stoutfellow: Joker (Default)
stoutfellow ([personal profile] stoutfellow) wrote2007-08-12 08:30 am
  • Add Memory
  • Share This Entry
  • Current Mood: annoyed
  • Current Music: Diana Ross, "Last Time I Saw Him"
Entry tags:

Guru Needed

Something odd has been happening recently. I think it began after the latest Firefox update, but I can't be sure.

I have a number of HTML pages on my hard drive, purely for my own use. Lately, whenever I click on one of them, I get a dialog box reading "There was a problem sending the command to the program". The only button reads "OK"; the title bar of the box is the local address of the HTML page. Almost immediately afterwards, the page opens and behaves properly. (The dialog box does not go away, however.) If I keep Firefox open for any length of time after this, eventually the dialog for connection to the 'Net comes up. If I approve connection, it does so, but Firefox remains open at the local page.

I've checked for malware using Ad-aware 6.0 and Spybot S&D 1.2. Neither reports any problems. I'm tentatively assuming that the upgrade to Firefox 1.8.20070.6982 is somehow related - not that that gets me any closer to knowing what to do! Anybody have any suggestions?
Flat | Top-Level Comments Only

[identity profile] kk1raven.livejournal.com 2007-08-14 04:36 pm (UTC)(link)
I'm not sure what's going on there, but I would recommend getting the current versions of AdAware and Spybot (7.0 and 1.4 respectively).

If you create a shortcut that points to a URL and use it, do you get similar results?

[identity profile] stoutfellow.livejournal.com 2007-08-14 05:10 pm (UTC)(link)
Thanks; I'll make those upgrades and try again. (I'm getting really suspicious that some malware has been planted; yesterday afternoon my computer tried to place a call without my permission.) I accessed both of the HTML files I mentioned via shortcuts; I'll check to see if going direct makes any difference.

[identity profile] kk1raven.livejournal.com 2007-08-15 03:33 pm (UTC)(link)
Malware is definitely a possibility from they way you describe the problem. If you use Firefox all the time rather than MS IE, you have a much lower chance of ending up with malware installed though.

The reason I asked about whether a shortcut to a URL works is that Windows treats URLs and html files differently. When you open an html file, either directly or with a shortcut pointing to the file, Windows opens it according to the settings for .htm files in your file types settings. When you open a URL, the settings used are the one for that particular type of URL. Generally, most people want the settings for .htm files and http and https URLS to be the same, but sometimes one or more of them end up with messed up settings. The fact that this happened when you installed a new version of your browser points to a problem with those settings as a possibility. Malware has been known to alter those settings as well.

[identity profile] stoutfellow.livejournal.com 2007-08-15 04:03 pm (UTC)(link)
I ran the newer version of Spybot, which made a couple of suggestions, but this seemed to have no effect. After reading this comment, I tried my html files using "Open With" Firefox, and they opened without a glitch. It looks like, as you suggested, the file type settings were messed up somehow.

I'm still worried about that phone call....

[identity profile] kk1raven.livejournal.com 2007-08-15 04:25 pm (UTC)(link)
The phone call definitely seems worrisome. Do you know who or what it was trying to call? Was it trying to use dial-up networking to make the call or something else? If it was using dial-up networking, there is most likely a DUN connectoid set up for it to use. Windows computers sometimes get confused and don't see the internet connection they should be using and then try to use DUN to make a connection if there is anything set up there. There is a whole category of malware called porn dialers that try to dial 800-type numbers, sometimes in foreign countries. Those can be very nasty and contrary to what some people think, you don't have to look at porn sites to get infected with them. Spybot and AdAware usually do a good job at finding those.

If you are still worried, there are a couple more programs you could try. AVG Anti-spyware is another good adware/spyware detector. The free version will run resident for 30 days then revert to needing to be run manually. You can get it from http://free.grisoft.com. HijackThis is a good program for detecting browser hijackers. Unlike the others, it requires some knowledge to use though because it just shows you everything that changes the behavior of Windows starting and your browsers. You need to figure out which of those things are desirable and which are undesirable.

[identity profile] stoutfellow.livejournal.com 2007-08-15 04:44 pm (UTC)(link)
It was using dial-up networking, yes. I think it was using the number I use to connect to the university server, but I didn't think to check - I just hit "Cancel". If it happens again, I'll be sure to look.

I'm downloading AVG Anti-spyware now. Thanks again.

[identity profile] stoutfellow.livejournal.com 2007-08-15 04:03 pm (UTC)(link)
Oh, and thanks!
Flat | Top-Level Comments Only