". I e-mail the error notification along with the scan that v.1.98 produced.

I followed that up with another scan that I did with the HJT v.1.97 and e-mailed that too.

I hope you don't mind. I wasn't sure if v.1.98 got everything right.

BTW : It sure is nice to have a new version, even if my first experience with it wasn't what I was expecting.

Robin Hickman :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#4 netquik

netquik

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 29 June 2004 - 08:35 AM

hi.. thanks for your work

i would like more info (like in tutorial)

for these (for updating my italian guide)
* Added O20 (AppInit_DLLs) in light of newer trojans
* Added O21 (ShellServiceObjectDelayLoad, SSODL) in light of newer trojans
* Added O22 (SharedTaskScheduler) in light of newer trojans


thanks

#5 therock247uk

therock247uk

    247fixes.com

  • Ambassador
  • PipPipPipPipPip
  • 870 posts

Posted 29 June 2004 - 09:27 AM

Kewl thanks Merijn some nice new features aswell :D

#6 dkt

dkt

    Member

  • New Member
  • Pip
  • 2 posts

Posted 29 June 2004 - 11:24 AM

My 1.97 scan is clean but with 1.98 I have two entries that confuse me:

F0 system.ini: shell=
F2 reg:system.ini: userinit=C:\windows\system32\userinit.exe

The HJT tutoral says that F0s are always bad and nothing about F2s. However, userinit.exe is a ms file and HJT does not remove the F0 entry. Are these OK?


Thanks for HJT and CWShredder.

David

#7 kd5

kd5

    Member

  • New Member
  • Pip
  • 2 posts

Posted 29 June 2004 - 11:43 AM

I have the exact same entries dkt, I'm also wondering what they mean and if I should get rid of them. -kd5-

#8 Merijn

Merijn

    Coding monkey

  • Developer
  • PipPipPipPip
  • 260 posts

Posted 29 June 2004 - 12:30 PM

dkt, kd5, take a look here:
http://www.spywarein...=15

#9 kd5

kd5

    Member

  • New Member
  • Pip
  • 2 posts

Posted 29 June 2004 - 12:33 PM

Thanks Merijn. I tried to access your link and got these messages:

This menu has been disabled

Sorry, an error occurred. If you are unsure on how to use a feature, or don't know why you got this error message, try looking through the help files for more information.

The error returned was:

You do not have permission to view this topic

-kd5-

Edited by kd5, 29 June 2004 - 12:38 PM.


#10 lyzawer

lyzawer

    Member

  • Retired Staff - Helper
  • Pip
  • 35 posts

Posted 29 June 2004 - 03:00 PM

Oh, you have to be at least a "helper trainee" to see that post.

The text in question:

F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,

The F0 entry is listed because it's empty - which is OK because you're running Win2000/XP, I'm guessing. The reverse case will probably show as well (reg entries shell etc showing in Win9x when present or not). I saw this one coming but haven't decided if it actually needs to be fixed/changed.

The F3 UserInit entry should not show, and I haven't changed anything about that part recently, AFAIK. I'll check it out.


It shows up on my system as well. As long as it's blank, I think the consensus is to leave it alone.

#11 dkt

dkt

    Member

  • New Member
  • Pip
  • 2 posts

Posted 29 June 2004 - 04:47 PM

Thanks, I will.

David

#12 siliconman01

siliconman01

    Member

  • New Member
  • Pip
  • 1 posts

Posted 29 June 2004 - 04:49 PM

When using the "Check for Update Online" option in V1.98, I get an error message that says

"Unable to connect to server (www.spywareinfo.com). Either you have no Internet connection open or the server is down."

I had another user of HiJackThis try the update online option after upgrading to V1.98 and he receives the same error message.

Is the server down?

I'm using a 2 mbit cable modem always connected. The previous version of HJT worked just fine.

#13 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 29 June 2004 - 07:25 PM

Merijn unless I am mistaken, the .exe version is still 1.97.7.
http://www.spywarein.../HijackThis.exe

(The .zip gives 1.98.)

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#14 Merijn

Merijn

    Coding monkey

  • Developer
  • PipPipPipPip
  • 260 posts

Posted 30 June 2004 - 03:08 AM

cnm: updated that copy as well.

Seems like there's enough reasons to make a hotfix. :(

Edited by Merijn, 30 June 2004 - 03:08 AM.


#15 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 30 June 2004 - 06:07 AM

Hi Merijn-
First of all, thanks so much for the great Programs you've shared with us. They've been most helpful more times than I can count.

Seems like there's enough reasons to make a hotfix.   :(

Sorry to see the frown, but concerning your quote. I have been receiving the error message below.
I know it is similar to a message from the past that might occur if someone were using an older version of HijackThis. Of course, that's not the case here.

I have never had this message using v1.97.7, but V1.98 seems to give it consistently.
I should add that after I close the error box, the scan is complete without problems or unusual results. (Except for the two entries mentioned above by "dkt" and "kd5" which I understand now).

Anyway, the error message is as follows:

An unexpected error has occurred at procedure: modRegistry_IniGetString(sFile=C:\WINDOWS\control.ini, sSection=don't load, sValue=inetcpl.cpl)
Error #5 - Invalid procedure call or argument
Please email me at merij(AT)spywareinfo.com, reporting the following:
* What you were doing when the error occurred
* How you can reproduce the error
* A complete HijackThis scan log, if possible

Windows version: Windows NT 5.01.2600
MSIE version: 6.0.2800.1106
HijackThis version: 1.98.0

This message has been copied to your clipboard.

Of course, I would hesitate to email you with this as instructed...I've seen how full your mailbox is!
I seem to be in the minority with this error message, although I have seen other people with the same message in my travels (Including the third post above, which I am assuming is the same error).

I'm just curious if you or someone else might offer an explanation for this. And if there is an easy fix for it, maybe someone can clue me in.
Or possibly a "fix" will be included with your proposed "hotfix".

(As shown above, I'm using XP SP1 and IE6 with all updates and patches)
Thanks in advance for any comments or suggestions. :)

Edited by jabarnut, 30 June 2004 - 06:33 AM.


#16 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 30 June 2004 - 07:02 AM

merijn, if you are not god you must be closely related. shredder saved my sanity!!
new hijack this, great news great work.
CWShredder is not hitting about:blank though, new version any time soon?

Edited by jedi, 30 June 2004 - 07:04 AM.

jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#17 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 30 June 2004 - 08:20 AM


Hello, Merijn !!!

I'm just adding an additional reply regarding HJT, v.1.98 problems. I did send you another e-mail regarding the download/scannig "error report", as requested.

I don't know how big of a problem this is with v.1.98.

Just in case your mailbox is too full, or you haven't had time to check it, I'll put a copy of it here for others to read.
____________________________________________________________________

Hello, Merijn !

I re-downloaded HJT 1.98 and tried a scan. I got the same "Error Message" as before. Again, like before, it downloaded the Zip file without the usual "Dialog Box". I downloaded it into the Programs Files, into the "Merijn" folder ("HiJackThis" sub-folder). I think that the HJT v.1.97.7 that I currently run is located in my "Desktop" folder.

There are two additional items to note. First, v1.98 wouldn't connect to the update site, even though HJT v1.97.7 and CWShredder did. Second, the HJT v1.98 scan results had ALL of the entries (every single one!) checked for "fixing".

I don't know if any of this will help, or not. I hope it does. I haven't heard back from you regarding my "error report" e-mail from yesterday. I can only assume it is because you're very busy trying to figure out what went wrong and are fixing it.
I posted a reply on the forums site (HJT version 1.98 released), but haven't seen any response to it. Maybe there is something there today.

Robin Hickman
__________________________________________________________

An unexpected error has occurred at procedure: modRegistry_IniGetString(sFile=C:\WINDOWS\control.ini, sSection=don't load, sValue=inetcpl.cpl)
Error #5 - Invalid procedure call or argument

Please email me at merijn@spywareinfo.com, reporting the following:
* What you were doing when the error occurred
* How you can reproduce the error
* A complete HijackThis scan log, if possible

Windows version: Windows NT 5.01.2600
MSIE version: 6.0.2800.1106
HijackThis version: 1.98.0

This message has been copied to your clipboard.
_________________________________________________________

Anyway, I hope this reply has something in it that will help.

Robin Hickman :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#18 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 30 June 2004 - 08:51 AM

jedi....

CWShredder is not hitting about:blank though, new version any time soon?

Thought I might save you some time waiting for a reply....
Below is a quote and link from Merijn's site which is excellent as I'm sure you know, and you should check it out periodically for the latest news: (This is from the most recent news dated June 28, 2004)

Q.CWShredder isn't fixing my problem!
A. While it's been easy and even fun keeping CWShredder up to date, the recent variants are a living hell. The people who wrote the latest variants of the trojan surpass the older variants by far.
- Resident DLLs from the about:blank, res://xxxx.dll or invisible variants cannot be removed by CWShredder or HijackThis.
- Variants like f0r0r that are protected by Hacker Defender cannot be removed by CWShredder or HijackThis.

Q. When will CWShredder be updated again?
A. It won't be again, probably. I have a few bugs to fix, but after that there's not much left to do - I simply do not have the tools to remove the latest variants, they are too agressive or complicated to allow automated removal by CWShredder.


http://www.spywarein...rijn/index.html


And Robin- Hi!
If you read my post on the end of page one, you will see that we are experiencing the same error message so at least you are not alone. (I'm not having the other problems you are however). Anyway, we'll just have to wait and see how things evolve.
I do know one thing...Merijn has been extremely busy with his studies among other things, so we'll have to be patient. ;)

Edited by jabarnut, 30 June 2004 - 09:19 AM.


#19 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 30 June 2004 - 09:56 AM


Hello, Jabarnut ! :wave:

I thought Merijn might be busy, but I wasn't sure. I am embarassed to say that I forgot all about his being a student and having to study all the time. ( OOPS! )

I don't know how big the scan error message problem is. What I mean by that is, I don't know what percentage of HJT users are having the same problem.

Just a few of us? Most of us? 27.68712096739567849859% of us ???

Sorry to hear about the problems with CWShredder. I imagine the "Anal Orifices" who run the CoolWebSearch sites can afford to pay alot of programmers a lot of money to continue to refine the C.W.S. program.

I wonder if there are any qualified programmers out there who would be willing to help Merijn in building a bigger, better, badder, CWShredder ???

Would be nice.........(hint, hint) :lol:

In the meantime, I guess I'll just be patient.

My best to all, especially Merijn and all the GOOD people who help him !!!

Robin Hickman :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#20 Merijn

Merijn

    Coding monkey

  • Developer
  • PipPipPipPip
  • 260 posts

Posted 01 July 2004 - 03:15 AM

Robin, I am well aware of the O5 error msg in HijackThis 1.98, and I've updated the zip in my sig. Download that and see if the error message is gone. If so, I will propagate this build to the mirrors.

As for HT putting a checkmark next to all items: that's a setting you have probably enabled yourself. Check Config, 'Mark everything found for fixing after scan' and disable that.

#21 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 01 July 2004 - 04:45 AM

Hi Merijn-
I can't speak for "Robin", but I downloaded the link in your Sig (right above this post) and I'm still getting the 05 Error message.

The link is for the Exe. file by the way and not the Zip. (Although that doesn't matter to me one bit...just thought you might want to know).

Thanks again for all the hard work and the great programs. (And sorry about the bad news). :(

#22 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 01 July 2004 - 11:33 AM

[FONT=Times][SIZE=7]

Hi, All ! :wave:

My experience pretty much "mirrors" Jabarnut's.

Although I don't know what a "Sig" is, I went to what I think was your "home" page. I went to the Downloads page and re-downloaded HJT. When I opened it and started a scan I got the same "error" message as before, which I don't think I need to include here.

MERIJN, yes, I did have "Mark everything found for fixing after scan" (I am soooooo embarrassed!). It's now "unchecked", and everything looks "OK", I guess.

[NOTE TO SELF: I don't know what a"Sig" is, or what to do about it; and, I checked "Mark everything found for fixing after scan", then was surprised that everything was "marked" for fixing. Maybe I should change my signature here to read: "The only good Newbie, is a DEAD Newbie!" :wtf: ]

I'm not sure if this means anything, or not, but when I tried to use the "uninstall Hijack This" function, nothing happened. I waited a few minutes, then tried it again. Still nothing. So I simply "deleted" both copies of v.1.98 that were on my computer. Looks like my "Registry First Aid" program is going to have a "Field Day" trying to clean up my mess. :duh:

Anyway, thanks for your patience and your help !! :thumbsup:

Robin Hickman :wave:
REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#23 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 01 July 2004 - 11:57 AM

Hello again Robin...

Maybe I should change my signature here to read:....

Just for your information, you just answered your own question. Your signature or "Sig" is where you wrote "REMEMBER : The ONLY Good MalWare, Is DEAD MalWare". :D

Likewise, Merijn's "Sig"is where he has links to his individual downloads right above my last post. (And at the bottom of his post).

Anyway, hang tight. I'm sure the 05 error will eventually be resolved. ;)

(Edit) Hehe...By the way, I'm kind of glad you were unsuccessful in increasing your Font size in the last post.
As "Pretty" as it is, it sounds kind of loud to me.

Please don't take that wrong....all in fun. ;D

Edited by jabarnut, 01 July 2004 - 12:16 PM.


#24 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 01 July 2004 - 03:18 PM

jabarnut,

thanks, I'll remember you next time I need someone to state the obvious!
just my little joke you understand.
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#25 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 01 July 2004 - 03:34 PM



Hello, Jabarnut ! :wave:

So, "Sig" = "Signature" ? Looks like another entry in my "Duh!" files !!

Actually, I did click on Merijn's "my Special Place" link. I just now tried his "HJT" link in his "Sig" and re-downloaded HJT again. Still have the "Scan Error", and HJT still won't Un-Install itself. On the "Up Side", all the entries listed in the scan were UN-CHECKED !! :rofl:

As for font size, I've been trying to use the "Large" size [7]. Sometimes I try to modify it to read "9" or "10". I think the main problem is my forgetting to "Close All Tabs" at the end of my entry. I'm slowly starting to get the "hang of it".

Anybody who has read my "test" entries over at Net-Integration.Net can tell you that I've been exceedingly slow on picking this stuff up. For some strange reason, my entries on the "Test Forum" seem to be, by far, the most popular. :oops:

Oh, well... :whistle:

Robin Hickman :wave:


REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#26 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 01 July 2004 - 03:53 PM

Hi jedi...

thanks, I'll remember you next time I need someone to state the obvious!
just my little joke you understand.


I guess the joke is on me! I'm afraid I don't understand. :wtf:

You mean about CWShredder not being updated anymore, or "Sig" meaning Signature?

If you mean your question to Merijn about CWShredder being updated, I thought you were sincere and was trying to help.

If you meant "Sig" being "Signature", I was also trying to help (Robin), which I apparently did.

Then again, maybe you were referring to me pointing out that the link in Merijn's Sig was not a .zip file. I only mentioned that because he presented it that way to Robin. I guess it was rather obvious, but I certainly meant no disrespect.

Anyway, I guess I'm the one confused now. Did I say something to insult you???
If so, I certainly didn't mean it that way.

Not quite sure how I should take your comment though. :unsure:

Edited by jabarnut, 01 July 2004 - 04:11 PM.


#27 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 01 July 2004 - 07:39 PM



Jabarnut, you're OK in my book! :thumbsup:

It's always a little tough being a "Newbie", but I don't mind. :whistle:

Sometimes it's a little embarrassing, but I don't mind. :whistle:

I just figure if it's out in the open, where everyone can see it, maybe another "newbie" will learn something from it without being publicly embarrassed.

However, when I goof up something that I had already learned, THEN I mind !!

:ugh:

I'll check back a little later to see if there is anything new here that pretains to the problems listed earlier in this thread.

Robin Hickman :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#28 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 01 July 2004 - 08:05 PM

Thanks Robin- You're ok in my book too.
And don't worry about anything in a post being "embarrassing".... we're ALL "newbies" in this ever changing crazy world of Computers, good guys and bad guys.
That's how we learn, from our mistakes and by asking questions.

Actually, my entire post was directed at jedi, who for some reason seems to have a problem with something I said.
I would love an explanation, but it's probably best I just forget about it.

Take care! :wave:

Edited by jabarnut, 01 July 2004 - 08:08 PM.


#29 Merijn

Merijn

    Coding monkey

  • Developer
  • PipPipPipPip
  • 260 posts

Posted 02 July 2004 - 12:38 AM

Um. Ok.
Anyway, I've updated the HijackThis.exe and .zip downloads with a few bugfixes (still 1.98.0, manual update required) that should keep things cool while I'm away. The O5 invalid procedure call error should be ignored now but I'll look into a definitive solution after I'm back from my holiday (2-10 july).

Take care! :)

#30 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 02 July 2004 - 07:04 AM

Um....yes, I know. Some pretty strange posts. (What can I say, it was pretty late here on the East Coast USA) :mellow: :D

Anyway. Cool!!! Thanks Merijn!

As you said, the 05 Error message is finally gone at my end, and so are the F0 and F2 entries mentioned earlier in this thread.
Looking better all the time!

Enjoy your well deserved Holiday! :)

Edited by jabarnut, 02 July 2004 - 07:17 AM.


#31 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 02 July 2004 - 08:13 AM



Hello, Merijn ! :wave:
Hello, Jabarnut ! :wave:

Downloaded .exe file and ran a scan with NO problems! Was unable to check for updates (server unavailable).

Thank You, Merijn ! :thumbsup:

Hey, Jabarnut! Look on the bright side, at least there aren't any new entries in this thread which need translation !! :lol:

I wonder WHO in the SpyWareInfo hierarchy monitors the "Helper-Trainees" and their responses in the various threads ?? :whistle:

That's all for now. Will check back later.

Robin :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#32 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 03 July 2004 - 05:43 AM

jabarnut. sorry no offence offered or taken was just having a bad day. Apologies.
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#33 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 03 July 2004 - 07:34 AM

jabarnut. did not and have not got a problem with anything you said. Was trying, not very successfully, to express that I felt stupid for not reading the obvious site before asking dumb questions. The joke was the one that was on me. Value your imput and did not intend to confuse or offend you, and you are right my post did not make sense! No excuses but was in the middle of a major work-related I.T. meltdown and trying to do too many things at once. Many apologies.

Plus, if you know anything about Auriga systems please let me know. Or anyone.

Once again, apologies. :mellow:
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#34 jabarnut

jabarnut

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 03 July 2004 - 07:56 AM

Thanks jedi..no apology necessary. Honest!
I'm just happy I didn't somehow offend you.
Sounded at first like you thought I was insulting your intelligence which is something I would never do.

And I understand completely about work related "meltdowns"!

Was Chief Tech for a CATV System for many years. Just about did me in. No longer in the business.
Wish I could help, but unfortunately, I'm not familiar with Auriga systems at all. Hopefully, someone else reading this is.
Try to relax and enjoy the weekend if possible!
Thanks again for the reply.
Everything's cool!!! :)

Edited by jabarnut, 03 July 2004 - 08:00 AM.


#35 meandor

meandor

    meandor

  • Full Member
  • Pip
  • 60 posts

Posted 03 July 2004 - 01:58 PM

meandor, here a Newbie. I just installed V1.98 and am receiving the same error message as dkt, robin hickman and kd5
F0 system.ini: shell=
F2 reg: system.ini:userinit=C:\windows\system32\userinit.exe

Also receiving message about page being disabled where the answer hopefully is.

Never a problem when using V1.97.7

Any ideas someone??
Thanks

#36 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 03 July 2004 - 07:27 PM



Hi, Meandor ! :wave:

You might try what I did. After reading Merijn's post (on previous page), I Un-Installed the old copy of HJT 1.98, and clicked on the "HJT" link at the bottom of his post (it's part of his "signature"). I DownLoaded and installed a new copy of HJT 1.98.

If you read my previous posts in this thread, then you will already know that it worked for me !! :hyper:

Good Luck, and Godspeed !!

Robin Hickman :wave:

REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#37 meandor

meandor

    meandor

  • Full Member
  • Pip
  • 60 posts

Posted 03 July 2004 - 09:24 PM

Howdy Robin Hickman,
Thanks for the feedback I've removed the original v1.98 but I haven't had any success with a download from Merijn's Sig site. Could be
busy or Server problem as it's just not opening. I'll keep trying.
I've had this type of problem before and find if I keep trying eventually I get through.
Meandor

#38 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 09 July 2004 - 11:41 AM

panchostein1, Your post moved to a thread of your own.
http://www.spywarein...topic=14078&hl=

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#39 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 20 July 2004 - 09:44 AM

I am moving all the recent posts in this thread that refer to Meandor's problems. They are now in a new topic in the PC Troubleshooting forum.

http://www.spywarein...topic=16644&hl=

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#40 shalafi

shalafi

    Member

  • Full Member
  • Pip
  • 18 posts

Posted 23 July 2004 - 11:23 AM

Anyone else seen the bug where 1.98 has a very small internal window making it impossible to read the entire lines of what it found? Mostly happens to me when I run it in safe mode. I run it on lots of computers and it only appears to happen on 1/3rd of them. It is pretty common.

#41 meandor

meandor

    meandor

  • Full Member
  • Pip
  • 60 posts

Posted 23 July 2004 - 01:08 PM

Response to SHALAFI,

Meandor here. I had mentioned not being able to read all items in HJT 1.98 on my Ignore List in a post earlier. The objects found exceeded the capacity of the Ignore List window. There isn't a down arrow to schroll the last few items into view. I know the items are there but I can't schroll them. The schroll bar bottoms out along the lower edge of the window. I don't have an answer for this problem. I've also posted regarding an additional problem in previous posts, I receive an Error 5 message at the beginning of each scan with 1.98, I haven't found a solution to this problem either. I'm suspecting it's due to something in my computer, as I've installed HJT 1.98 "Hotfix" on two other computers, they scan OK without any error messages. However both have the same problem of not being able to schroll down (no down arrow) and view all items found. I suspect the schroll problem is something amiss in the v1.98 program. I also have v1.97.7 available on my system and everything is fine when I scan with it. I keep hoping Merijn will respond with a permanent fix or update for 1.98 but perhaps the Hotfix is all we'll be receiving for awhile. Sorry I don't have a solution for your schrolling down problem.

#42 kisc

kisc

    Insane Ninja Hero

  • Full Member
  • PipPipPip
  • 140 posts

Posted 23 July 2004 - 01:09 PM

Yeah, I've seen that problem in safe mode, or occasionally with PCs that are set to 640x480. I don't think this is the place to talk to the creator about scrollbars though.

[edit: Dunno why I thought we were talking about Spybot S&D, but that's the link I put in here originally.]

http://www.spywareinfo.com/~merijn, though he does as much stuff on these forums as he does email.

Edited by kisc, 23 July 2004 - 01:12 PM.


#43 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 23 July 2004 - 01:16 PM

Remember folk, CNM has moved the rest of this thread over to the "PC Troubleshooting" forum.

http://www.spywareinfoforum.com/index.php?showtopic=16644&hl=

(sorry, I can't seem to be able to figure out how to make the hyper-link work)

Just click on the link that CNM provided in her post (above).

Thanx,

Robin Hickman :wave:
REMEMBER : The ONLY Good MalWare, Is DEAD MalWare

#44 wreck

wreck

    Always Learning!

  • Full Member
  • PipPipPipPip
  • 285 posts

Posted 23 July 2004 - 02:40 PM

Just a friendly hint to Robin:
When you want a hyper link to appear, simply paste the the address into your message "as is." Do not add any tags, underlines or bold html tags. You can try it in the "TEST " forum if you wish!

Posted Image
"It's not the size of the dog in the fight -- it's the size of the fight in the dog."

#45 Robin Hickman

Robin Hickman

    Just Another Old-time Newbie.....

  • Full Member
  • Pip
  • 32 posts

Posted 24 July 2004 - 02:17 AM

Hello, Everybody !! :wave:

Just a friendly hint to Robin:
When you want a hyper link to appear, simply paste the the address into your message "as is." Do not add any tags, underlines or bold html tags. You can try it in the "TEST " forum if you wish!


O.K.

http://www.spywarein...topic=16644&hl=

How's That ??

Robin Hickman :wave:

PS. It helps when you use the "Copy Shortcut" function.
REMEMBER : The ONLY Good MalWare, Is DEAD MalWare




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button