Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to stop FireFox calling out to IP 72.21.91.19 periodically


  • Please log in to reply
8 replies to this topic

#1 Bob177

Bob177

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 26 February 2014 - 01:47 AM

Not sure if this is the correct group.  If not let me know and I will repost where this might fit better.  My Firefox is calling out to the IP 72.21.91.19 for no apparent reason.

 

My firewall reported outgoing tcp connection to the IP 72.21.91.19 by firefox.  But that was while FF was opened it was only displaying the home page which is on this machine.  So I added 72.21.91.19 to the FW block list and started tracking how often this occurred.    And it happens a lot, every 15 minutes when Ff is open. 

 

Suspecting it might be a "livemark bookmark" causing this, I removed the FF latest headlines bookmark.  Nothing changed.  tried disabling all extensions and plugins & again no difference.   Blocklist, etc are all turned off as are all auto-updates in Ff.  Add-ons = NoScript, Ghostery, AdBlock Plus, GreaseMonkey. FF version 3.6.28 ( in order to be exactly compatible with the other machines her that are old W2k machines.  

 

This system is XP Home updates thru Feb 1st; OutPost FW; Eset Nod32 AV, Spyware Blaster, SpyBot 1.62 (no teatimer).  This machine is scanned regularly with its AV, Malware Bytes & SuperAntiSpyware.   And we follow pretty good security procedures here.  Scans show nothing bad around.  Yet I also find this same thing happening on the other machine near me that happens t be a W2k machine.  Also this machine was wiped and completely rebuilt in November.  And any data files transferred to it were thoroughly scanned before transferring.  

 

With FF not started, no calls out.  Start FF and immediately FF calls out to that IP 72.21.91.19.  And continues to do that every 15 minutes. 

 

BUT I have also discovered that the call outs stop if the machine is left unattended.  Which makes this look even more serious.   These machines generally run 2 to 7 email instances all the time and the FF browser.  So when unattended the emails (Eudora) are running.

 

I found the IP 72.21.91.19 to be owned by Edgecast.net.  Which is some kind of a content provider?  But googling the IP I found that people think it is a questionable site. 

 

Have been puzzling with this for a while now; hence the long post.  Think I have every automatic connection stopped in the FF menus and its config file.  But it's still happening. 

 

Any body have any ideas?

 

next I think I will try "fiddler" to capture the outgoing packets when I let them thru.  And create a new FF profile & test if it does the same thing.  After that I guess it is uninstall FF and reinstall it. 

 

thanks

 

Bob177



BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 26 February 2014 - 02:06 AM

G'day Bob177, and Welcome to BC !!

 

Please run this for me ::

 

Download  MiniToolBox MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#3 Bob177

Bob177
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 26 February 2014 - 02:37 AM

CondoBloke,

 

Thanks for your really quick reply.  Have run the MiniToolBox.  it gets quite a lot of information. 

 

Before I post its results, I have a question.  Is there any issue with or concern about putting all the info on my LAN IP's or the installed programs up in a public forum like this one??

 

Bob177



#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 26 February 2014 - 03:07 AM

Bob, this from one of our Moderators....

 

LAN IPs are only of interest if you already have local area network access. LAN addresses basically consist of a range of IPs that can be used on a network to assign different devices. I can have 192.168.1.1, and my neighbor who has a different router and different LAN, can have the exact same IP. These IPs tell you nothing about your location and can't be used to access your home network. If specific corporate domains are listed, or for example a static IP they rather not want to have public, then they can just edit that out of the log.

 

 


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#5 Bob177

Bob177
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 26 February 2014 - 03:11 AM

Condobloke,

 

Thanks for that reassurance.  Here is the file Result -1 2014-02-26a.txt

 

Bob177

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Owner (administrator) on 26-02-2014 at 02:18:28
Running from "F:\zz-system system checkers\x-MiniToolBox"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15473 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.1.7 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.1.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=192.168.1.1 register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : Peregrine-1        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . :         Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller        Physical Address. . . . . . . . . : 00-0D-56-64-58-78        Dhcp Enabled. . . . . . . . . . . : No        IP Address. . . . . . . . . . . . : 192.168.1.7        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.1.1        DNS Servers . . . . . . . . . . . : 192.168.1.1Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.228.226, 74.125.228.227, 74.125.228.232, 74.125.228.230
      74.125.228.231, 74.125.228.224, 74.125.228.238, 74.125.228.225, 74.125.228.228
      74.125.228.233, 74.125.228.229

Pinging google.com [74.125.228.232] with 32 bytes of data:Reply from 74.125.228.232: bytes=32 time=18ms TTL=54Reply from 74.125.228.232: bytes=32 time=18ms TTL=54Ping statistics for 74.125.228.232:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 18ms, Maximum = 18ms, Average = 18msServer:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=28ms TTL=52Reply from 98.139.183.24: bytes=32 time=30ms TTL=52Ping statistics for 98.139.183.24:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 28ms, Maximum = 30ms, Average = 29msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0d 56 64 58 78 ...... Broadcom 440x 10/100 Integrated Controller - Agnitum firewall miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.7      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
    192.168.0.115  255.255.255.255      192.168.1.7     192.168.1.7      1
      192.168.1.0    255.255.255.0      192.168.1.7     192.168.1.7      20
      192.168.1.7  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.7     192.168.1.7      20
        224.0.0.0        240.0.0.0      192.168.1.7     192.168.1.7      20
  255.255.255.255  255.255.255.255      192.168.1.7     192.168.1.7      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
    192.168.0.115  255.255.255.255      192.168.1.7       1

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (02/22/2014 01:08:07 PM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/21/2014 04:31:20 PM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer Network HP 2200 w PCL 6 share name Printer2.

Error: (02/21/2014 02:38:56 AM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/18/2014 11:15:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D

Error: (02/18/2014 10:32:35 AM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer PageManager PDF Writer share name Printer.

Error: (02/12/2014 10:26:26 AM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer Network HP 2200 w PCL 6 share name Printer2.

Error: (01/17/2014 10:15:22 AM) (Source: Print) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer Network HP 2200 w PCL 6 share name Printer2.

Error: (01/10/2014 06:31:39 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D

Error: (01/10/2014 05:46:22 PM) (Source: 0) (User: )
Description: \Device\Harddisk1\D

Error: (01/08/2014 05:32:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.20
AboutTime
Ace Utilities 2.3.1
ArcSoft PhotoStudio 5.5
Belarc Advisor 8.4 (Version: 8.4.0.0)
BreezeBrowser Pro (Version: v1.9.5.4)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29)
Broadcom Management Programs (Version: 4.01.0000)
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon Camera WIA Driver (Version: 5.3)
Canon Camera WIA Driver (Version: 5.4)
Canon Camera WIA Driver (Version: 5.5)
Canon CanoScan 4400F User Registration
Canon CanoScan Toolbox 5.0
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.0.1.2)
Canon EOS 20D WIA Driver (Version: 5.4)
Canon EOS-1D Mark II WIA Driver (Version: 5.3)
Canon EOS-1Ds Mark II WIA Driver (Version: 5.5)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)
Canon MOV Decoder (Version: 1.5.0.7)
Canon MOV Encoder (Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.1.9)
Canon Personal Printing Guide (Version: 1.0.0.1)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.5.0.8)
Canon Utilities CameraWindow (Version: 7.3.0.4)
Canon Utilities CameraWindow DC (Version: 7.4.1.10)
Canon Utilities CameraWindow DC 8 (Version: 8.0.0.19)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.6.18)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.5.0.3)
Canon Utilities Digital Photo Professional 3.8 (Version: 3.8.1.0)
Canon Utilities EOS Capture 1.2 (Version: 1.2)
Canon Utilities EOS Utility (Version: 2.8.1.0)
Canon Utilities EOS Viewer Utility 1.2 (Version: 1.2.1)
Canon Utilities MyCamera (Version: 7.3.0.5)
Canon Utilities MyCamera DC (Version: 7.2.1.6)
Canon Utilities Original Data Security Tools (Version: 1.8.0.1)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.7.0.0)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Utilities WFT-E1/E2/E3 Utility (Version: 3.2.2.3)
Canon Utilities ZoomBrowser EX (Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)
CCleaner (remove only)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant SmartHSFi V.9x 56K DF PCI Modem
Data Lifeguard Tools
DOFMaster
Downloader Pro (Version: v2.2.7)
DSLR Remote Pro (Version: v2.5.1)
EOS Viewer Utility 1.2.1 (Version: 1.2.1)
Eraser (Version: 5.7)
ESET NOD32 Antivirus (Version: 7.0.302.26)
Eudora (Version: 7.0)
Forté Agent
Foxit Reader (Version: 6.0.6.722)
Free Download Manager 3.9.3
HD Tune 2.55
HiJackThis (Version: 1.0.0)
HP LaserJet 2200 Uninstaller
Image for Windows 2.61
ImgBurn (Version: 2.5.5.0)
Intel® Extreme Graphics Driver
IrfanView (remove only)
Macromedia Dreamweaver 8 (Version: 8.0.0.2734)
Macromedia Extension Manager (Version: 1.7.240)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internet Explorer Administration Kit 5
Microsoft Office Basic Edition 2003 (Version: 11.0.8173.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office XP Resource Kit Tools (Version: 10.0.6403.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Modem Helper (Version: 2.24)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (en-US))
MPC-HC 1.7.0 (Version: 1.7.0.7858)
NetMeter 1.1.3
NetWaiting (Version: 2.5.8)
Outpost Firewall Pro 8.1.2 (Version: 8.1.2)
Presto! PageManager 7.15.14 (Version: 7.15.14E)
RescuePRO  (Version: 3.3)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
SoundMAX (Version: 5.12.01.5246)
Speccy (Version: 1.23)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 5.0 (Version: 5.0.0)
stunnel
SUPERAntiSpyware (Version: 5.6.1040)
TBIView 4.24 - TBIMount 1.06
TeraByte OS Deployment Tool Suite Professional version 1.27 (Version: 1.27)
Total Commander (Remove or Repair)
Tweak UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 2.1.0 (Version: 2.1.0)
WD Diagnostics (Version: 1.09.0002)
WebFldrs XP (Version: 9.50.7523)
Winamp (remove only)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinMerge 2.12.4 (Version: 2.12.4)
WinRAR archiver
yEnc32 (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 1278 MB
Available physical RAM: 665.71 MB
Total Pagefile: 3533.15 MB
Available Pagefile: 3027.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.82 MB

========================= Partitions: =====================================

2 Drive c: (Dell-C-20g) (Fixed) (Total:20.48 GB) (Free:11.25 GB) NTFS
3 Drive d: (Dell-D 5.7g) (Fixed) (Total:5.6 GB) (Free:3.22 GB) NTFS
4 Drive e: (Dell-E-10g) (Fixed) (Total:10.24 GB) (Free:6.43 GB) NTFS
5 Drive f: (Dell-F-38g) (Fixed) (Total:38.17 GB) (Free:3.52 GB) NTFS
7 Drive h: (WD-080-ide-x1) (Fixed) (Total:74.53 GB) (Free:2.41 GB) NTFS

========================= Users: ========================================

User accounts for \\PEREGRINE-1

Administrator            ASPNET                   Dell-101                 
Guest                    HelpAssistant            Isaac                    
Owner                    Sam                      SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 



#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 26 February 2014 - 03:27 AM

After reading your post again...admittedly a little more thoroughly than my first read.........I am liking your idea.....

 

Reset FireFox :: https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

 

I have done this on my own machine and found that writing down the names of my addons was helpful....

 

Let me know how it goes.


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#7 Bob177

Bob177
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 26 February 2014 - 03:41 AM

Condobloke,

 

Thanks for taking a look at this.  I take it that nothing really bad stands out in the MiniToolBox results file?

 

Btw I am familiar with the installed programs except the Canon Library ones.  This XP box was the first time that I've been able to run the newer Canon programs which apparently installed the Canon Library stuff.  Also when this machine was rebuilt I really trimmed the services based on Black Viper's site.  And I have now disabled that Canon Library service. 

 

Have to head for work in a little bit.  Will have to tackle this again later in the day.

 

I'll post back with what I find out from Fiddler when I get back to this issue.  If anything else comes to mind, let me know.

 

Bob177



#8 Bob177

Bob177
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 27 February 2014 - 03:33 PM

Update: Maybe problem solved ??? Progress !!! Have determined that FF was calling out to a news feed which was going the the IP 72.21.91.19. Still not sure why it was going there, though. I installed "Fiddler" and it showed me the url that was involved. http://fxfeeds.mozilla.com/en-US/firefox/headlines.xml Eventually I found that my booksmaks contained an second "liveFeed" for "headline news" in a duplicate of the Bookmarks Toolbar folder. It was located way in the middle of the actual bookmarks file. Btw searching FF bookmarks can be a real pain. I had to export the bookmarks as an html file and use a text editor to do the searching thru it. I have now removed that extrsa bookmarks Toolbar folder. And so far the calls out to IP 72.21.91.19 have not reappeared at all. Also curiously the repeated calls out stopped happening regularly every 15 minutes after I had installed Fiddler. On installation, Fiddler did install an addon into FF. Niot sure if thsi had any effect. But apparently starting the Fiddler program disables the Fiddler addon. Noit sure I want the fiddler addon in FF, though. So for now this seems to have been caused by FF's live feed and that feed going thru Edgecast. Mozilla should change this. thanks for the help with this. Wish there were a more effective way to search bookmarks for say ALL "livefeed" bookmarks. Back later. Well hopefully not to have to report that the solution failed. :-) Bob

#9 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 27 February 2014 - 04:54 PM

All Good  !!    typed-text-smiling-smiley-emoticon.gif


Edited by Condobloke, 27 February 2014 - 04:55 PM.

Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users