2 Cool Fishing Forum banner
1 - 20 of 21 Posts
G

·
Discussion Starter · #1 ·
Is anyone else having trouble getting to: http://www.lavasoftusa.com/ ?
I keep getting a "site not available" message when I try to log in to check for updates.

Also, yesterday a site (TV Guide.com) forced me to download MacroMedia's "Flash". Since then my browser (IE 6 running under Win 98) crashes and recycles when I try to access some sites (mainly Yahoo and TV Guide). - Anybody got any ideas? Do I have to download IE again?

Thanks, -JAW-
 

·
Premium Member
Joined
·
40,471 Posts
I checked both

and was able to reach them with no problem. Sometimes a site will reach their CGI limits if there is a big rush. Just try again later. TV guide does use the flash plug in and you might not have had it installed, once installed you should no longer get the message.

You can repair IE. I believe IE 5 is on win98 but any new vwesion should be the same.
  1. Click Start, point to Settings, click Control Panel, and then double-click Add/Remove Programs.
  2. On the Install/Uninstall tab, click Microsoft Internet Explorer 5, click Add/Remove, click Repair the current installation of Internet Explorer, and then click OK.
If the Internet Explorer Repair Tool Verification does not work, or if Internet Explorer 5 is not listed in the Add/Remove Programs tool in Control Panel, you may be able to start the Internet Explorer Repair tool from a command prompt:

  1. Click Start, and then click Run.
  2. In the Open box, type the following command, and then click OK: rundll32 setupwbv.dll,IE5Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt"
 
G

·
Discussion Starter · #3 ·
bill said:
and was able to reach them with no problem. Sometimes a site will reach their CGI limits if there is a big rush. Just try again later. TV guide does use the flash plug in and you might not have had it installed, once installed you should no longer get the message.

You can repair IE. I believe IE 5 is on win98 but any new vwesion should be the same.
  1. Click Start, point to Settings, click Control Panel, and then double-click Add/Remove Programs.
  2. On the Install/Uninstall tab, click Microsoft Internet Explorer 5, click Add/Remove, click Repair the current installation of Internet Explorer, and then click OK.
If the Internet Explorer Repair Tool Verification does not work, or if Internet Explorer 5 is not listed in the Add/Remove Programs tool in Control Panel, you may be able to start the Internet Explorer Repair tool from a command prompt:

  1. Click Start, and then click Run.
  2. In the Open box, type the following command, and then click OK: rundll32 setupwbv.dll,IE5Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt"
Bill, I followed your instructions to repair MS IE (ver. 6.028). I can now (or at least I could) log onto Yahoo. - I cannot reach AdAware by clicking on the box in the program (I get a "not found on this server mesg.). I got to AdAware by clicking on the sticky you provided, but before it could completely open I got the "MicroSoft Internet Explorer has encountered a problem and needs to close. We are sorry for the inconvience." - It then asks me if I want to send an error report message to MS, and gives me an oportunity to view the message (which is a page full of alpha-numeric gibberish to me). When I click OK IE recycles so I don't know if the message gets sent. :(
 

·
Premium Member
Joined
·
40,471 Posts
Is there any more info it's giving?

Like invalid page fault or shell? Is Ad-aware the only site? Have you done any critical updates for windows? The error should give more info so we can try and pin it down. Clear out your temp folders.
 
G

·
Discussion Starter · #5 ·
bill said:
Like invalid page fault or shell? Is Ad-aware the only site? Have you done any critical updates for windows? The error should give more info so we can try and pin it down. Clear out your temp folders.
Bill, at the moment it is only happening at the AdAware site. It started at the TV Guide site when they upgraded. Then it happened at Yahoo, and they have just done a change too. Both sites seem OK now. It started on those sites, and occurs on AdAware now when I click OK on a request to let an ActiveX operation occur. - The error message then pops up. I can read the details. It is quite large. The window will not let me copy the message, so I cannot post it here for you to see and explain to me.
I clean my cookies and temp. internet files every day.
I have not done any updates to windows or IE in quite some time.

My current solution is to deactivate ActiveX functions on all but trusted sites like this one. - Anything else I can try or should do.
 

·
Premium Member
Joined
·
40,471 Posts
Go ahead

and check for any microsoft updates. You could also disable script debugging. It's kinda weird that it only happens on the one site now.

If you would like, the next time it happens, push the printscreen key (this will copy it to your clipboard) then open the paint program, select edit then paste. You can then save it as a bitmap and attach it here like a image.
 
G

·
Discussion Starter · #7 ·
bill said:
and check for any microsoft updates. You could also disable script debugging. It's kinda weird that it only happens on the one site now.

If you would like, the next time it happens, push the printscreen key (this will copy it to your clipboard) then open the paint program, select edit then paste. You can then save it as a bitmap and attach it here like a image.
I don't allow many non "trusted" sites to send me ActiveX stuff, so I don't OK the process very often. If it happens on another site, I will post it up. Right now I have no reason to go back to AdAware since I just upgraded to SE.

Another question: My account with McAfee is just about to be up for renewal. Should I stick with them or go elsewhere?

:rybka:
 

·
Premium Member
Joined
·
40,471 Posts
I would look for another anti virus program

IMHO McAfee just can not get the job done (for a program that you have to pay for). I like AVG anti-virus with a Zone Alarm firewall. Both are free and have not let me down.
 
G

·
Discussion Starter · #9 ·
Fire wall?

bill said:
IMHO McAfee just can not get the job done (for a program that you have to pay for). I like AVG anti-virus with a Zone Alarm firewall. Both are free and have not let me down.
O.K. I have deleted McAfee and downloaded AVG.
I am using Agnitum's Jammer 2. Isn't that a firewall? It alerts me to port attcks (and blocks them) and allows me to send reports of attacks back to the web hosts.

:rybka:
 

·
Premium Member
Joined
·
40,471 Posts
Jammer is fine

the Outpost is supposed to be better but I'm not sure why, I read their description on the website. I think the key is to be able to control not just what comes into the computer what what goes out, why would the mouse need access to the internet?
 
G

·
Discussion Starter · #11 ·
bill said:
the Outpost is supposed to be better but I'm not sure why, I read their description on the website. I think the key is to be able to control not just what comes into the computer what what goes out, why would the mouse need access to the internet?
Jammer 2 also asks if I want to allow something to have internet access. It remembers most of my OKs, but asks about MailWasher Pro every time I load it.
It is amazing how many port scannings/attacks it reports in a day. Probably averages more than 100. I have to keep clearing the log file because it gets so big.
The only thing I wish it did differently would be to report the attack automatically rather than make me click something every time.
 

·
Premium Member
Joined
·
40,471 Posts
You are probably getting "false" alarms

because you are on broadband, the ISP will ping the connection. Then when you click on something it takes you to a whois site for lookup. If you are getting "other" hits then it might mean that possibly at one point you had a backdoor open and someone was using you as a jump, it could be other things but I always look at the worst. You could take the IP and search it here.
http://www.dnsstuff.com/
 
G

·
Discussion Starter · #13 ·
bill said:
because you are on broadband, the ISP will ping the connection. Then when you click on something it takes you to a whois site for lookup. If you are getting "other" hits then it might mean that possibly at one point you had a backdoor open and someone was using you as a jump, it could be other things but I always look at the worst. You could take the IP and search it here.
http://www.dnsstuff.com/
Actually, Bill, I'm on slow speed dial-up (28800 at the moment). I get pinged at times before I even open IE. Some times just making a connection to check my e-mail will result in a series of attacks. Sometimes I will get only three hits from one source, other times an attacker may make automated pings for 10 to 15 minutes at a burst rate of several a second befor a pause.

I have never been able to find any viruses, trojans, or spyware on this computer, and I have used a lot of programs to search for them. I have started to wonder if my address has been passed around as a hacker challenge, although there will be nothing to see if they do get in. :)
A lot of the pingers end in .edu
 
G

·
Discussion Starter · #14 ·
Pinger Attack

Here is the most recent pinger report, six hits in three seconds from the same source with four different local ports.

This report was automatically generated by Jammer.
Jammer: your cyber fortress.

-------------------------------------------------------------------------
Type of attack: Possible TCP port scanning
Time: Sun Aug 15 14:33:53 2004 [Local GMT bias -4:00]
Source IP: 199.33.234.4
Source Port: 1329
Local Port: 57
 

·
Premium Member
Joined
·
40,471 Posts
yep, it's spammers
OrgName: Marketing Force
OrgID: MARKET
Address: 1757 Northfield Drive
City: Rochester Hills
StateProv: MI
PostalCode: 48309
Country: US

NetRange: 199.33.234.0 - 199.33.235.255
CIDR: 199.33.234.0/23
NetName: NETBLK-MFORCE-2
NetHandle: NET-199-33-234-0-1
Parent: NET-199-0-0-0-0
NetType: Direct Assignment
Comment:
RegDate: 1994-01-20
Updated: 1994-01-20

TechHandle: HE3-ARIN
TechName: Eland, Howard
TechPhone: +1-248-364-8585
TechEmail: *********@sparinc.com

OrgTechHandle: KRB-ARIN
OrgTechName: Borders, Kevin R
OrgTechPhone: +1-248-364-8585
OrgTechEmail: *********@sparinc.com

# ARIN WHOIS database, last updated 2004-08-12 20:10
 
G

·
Discussion Starter · #16 ·
Can't open PhotoDeluxe

Bill,
I tried to printscreen the error message I get when an ActiveX function tries to run on a "non-trusted" site, but then found that Adobe PhotoDeluxe would not open because some file is missing. Where do I go to get it?

Here is the error message:

TheSHELL32.DLL file is
linked to missing export
SHLWAPI.DLL:SHRegGetUSValueA
 
G

·
Discussion Starter · #17 ·
bill said:
yep, it's spammers
OrgName: Marketing Force
OrgID: MARKET
Address: 1757 Northfield Drive
City: Rochester Hills
StateProv: MI
PostalCode: 48309
Country: U. . .
Bill, Why would SPAMmers ping? Aren't they busy just sending all their **** by e-mail? Why try and access my ports? What would it gain them?
 

·
Charter Member
Joined
·
225 Posts
SPAMers want YOUR pc!

-JAW- said:
Bill, Why would SPAMmers ping? Aren't they busy just sending all their **** by e-mail? Why try and access my ports? What would it gain them?
Excuse me for jumping in here.

What spammers want is your pc.

If your pc has one of the virus or trojans that allow your pc to be remote controlled, the spammers can use YOUR pc to spam from! The spammer can't be tracked back that way. This is one reason why there is so much spam, there are thousands of home pc's that have been taken over this way, if not millions of them. The term for a pc that has been taken over like this is "owned".

This is why it is so important that proper security be installed on a pc before it's connected to the internet, even a dial up. Spammers just love to get hold of a pc on a high speed cable connection, they can really rock 'n roll then! These type of "owned" pc's are also used in DOS (Denial of Service) attacks.

-JAW-, if you have installed a good firewall, and keep your antivirus up to date, I don't think it's worth seeing all the logs or indications of "attacks" against your pc. I just turn off the logging and messages about attacks. There are so many, it's just a constant "noise" now when your pc is connected to the internet.
 

·
Premium Member
Joined
·
40,471 Posts
Good advise Topcat

I have mine turned off as well, get so many pings it is not funny.

Now to help with the file, I "assume" (probably bad idea) that you have the home edition 3.1? If not try the first two links to correct.
If you have a scanner hooked to your system that uses a program known as "Paperport", try this link:

http://www.visioneer.com/support/general/FAQ/shell32.asp

If you are running the program known as WinPoET to improve your internet connection follow the instructions at this link:

http://support.microsoft.com/?kbid=278596

If you have neither of these, boot up in Safe Mode and do a search on the SHLWAPI.DLL file. Rename the file to something like SHLWAPI.OLD then reboot your system. The error should no longer be a problem.
 
G

·
Discussion Starter · #20 ·
Thanks, Bill!

I have PaperPort, so I followed that link and its instructions. PhotoDeluxe is now opening again. - Now I just have to figure out why ActiveX, under certain conditions make IE close and reboot.(

Topcat, there must be a whale of a lot of SPAMmers if so many of them can bother with me on a 33kbs dial-up line. :) I do know that quite a few of the pingers are on college campuses, kids with too much time on their hands who would be better off studying. - Those are the ones I like to report for abuse. ;)

Thanks for your input.

-JAW-

:rybka:
 
1 - 20 of 21 Posts
Top