The Computer Blues

[Guest DizzySpells]

Kinda off topic, but I just downloaded Firefox and I'm digging it. I used an earlier version of Mozilla a few years ago and didn't care for it, but this is much better. Quicker, smaller, and cleaner than IE, too.

Good stuff!

Make sure to get some of the fabulous extensions. They really make Firefox what it is/can be.

Tabbed browsing with more comfort, the Web Developer extension to get a great view of how pages were programmed, the googlebar, adblock, ...

Tons of good and very useful stuff on the extensions download page. Make sure to read user comments before downloading.

[Guest che]

Just to illustrate the discussion re-Mac Vs PC, just before I was setting off for a lecture tour, my lap-top PC crashed. Someone had sent me a virus, it got through and that was that. But I had backed everything up onto the Mac and all ended well. I will never go back to using a PC as my main computer.

Che.

[Uncle Skid]

Make sure to get some of the fabulous extensions. They really make Firefox what it is/can be.

Tabbed browsing with more comfort, the Web Developer extension to get a great view of how pages were programmed, the googlebar, adblock, ...

Adblock is still my favorite. Ya gotta love the ability to make all those annoying ads go away. Plus, with Firefox, I haven't seen a popup ad in quite a long time!

Firefox w/Adblock vs IE at allmusic.com:

Edited March 12, 2005 by Uncle Skid

[Guest DizzySpells]

Yes, great browser.

Lately I've been experiencing a lot more "pop-unders" (I believe they are called that). That's started happening since I've updated to the new version, but I don't think the two are related. I think that spammers of all types are just beginning to really target Firefox, now that it has such a broad user base.

"Pop-unders". Do you know a way/extension/tweak to avoid those in Firefox?

Note: "Pop-unders" are windows that "pop-up" behind the main browser window. Annoying!

[Soulstation1]

i d/l-ed firefox and also have the norton's i/s running

ss1

[Soulstation1]

holy crap

i am zippin' around the internet

ss1

Edited March 13, 2005 by Soulstation1

[Soulstation1]

how do you set it up, so that your google searches are not stored?

ss1

[wesbed]

Anyone, feel free to download hijack, run it, and post the log here.  I can help tell you what is bad and what is good and my brother is even better.  He's a computer whiz.

Ok. Here's my HijackThis log. Is there anything you recommend fixing or getting rid of?

Logfile of HijackThis v1.99.1

Scan saved at 8:07:46 PM, on 3/13/2005

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\PROGRA~1\Navnt\navapsvc.exe

C:\PROGRA~1\Navnt\npssvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\devldr32.exe

C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE

C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe

C:\Program Files\Navnt\POPROXY.EXE

C:\WINNT\System32\qttask.exe

C:\WINNT\system32\atiptaxx.exe

C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\PROGRA~1\PESTPA~1\PPControl.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

C:\Program Files\Navnt\NAVAPW32.EXE

C:\Program Files\AboutTime\AboutTime.exe

C:\PROGRA~1\Navnt\alertsvc.exe

C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINNT\msagent\AgentSvr.exe

C:\Documents and Settings\wesbed1\Desktop\backups\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wunderground.com/US/AZ/Tucson/KDMA.html

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE

O4 - HKLM\..\Run: [LoadQM] loadqm.exe

O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"

O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe

O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Navnt\POPROXY.EXE

O4 - HKLM\..\Run: [QuickTime Task] C:\WINNT\System32\qttask.exe

O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe

O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

O4 - Startup: AboutTime.lnk = C:\Program Files\AboutTime\AboutTime.exe

O4 - Startup: UD Agent.lnk = F:\UD Cancer Project\UD.EXE

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\NAVAPW32.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/10ba446ce2c36b818e05/netzip/RdxIE2.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://instantsupport.hp.com/motivedocs/installs/isetup.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security2.norton.com/SSC/SharedCont...c/bin/cabsa.cab

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe

O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe

O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe

[Jim Alfredson]

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/10ba446ce2c36b818e05/netzip/RdxIE2.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

All of these things make me nervous. But I have to do more research. What the hell is HouseCall Control? I don't like that one of the folders is called "netzip". Netzip is nasty stuff.

Don't do anything yet. Like I said, gotta do more research.

[Kevin Bresnahan]

I believe Abouttime.exe is a spyware program. That's the one that loads when you go to a website and a pop up window comes up saying "YOUR CLOCK MAY BE WRONG".

BTW, I see where you have DirectCD loaded. Unless you really use this application to make formatted CD-RW discs for temporary storage, I'd recommend dumping it. It's a resource hog and interferes with your burner drive boot properties. I wish I never installed that POC software back in the old days.

Kevin

[wesbed]

Housecall is a free online virus scanner created by Trend Micro. From what I know (which isn't everything), it's known to be safe, sometimes even recommended for computers that don't have an antvirus program already installed.

HouseCall

Abouttime.exe is not spyware. It's a 'time' program that checks the internal computer clock against an internet time server. Also, it gives the option of entering any time server that is desired if the user doesn't like the time servers that are pre-selected by the AboutTime programmer. The program is so old (1999) that I don't believe it would know how to be spyware.

AboutTime

I'm not sure about the ipixx.cab file. I believe it's the plugin for I-PIX files viewed on web pages. It could be harmful, I don't know.

I removed the RdxIE2.cab file. I learned it is known malware.

I'll investigate the DirectCD program.

Thanks for any opinions offered.

[Soulstation1]

now i can't use the norton's i/s with mozilla

i can surf on 1 web site, but if i go to a different web site i have to disable nortons

also i have to disable nortons inorder to get on the net

ss1

Edited March 31, 2005 by Soulstation1

[Kevin Bresnahan]

Sounds like a download trojan virus. Are you still using Firefox to surf?

I have found a good program for rooting out the nasty programs. It's called X-Ray PC. You can get it from http://www.x-raypc.com. Download it (it's a .zip file), unzip it and run. It brings up a window with all the processes running on your machine. Click the "Online Analyzer" button and check the "Triage" column. Any process that comes up bad, click it and then click the trash can. Poof. Gone.

Kevin

[Soulstation1]

where is the trash can on the screen?

i must have over 20 items that are BAD

thanks

[wesbed]

where is the trash can on the screen? i must have over 20 items that are BAD

Man, get the BAD shit cleaned out.

Afterward, go here, get a copy of Spybot, get it updated, and set it to 'Immunize.'

Go here, get SpywareBlaster, get it updated, and set it to protect you from everything.

Your computer shouldn't continue to get infected as much as it has been.

Edited April 1, 2005 by wesbed

[Soulstation1]

i just finished using nortons' a/v and it found 28 items removed them

i just went through over 300 emails

which could be part of the problem

[Soulstation1]

i just used x-ray tech and it found about 5 BAD items

also i have the norton's running

WTF

[wesbed]

i just used x-ray tech and it found about 5 BAD items also i have the norton's running WTF

Norton checks for 'viruses.' The BAD items found by X-Ray Tech are probably not viruses. The BAD items are probably other types of malware such as adware, spyware, various browser hijackers and the like.

You need Norton and other given anti-spyware programs such as the couple I listed in my post above. I've read some opinions that say, these days, Norton is not 'the best' anti-virus program (even though it's what I use). Some people recommend the free, online virus scan from Trend Micro located here.

Viruses are only a part of the many items that can infect your computer in these modern times.

Edited April 1, 2005 by wesbed

[wesbed]

Also, consider adding a custom Windows HOSTS file such as the one offered here. I keep my HOSTS file updated from this sight whenever an updated HOSTS file becomes available.

You can hardly have too much protection from potential computer threats.

Edited April 1, 2005 by wesbed

[Soulstation1]

i've been using mozilla firefox this past month

ss1

[wesbed]

i've been using mozilla firefox this past month

This is also smart.

I use Firefox 99% of the time. Some web pages are written for Internet Explorer and Firefox can mis-display these pages. Otherwise, Firefox is my browser choice. I use the hell out of the Tabbed Browsing option.

[Soulstation1]

posting pics/images is ALOT easier with mozilla

Edited April 1, 2005 by Soulstation1

[Soulstation1]

do u use bookmarks MORE than the drop down address bar?

[wesbed]

posting pics/images is ALOT easier with mozilla

Oh yeah.

Firefox is the superior web browser versus Internet Explorer, in my opinion. Did you get the updates for Firefox. It's up to version 1.02 as I type these words.

[Jim Alfredson]

ss1, norton is a piece of crap. Do yourself a favor and get AVG (www.grisoft.com). They have a free version and even the virus database updates are free. It's also smaller than Norton and doesn't clog up your resources. Norton is a memory hog.

AVG Free Edition is here:

http://www.grisoft.com/doc/40/lng/us/tpl/tpl01

That said, you still need a program that scans for malware, spyware, and the like. Ad-Aware is a good one.