LuckyStrike
July 2nd 04, 07:11 AM
Didn't create any new folders. In fact, it has never even made one folder
since I've had it onboard. As you've said, none that were obvious or
noticeable. Now, there is *one* thing which appears new: There is a "faster
than the eye can see" something in deep dark purplish-blue which says
"....... trusted zones...". This might have to do with the most recent
changes detected since a prior scan (?). I'm not sure yet. But, as you know,
I was forced to screw around with the trusted site zones relatively
recently, and am still in that process, like adding Henri's, Sandi's, Mike
Burgess, and other (reputable) sites where they use scripting to make their
page features work.
I've not noticed any new or different "definitions" as yet, but I haven't
dissected the entire program, or put it under the loupe as yet either.
It "installed" (Well !.......excuuuuuuuse me!) (downloaded and unzipped,
extracted,... whatever) the program as quickly as it ever did (same as
CWShredder f'rinstance) and opens as quickly as per usual. That's the end of
my preliminary report for the moment. I'll keep you abreast of whatever
"new" which may crop up.
--
LuckyStrike
--------------------------------------------------------------------
"PCR" wrote:
> You are correct. I chickened out on the update, though. It's blurb
> sounds like it is about to get busier than before, creating folders &
> such. I don't think it was creating folders before, none that I have
> spotted. Also, is it beginning to use "definitions"? How did it go for
> you?
>
>
> --
> Thanks or Good Luck,
> There may be humor in this post, and,
> Naturally, you will not sue,
> should things get worse after this,
> PCR
>
> "LuckyStrike" wrote in message
...
> | You're welcome. This update was a long time in the making, as per info
> from
> | Merijns' site. But it has probably never found a *single thing* to do
> on
> | your PC PCR! <vbs>
> | --
> | LuckyStrike
> | m
> | --------------------------------------------------------------------
<snipped...>
While I was renaming the old one, I accidentally deleted it. Therefore,
I went ahead & installed the new. It is an "install", but only of a
single executable. I don't see that any folder was created, except the
one I myself made... "C:\Program Files\HijackThis". I guess that blurb
was talking about a "Backup" folder, likely to hold removed items (for
"undo"). But I've never removed anything with it. I don't see that it
came up with anything new.
| Now, there is *one* thing which appears new: There is a "faster
| than the eye can see" something in deep dark purplish-blue which says
| "....... trusted zones...".
Let me run it again... Geez!... I don't know if it flashed by, but it
hasn't ended up in...
Logfile of HijackThis v1.98.0
Scan saved at 02:43:47 AM, on 7/2/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\ptsnoop.exe
C:\WINDOWS\TASKMON.EXE
C:\MOUSE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\CIJ3P2PS.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\ALOGSERV.EXE
C:\WINDOWS\DRWATSON.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\RSRCMTR.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVCONSOL.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSHWIN32.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMPAQ\ON-SCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\WEBSCANX.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?s=consumer&LC=0409&c=1c00
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?s=consumer&LC=0409&c=1c00
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c00&s=searchbar&LC=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer
R3 - URLSearchHook: URLSearchHook Class -
{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\PROGRAM
FILES\NZSEARCH\SEARCHENH1.DLL
O2 - BHO: QPHlprObj Class - {EFD440C0-0943-11d3-9D65-00A0CC22CBC4} -
C:\WINDOWS\QPHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} -
C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access
Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button
Support\eaclean.exe
O4 - HKLM\..\Run: [CompaqPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [CIJ3P2PSERVER] CIJ3P2PS.EXE
O4 - HKLM\..\Run: [Alogserv] C:\Program Files\McAfee\McAfee
VirusScan\alogserv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal
Firewall\persfw.exe" /hide
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program
Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O4 - Startup: Dr. Watson.lnk = C:\WINDOWS\DRWATSON.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program
Files\WinZip\WZQKPICK.EXE
O4 - Startup: Resource Meter.lnk = C:\WINDOWS\RSRCMTR.EXE
O8 - Extra context menu item: Open Frame in &New Window -
C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=1c00&lc=0409
(file missing)
O9 - Extra 'Tools' menuitem: AV &Translate -
{06FE5D05-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=1c00&lc=0409
(file missing)
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=1c00&lc=0409
(file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL -
{06FE5D02-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=1c00&lc=0409
(file missing)
O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=1c00&lc=0409
(file missing)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host -
{06FE5D03-8F11-11d2-804F-00105A133818} -
http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=1c00&lc=0409
(file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
should things get worse after this,
PCR
"LuckyStrike" m>
wrote in message ...
| Didn't create any new folders. In fact, it has never even made one
folder
| since I've had it onboard. As you've said, none that were obvious or
| noticeable. Now, there is *one* thing which appears new: There is a
"faster
| than the eye can see" something in deep dark purplish-blue which says
| "....... trusted zones...". This might have to do with the most recent
| changes detected since a prior scan (?). I'm not sure yet. But, as you
know,
| I was forced to screw around with the trusted site zones relatively
| recently, and am still in that process, like adding Henri's, Sandi's,
Mike
| Burgess, and other (reputable) sites where they use scripting to make
their
| page features work.
|
| I've not noticed any new or different "definitions" as yet, but I
haven't
| dissected the entire program, or put it under the loupe as yet either.
|
| It "installed" (Well !.......excuuuuuuuse me!) (downloaded and
unzipped,
| extracted,... whatever) the program as quickly as it ever did (same as
| CWShredder f'rinstance) and opens as quickly as per usual. That's the
end of
| my preliminary report for the moment. I'll keep you abreast of
whatever
| "new" which may crop up.
| --
| LuckyStrike
| --------------------------------------------------------------------
| "PCR" wrote:
| > You are correct. I chickened out on the update, though. It's blurb
| > sounds like it is about to get busier than before, creating folders
&
| > such. I don't think it was creating folders before, none that I have
| > spotted. Also, is it beginning to use "definitions"? How did it go
for
| > you?
| >
| >
| > --
| > Thanks or Good Luck,
| > There may be humor in this post, and,
| > Naturally, you will not sue,
| > should things get worse after this,
| > PCR
| >
| > "LuckyStrike" wrote in message
| ...
| > | You're welcome. This update was a long time in the making, as per
info
| > from
| > | Merijns' site. But it has probably never found a *single thing* to
do
| > on
| > | your PC PCR! <vbs>
| > | --
| > | LuckyStrike
| > | m
| >
| --------------------------------------------------------------------
| <snipped...>
|
|
vBulletin® v3.6.4, Copyright ©2000-2024, Jelsoft Enterprises Ltd.