13 replies to this topic

[Caleb]

After using HiJackThis and Ad-Ware to eradicate a nasty pop-up infestation, I logged into mIRC for the first time in 8 years. I had read on the spywareinfo site about channel #privacy on server irc.dixie.net.

I was really just curious to see what people were chatting about and to share my experiences. Imagine my surprise after being treated as if I were a lost puppy and then called a liar by a person who is purportedly a "teacher" of HiJackThis. :gasp:

I mostly just let it go, but I decided to send a screenshot to prove that HiJackThis can in fact display the message "No Suspicious Items Found!" After I emailed the screen shots to the person who had previously called me a liar, I received the following email:

--------------------------------------------------------------------------------------------
Ya know, Eric… That was a really [f***ed] up thing to do. That was THE WORST edit job I have ever seen in my whole life. You would think someone with a master’s degree from Georgia Tech would be smarter than that. You’re too funny. That was pathetic!

nic

--------------------------------------------------------------------------------------------

At first I didn't know what to make of this email, then I realized that <nic> must believe the screenshot I sent her was a forgery. It wasn't.

In case <nic> is reading this post, could someone help me out here. When using HJT has anyone else ever clicked all the display items, then pressed "Add Checked to Ignore List" button, done another Scan, and had the message "No Suspicious Items Found!" displayed?

Attached Files

•  More_HJT_Screenshots.pdf   46.4KB   117 downloads

[cnm]

by a person who is purportedly a "teacher" of HiJackThis.

Not a teacher here. Please see The various helper groups here.

http://www.spywarein.../HijackThis.exe

In fact it is true, if you put everything in the Ignore List you will get that message. HijackThis has nothiing to scan. I just did the experiment, see screenshot. Easy experiment to do.

Note: Generally best not to add anything to ignore list. Log can be misleading to people helping with it.

We apologize for member's intemperate and mistaken email.

Attached Files

•  temp.JPG   20.05KB   34 downloads

[Jackb]

Caleb,

firstly, I am sorry. Secondly, it would have been nice if you had told us you added everything to ignorelist (which, incidentally, is a bad idea)

[sin]

A few words in my defense:

1) "a "teacher" of HiJackThis. " Never once, did I claim to be a "teacher" of hijackthis. Not once. I believe the statement you are referring to was made by ChrisRLG, who is definitely more a teacher of hjt than I could ever try to be. I have never taught it, nor have I claimed to. I believe what Chris said was something along the lines of "some of us teach it", he was NOT referring to me.

2) As pugs pointed out "Caleb you were also rude to people when they were trying to help you." This is quite true. And, as Jackb stated, "it would have been nice if you had told us you added everything to ignorelist". Had we known this, I doubt it ever would have become such a problem. Telling the full story is always a good thing, in addition to telling the TRUTH.

3) The first email you sent me, the attachment appeared to be a falsification... I sent it to SEVERAL people who are well versed in both photo editing AND hijackthis. They too, believed it to be a falsification.

4) I *tried* to give you a chance. Even when another member, an expert - I might add- kickbanned you from the chatroom, I removed that ban. I talked to you privately and I gave you a chance. I even didn't mind when you joined another chatroom, one that I founded and run. The bottom line is, I was willing to give you a chance, when no one else would.

5) If you, or anyone else would like to see the logs I have from our conversations in the chatrooms, or the emails, I would be happy to show/send them to you, and that includes the first screenshot you sent to me, the one that -appeared- to be a fake. Please feel free to contact me.

Lastly, I apologize for all of this. My attitude took a wrong turn with you when yours took a wrong turn with me. I suggest next time you give people information such as what you did to us, that you give them a complete account.

nic

[Zero]

I fail to see why you would apolgize for another member, cnm, when you were not even there to see what happened. You cannot speak for other people.

Why base something off one side of the story when you can hear both sides?

I was there, I heard, I saw, he was rude and attacked everyone in the channel making comments of how if we dont know what the application does we shouldent be helping people with it.

[cnm]

I apologized on behalf of SWI for the abusive and mistaken email. In my opinion it is not excused by possibly bad behavior of the other person.

What a Member does is their own business, but to the extent that it is associated with SWI or #privacy, it reflects on us. Abusive email is out, period.

In fact he was right, you didn't know what the application does and didn't bother to experiment and find out.

[Archon_Wing]

I see too much flame bait. Please close?

Edited by Archon_Wing, 28 June 2004 - 03:21 PM.

[Zero]

I apologized on behalf of SWI for the abusive and mistaken email.  In my opinion it is not excused by possibly bad behavior of the other person.

What a Member does is their own business, but to the extent that it is associated with SWI or #privacy, it reflects on us.  Abusive email is out, period.

In fact he was right, you didn't know what the application does and didn't bother to experiment and find out.

Ok I'll keep that in mind, as I dont know how Hijackthis works, I wont review any logs. You really should ask for the logs of what happened before making judgement cnm.

[cnm]

I was simply referring to the message in the pic here, Zero.
http://forums.spywar...indpost&p=35938
which Caleb was told could never appear. This has nothing whatever to do with analyzing logs, obviously.

I think we should close this thread.

[shalafi]

edit

Edited by shalafi, 28 June 2004 - 05:22 PM.

[Archon_Wing]

Fixing everything in HJT may make your computer still work, but that may not get rid of all the crap that is there. In many cases, Hijack This does not delete the actual file, so the malware is still there on the computer. Also, in cases like the peper trojan, fixing the HJT entry will only cause it to come back. Furthermore, running Firewall and Antivirus software at startup is strongly recomended.

Also, by fixing everything in HJT, it makes it more difficult to troubleshoot the problem. We can't identify CWS, if one were to fix everything and GOd knows Hijack This does not fix CWS>

So it may not bork your computer, but it may make it harder to find problems with it.

Then of course, you can do whatever you want, as long as it's legal.

Edited by Archon_Wing, 28 June 2004 - 04:13 PM.