Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Smitfraud issues


  • Please log in to reply

#31
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
No Problem,

Does the PC act any better?

Do you have the original Windows CD?

Go ahead and Restart,see if the AV Flags anything!

Post back and let me know!
  • 0

Advertisements


#32
ejm93

ejm93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
So far so good.. nothing is flagged which is good!

Also when I run taskmgr, my computer performance was running consistantley near 100% and now it's down to below 10% most of the time.

Now if only I could figure out my CD/DVD drive issues..

Thanks for all the help!!

OK - just went to shut down and restart and for the second time since this whole fiasco started, I got a message that said another user was connected to the computer and shutting down would cause them to disconnect.

What's up with that? Any connection?

Edited by ejm93, 27 June 2005 - 03:26 PM.

  • 0

#33
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Now that cant be good!!!

Can You get in touch with your Internet Service Provider and Have them help us check this out any way they can!

Download Active Ports and lets see whats going on!
http://www.protect-m...m/freeware.html

Once Installed,Open it and look for anything in red or any really strange IP addresses!

Post back ASAP and let me know what you see!

Download Kerio Personal Firewall and get it Installed ASAP!!!
http://www.kerio.com...f_download.html

Edited by Cretemonster, 27 June 2005 - 05:58 PM.

  • 0

#34
ejm93

ejm93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Two popped up red then the red disappeared.. I exported the log to my desktop and copy and pasted it below.. I'm assuming that anything from ME should be the same IP address and anything else is some one else? I have a firewall up and running and there isn't anything on my "allow list" that shouldn't be there (things I KNOW that are OK). Can I have two firewalls running at once or, should only one ever be used at a time (I have two anti-virus programs running and a third I do scans with now just to make sure)!! The only ones going red are MSN (and I have heard MSN is horrible for backdoors etc). OK, just did a restart and opened ActivePorts right away.. the list was very small then all of a sudden a bunch started popping up and going red and some green.. I'm assuming red isn't good but green is.. anyways, here's the first list that showed up...


System 4 192.168.2.10 138 LISTEN UDP
System 4 192.168.2.10 137 LISTEN UDP
System 4 0.0.0.0 445 LISTEN UDP
System 4 192.168.2.10 2869 192.168.2.1 1027 CLOSE_WAIT TCP
System 4 192.168.2.10 139 LISTEN TCP
System 4 0.0.0.0 445 LISTEN TCP
lsass.exe 788 0.0.0.0 4500 LISTEN UDP C:\WINDOWS\system32\lsass.exe
lsass.exe 788 0.0.0.0 500 LISTEN UDP C:\WINDOWS\system32\lsass.exe
svchost.exe 1016 0.0.0.0 135 LISTEN TCP C:\WINDOWS\system32\svchost.exe
svchost.exe 1112 192.168.2.10 123 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1112 127.0.0.1 1040 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1192 0.0.0.0 1042 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1192 0.0.0.0 1035 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1192 0.0.0.0 1033 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1192 0.0.0.0 1032 LISTEN UDP C:\WINDOWS\System32\svchost.exe
svchost.exe 1256 192.168.2.10 1900 LISTEN UDP C:\WINDOWS\System32\svchost.exe
Freedom.exe 1888 127.0.0.1 1608 LISTEN UDP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51206 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51204 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51203 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51202 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51201 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
Freedom.exe 1888 127.0.0.1 51114 LISTEN TCP C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
MsnMsgr.Exe 1908 192.168.2.10 9472 LISTEN UDP C:\Program Files\MSN Messenger\MsnMsgr.Exe
MsnMsgr.Exe 1908 192.168.2.10 9 LISTEN UDP C:\Program Files\MSN Messenger\MsnMsgr.Exe
MsnMsgr.Exe 1908 127.0.0.1 1079 LISTEN UDP C:\Program Files\MSN Messenger\MsnMsgr.Exe
MsnMsgr.Exe 1908 0.0.0.0 1087 LISTEN UDP C:\Program Files\MSN Messenger\MsnMsgr.Exe
MsnMsgr.Exe 1908 192.168.2.10 1078 207.46.6.134 1863 ESTABLISHED TCP C:\Program Files\MSN Messenger\MsnMsgr.Exe
msn.exe 2336 127.0.0.1 1034 LISTEN UDP C:\Program Files\MSN\MSNCoreFiles\msn.exe
msn.exe 2336 192.168.2.10 1297 198.167.161.14 80 CLOSE_WAIT TCP C:\Program Files\MSN\MSNCoreFiles\msn.exe
msn.exe 2336 192.168.2.10 1231 69.31.4.67 80 CLOSE_WAIT TCP C:\Program Files\MSN\MSNCoreFiles\msn.exe
alg.exe 2656 127.0.0.1 1026 LISTEN TCP C:\WINDOWS\System32\alg.exe


*EDITED TO ADD: When I call my IP, can they check my account to see if there's unusual activity.. I just tell them about the message or, will I need additional information?? You wouldn't think I've been some one who's been online for over 10 years and been playing with computers since I was a toddler.. good ol' Commodore 64!!!*

*EDITED AGAIN TO ADD - think I figured out my CD/DVD problem.. think I found a fix on the windows website, it's a registry problem as I'm missing a part of my registry...

http://support.micro...kb;en-us;316529

I've got everything up to the "CD Burning" don't have the "Drives" option of my registry - should I edit my post in hardware to specifically get precise help on how to fix the registy for the drive (if that is infact what the problem is)?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives

Edited by ejm93, 27 June 2005 - 07:35 PM.

  • 0

#35
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
I would keep on with whatever Help you are getting for the CD issues but remember to check all the Services and be sure thet are set to Manual or Automatic!

I dont see anything from Active Ports out of the ordinary,when you call the ISP,just be as you are with me,Informative and tell them about what happens at Shut Down,As I have never experienced or heard of this,it just seems odd but could be the Firewall or AV!

Is the PC networked to any other PCs? Routers and Such??
  • 0

#36
ejm93

ejm93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I am not networked and since I've been running two firewalls, I haven't had any problems!

As for the CD/DVD problem.. I forgot my Mom had the same computer as me so I went to her place tonight, copied her reg files and am about to put them on my computer.. crossing my fingers! :tazz:
  • 0

#37
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Good Deal,Now I get to join you,I just trashed my primary CD-Rom on the PC in the Bedroom!

Luckily I still have the Applications Disk that came with the PC and XP is good about loading the missing driver!

Hope all goes well!

MJ :tazz:
  • 0

#38
ejm93

ejm93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hopefully you fix yours!

I added the registry but, not sure where it was added to as I checked on my computer where it's supposed to go (the directory) but, nothing is there. CD is still not working (will still only read DVD's). When the registry is updated (new stuff added) where does it go? Does it matter? Don't know if it automatically goes there. I am almost positive my problem is reg. related as my driver is new (deleted then reinstalled), all settings are the same, I'm just missing some driver things in the reg.

Any ideas (posted in hardware, still no replies)?
  • 0

#39
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Is this the link you referred to
http://support.micro...om/?kbid=320553

If so,there is a list of Vendors Names you can contact!

What Brand of PC is it?

Gateway

Dell

HP

See what I can dig up!

Look here and see if you have read through this link before
http://www.zappersof...hoot-cdrom.html

Edited by Cretemonster, 30 June 2005 - 05:32 AM.

  • 0

#40
ejm93

ejm93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Here's the link I was using.. not even sure if it will fix the problem:
http://support.micro...kb;en-us;316529

If you go through the directories like it says (HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives)

My computer does not have the "Drives" part. I went to my Moms, exported the reg from Drives (while Drives was highlighted, clicked "Export" and saved it to a reg file) then I emailed it to myself and installed it. Nothing still shows up where "Drives" should be.

My drive reads and plays DVD's but, not CD's. The wierd thing is, if I go to "My Computer" and click on the drive, nothing pops up (tried various types of music CD's.. some store bought, some burned) but, if I click on my D drive when it's empty, it says to put a CD in the drive.. wierd. If my E drive (one with issues) is empty, I am still not prompted to insert a CD. The light doesn't even come on to check for anything but, when there's a DVD in there, it opens it and will play the movie.

In BIOS, there are two secondary drives listed.. my D drive (CD ROM) was listed but, nothing for SD2 so, I changed the setting for "capacity" to automatic to match the other one but, other than that, there was nothing I could do.

When I got my computer, they never gave me an XP CD as that probably would've helped me and the system restore function was not turned on (which I realized when I had my Smitfraud issues) so, that won't help either!!

I have "Registry Editor" on my computer and I ran that a few times and there are always problems found.. could that have caused this problem? Certainly hasn't helped it!!!

Edited by ejm93, 30 June 2005 - 06:11 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP