Two questions.

[hockey man]

Okay guys, I have two questions for you. First the easy one .

1) Is it possible to run a pc with only freeware security/antivirus/firewall/etc? How safe would that pc be.

2) I'm looking for ways to speed up my pc's boot time. Here is my HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 12:47:32 PM, on 9/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C 1.EXE
C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C 1.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://heritagepa.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = ccc.hedge.org:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [\\Brian-hedg5k36i\EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C 1.EXE /P41 "\\Brian-hedg5k36i\EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Auto EPSON Stylus C64 Series on Brian-hedg5k36i] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C 1.EXE /P47 "Auto EPSON Stylus C64 Series on Brian-hedg5k36i" /O27 "\\BRIAN-HEDG5K36I\EPSON C64" /M "Stylus C64"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [PathNvidiaTV] C:\Program Files\Gigabyte\Nvidia\patchnvidiaTVout.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Joint Operations Typhoon Rising Registration.lnk = C:\Documents and Settings\sdewalt\Local Settings\Temp\{55D3EEBD-C6FC-4ED7-BD0B-D848DF9FF4B6}\{0325F1C1-883A-41AB-8981-B27359ABDFAF}\NOVG.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.simnetenterprise.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


I was thinking that removing the following lines would increase performance.

O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Auto EPSON Stylus C64 Series on Brian-hedg5k36i] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C 1.EXE /P47 "Auto EPSON Stylus C64 Series on Brian-hedg5k36i" /O27 "\\BRIAN-HEDG5K36I\EPSON C64" /M "Stylus C64"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

(I'm no longer conected to the family printer.)

What do you think?

[pop pop]

1) Yes

2) One of the HJT guys will weigh in on the log but...McCafee--from what I have seen on other people's systems--is a resource hog much like Norton.

[Fruss Tray Ted]

You snuck in a third question subliminally... In the latter part of question one, you ask if a free program only pc is safe? One word: Linux. Other than that, all other browsers use MS'es shell and with a weak foundation,,, well you know where I'm going with that.

Free security suites or separate programs are a blessing for now. Who knows if they'll still be here years, months or even weeks from now. Look what happened to Sygate firewall as of late. Now you'll have to pay for a what will most likely become a bloated firewall now that 'Snortin's' took it over...

[hockey man]

Now you'll have to pay for a what will most likely become a bloated firewall now that 'Snortin's' took it over...

I like that . I'll wait for some advice on my HJT log.

And by the way, the reason I asking is because my free MaCafee trial will end at the end of this school year.

[Erik]

I am not an expert in HiJack This! logs but I don't see anything that screams out as being malicious. I did notice a few things that are autostarting that you could stop if you want.

QuickTime
Real Player
Java Updater

I am currently using AVG and Sygate free on all of my Windows computers. I haven't ever had any problems with viri or other such problems. I think that they work just fine, when combined with safe surfing habits anyway. Also as mentioned for the ultimate in security and truly being a totally free PC, software wise anyway, you need to migrate to Linux.

[hockey man]

I'm not looking for malicous stuff, I'm just looking to speed up my pc. Someday I'll do a dual boot with Linux.

[Erik]

If you just want to try Linux without the hstle of formatting, partitioning on a HD that has important data you still have some options. The first would be a Live CD version, which runs totally from CD and gives you a feel for Linux. There is no danger of harming any existing installed programs as they won't write to your HD by default.

Linux is alo perfectly happy to run on an older PC that Windows would be sluggish and barely workable on. I am currently working from an older laptop that is running a lighter version of Linux called Slackware. The laptop is an old PIII 700Mhz with a 30GB HD and 256MB of RAM. I installed a wireless card, and am typing from my bed as I watch TV. It works great and gives no problems. I have even run Linux on older PCs without problems.

[hockey man]

Were can I get me one of those CDs? I would be interested in trying that.

[david eaton]

Download slackware as an ISO file from http://www.slackware.com/

[hockey man]

Ok, I went here and downloaded all the slackware 10.1 files. Now what?

[ErnieK]

Now burn the image to disk (do not copy the ISO onto a disk)

If oyu are not sure how to do so here is a link that will give instructions for various softwares.

After burning it to disk pop into the BIOS and set you computer to boot from the CD as first boot. Press F10 to save the changes. Insert the disk into your drive and reboot the computer. It will now boot from the CD instead of the HDD. Just remeber that it will be slower than your hard drive.

[ErnieK]

Now burn the image to disk (do not copy the ISO onto a disk)

If oyu are not sure how to do so here is a link that will give instructions for various softwares.
http://www.petri.co.il/how_to_write_iso_files_to_cd.htm

After burning it to disk pop into the BIOS and set you computer to boot from the CD as first boot. Press F10 to save the changes. Insert the disk into your drive and reboot the computer. It will now boot from the CD instead of the HDD. Just remeber that it will be slower than your hard drive.

[hockey man]

I doanloaded 4 different files. Do I need to put all 4 on the disc?

[ErnieK]

What files did you download?

[hockey man]

I downloaded the following:

slackware-10.1-install-d1.iso. . Feb 25 2005 649158k
slackware-10.1-install-d2.iso. . Feb 25 2005 659618k
slackware-10.1-source-d3.iso . . Mar 01 2005 680646k
slackware-10.1-source-d4.iso . . Mar 01 2005 677472k

Also, any suggestions why Firefox won't let me get to the site linked to in post 9? I've also had problems with firefox connecting to my online bank and trying to subscribe to a magazine- As well as it is now not letting MaCafee update!!!! I'm running Spybot, Ad-Aware, McAfee, and I recently got rid of the Microsoft antivirus software and the free AVG stuff (I thinks that was it's name.) What do you think is up?

[pop pop]

Burn each .iso to a separate CD. Boot from the first to begin the installation.

I use FireFox and can connect to that site in post 9 just fine. Your FireFox not connecting could be any number of things. The site may require cookies, java, or whatever.

I doubt McCafee is using FireFox as an update vehicle...but I could be wrong. If you have FireFox set as your default browser you could "temporarily" set Internet Exploder back to the default and see if McCafee updates.

Online banks very often require Internet Exploder. Check their requirments on ther site.

M$ doesn't make, give away, or sell antivirus software...yet. That will soon change.

AVG is much better than McCafee...leaner, effective, and free.

[hockey man]

I was thinking of switching when my free 15 month suscription is done. I used to be able to get to my bank, It's just the last week or so that I haven't been able to. I have run all of my antispyware and stuff programs and they havn't found anything. This is the MS program I was talking about. Anyway, I'll try the Linux boot.

[hockey man]

Gr, that didn't work. . . Now what?

[pop pop]

The M$ Antispyware product is actually good.

My telepathic powers are on the fritz today...what didn't work?

[hockey man]

Sorry, I restarted and had it booting to the optical drive. It skipped over that though and booted from the hd. I had the first cd in, and it was an ISO image.