We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Win XP - Task Manager
Options
Comments
-
Also just wondering whether you typed this process name in incorrectly? In reply #21 HijackThis lists it as:newboy wrote:ipfw.exe -
Task manager warning - unable to terminate process. Access is denied.
C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe
lpfw.exe - that's a lower case L at the start, not an i.0 -
Newboy ... as Chippy says you have given here perfect example of why you should ONLY "copy & paste" from log reports. Retyping leads to mistakes and misunderstandings!
First things first. The HJT log looks clean enough to me.
The only thing is that you are running HijackThis from a temporary location. Please move the folder to a permanent place on your hard drive such as C:\HJT. This will ensure that any backups made are not lost.
You do indeed have many things running at startup but it seems they are all legit programs. They will either be required by the system (as in the case of almost all the files you specified in your last few posts) OR they are programs you have instructed/allowed to run at startup.
When you installed the programs they probably had a default option to run on startup. It may be that some or all of those programs can be opened manually and you need not have them all delaying your computer's startup routine.
You might like to check out each running program and go to its "options". There may be choices there for you to disable the "run on startup" option.
The Activescan log shows just a few items.
I suggest you download, install, run and scan your system with these programs ....
Download Ad-aware SE here…
http://www.lavasoftusa.com/
Install it if you don't have it already. Make sure it's the newest version and check for any updates before running it.
……. & VX2 Cleaner…….
Go here… http://www.lavasoftusa.com/ to get the plug-in for fixing VX2 variants. To run this tool choose Software > Add-ons (left navigation bar) then select VX2 Cleaner.
Follow the instructions to run it. If your system is clean it will say “Status System Clean”. Otherwise, you will have to click on the Clean button to remove the VX2 infection.
Also make sure to customize the settings in Ad-aware for better scan results by reading the article here… http://www.greyknight17.com/spyware.htm#adware
Run the scan and fix everything that it finds.
Download Spybot Search & Destroy and install it. Please run it, click "Search for Updates" then "Check for Problems". If it finds something, check/tick all items in RED and hit the “Fix Selected Problems” button.
Exit Spybot.
Next repeat the Panda Activescan process. IF it still finds files it can't (or won't) clean post the results again here.
I see you turned up processes that are non-essential but which shouldn't be stopped unless definitely causing problems. If you want to check out if a process is infected or not you can upload the file to jotti here ....
http://virusscan.jotti.org/
Click the "browse" button and browse to the files that worry you (upload them one at a time) then click the "submit" button to upload the file.
Post back the results to this thread. We'll tell you what they mean.
If you stop your ipod/itunes processes you are right - you may well have trouble using the equipment.
Lastly, check this out ....
C:\Program Files\KService\KService.exe
If the KService.exe file is still on your system delete it.
Let us know if there are any lingering problems.0 -
Hi pchelpman.
Ok, have just run through panda again, and it came up with loads this time;
Incident Status Location
Adware:adware/startpage.amb Not disinfected C:\Documents and Settings\Stuart\Favorites\Online Games
Hacktool:HackTool/EvID Not disinfected C:\Program Files\PPLive TV\SynaLiveSetup.exe[EvID4226Patch.exe]
Potentially unwanted tool:Application/Restart Not disinfected C:\WINDOWS\system32\Tools\Restart.exe
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000002\FILES\001\0011B0.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00000B\FILES\001\004545.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00000C\FILES\001\004809.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00000D\FILES\001\004AEB.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00000E\FILES\001\0052C0.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00000F\FILES\001\0055AA.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000010\FILES\001\005BB7.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000011\FILES\001\005E68.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000013\FILES\001\007377.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000014\FILES\001\00767A.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000015\FILES\001\00794D.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000016\FILES\001\007C63.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000017\FILES\001\007FB5.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000018\FILES\001\008360.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000019\FILES\001\0086EC.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00001A\FILES\001\008A29.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00001B\FILES\001\008DCC.DAT
Spyware:Cookie/Gorillanation Not disinfected F:\PQSC\CPS\00001B\FILES\001\008DBD.DAT
Spyware:Cookie/Atwola Not disinfected F:\PQSC\CPS\00001C\FILES\001\009DD2.DAT
Spyware:Cookie/FortuneCity Not disinfected F:\PQSC\CPS\00001C\FILES\001\009DE5.DAT
Spyware:Cookie/Clicktracks Not disinfected F:\PQSC\CPS\00001C\FILES\001\009E04.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00001C\FILES\001\009E1C.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00001F\FILES\001\00B542.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000020\FILES\001\00B7F4.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000021\FILES\001\00BB0B.DAT
Spyware:Cookie/RealMedia Not disinfected F:\PQSC\CPS\000022\FILES\001\00BE44.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000022\FILES\001\00BE3E.DAT
Spyware:Cookie/Humanclick Not disinfected F:\PQSC\CPS\000022\FILES\001\00BE5C.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\00003E\FILES\001\015511.DAT
cont......They call me Mr Pig!:laugh:0 -
Spyware:Cookie/Tickle Not disinfected F:\PQSC\CPS\00003E\FILES\001\0154FC.DAT
Spyware:Cookie/bravenetA Not disinfected F:\PQSC\CPS\00003E\FILES\001\0154EE.DAT
Spyware:Cookie/OfferOptimizer Not disinfected F:\PQSC\CPS\000040\FILES\001\01753E.DAT
Spyware:Cookie/MyWay Not disinfected F:\PQSC\CPS\000040\FILES\001\017543.DAT
Spyware:Cookie/OfferOptimizer Not disinfected F:\PQSC\CPS\000042\FILES\001\018FB3.DAT
Spyware:Cookie/OfferOptimizer Not disinfected F:\PQSC\CPS\000044\FILES\001\0198F8.DAT
Spyware:Cookie/OfferOptimizer Not disinfected F:\PQSC\CPS\000045\FILES\001\019BBE.DAT
Spyware:Cookie/Kount Not disinfected F:\PQSC\CPS\000058\FILES\001\024F42.DAT
Spyware:Cookie/Xmts Not disinfected F:\PQSC\CPS\000058\FILES\001\024F58.DAT
Spyware:Cookie/Maxserving Not disinfected F:\PQSC\CPS\000058\FILES\001\024F4F.DAT
Spyware:Cookie/Cgi-bin Not disinfected F:\PQSC\CPS\00005E\FILES\001\0286B9.DAT
Adware:Adware/Twain-Tech Not disinfected F:\PQSC\CPS\00005E\FILES\001\029C5E.DAT
Spyware:Cookie/Cgi-bin Not disinfected F:\Program Files\Yahoo!\YPSR\Quarantine\ppqD0A9.TMP
Virus:Trj/Mitglieder.EK Disinfected [Work and taxes.rar][Taxes.exe]
It might be worth noting, that I only really use my F drive to store photo's. It was my original C drive before I got an upgrade.
Can you advise me if I should worry about the possible trojan / legitimate programs mentioned earlier.
Also, I have tried to move Highjacker to my C drive, but it doesn't give me that option when i 'send to'.
NewboyThey call me Mr Pig!:laugh:0 -
Also, I have tried to virusscan.jotti, but it won't let me. Do I have to turn off the lava firewall?
NewboyThey call me Mr Pig!:laugh:0 -
Moving the HJT folder > try right clicking on the folder and choosing "cut". Then right click on your C: drive and click "paste". The folder should now have moved to the C: drive safely. Let me know if not.
Trojan/legit programs > those listed in your post #28 were all required files so should be OK and your HJT log looks OK too.
I'm surprised you are having trouble uploading your chosen files to jotti for checking. Jotti was down for a while some time ago but it should be OK now.
It should be a simple process and you shouldn't need to disable your firewall. You say "it won't let me". What exactly is happening when you go to the Jotti site and click in the "Browse" button?
The khost.exe is indeed related the proces you removed earlier and you can remove msmsgs.exe by using Add/Remove Windows Components to uninstall it.
How is your computer working now? Any problems or difficulties?
Please post a new log, with details of any ongoing issues, if you want us to look at it again for you.
All the best.0 -
Hi pchelpman.
hjt moved.
Trojan / legit programs - How do you tell the difference. If a trojan has the same name as a legit programme?
Jotti - It was saying that my firewall may have been blocking., and , all the files that it was looking for were coming up as 0kb. I have since removed lavasoft, so am back to having windows firewall.
Khost - removed.
PC seems to be running ok. Am still running and checking with defender and spybot - thanks.
Only a couple of processes that concern me, (after running and googleing as advised); - dslagent.exe and jusched.exe. I think these only get me querying, as these both have poss trojan links.
I am just gonna run another hjt and will put in the next post.........
newboyThey call me Mr Pig!:laugh:0 -
pchelpman......
Logfile of HijackThis v1.99.1
Scan saved at 18:46:48, on 23/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Inverse IP InSight\BT\ARMon32a.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BT Broadband Desktop Help\bin\BTHelp.exe
C:\Program Files\BT Broadband Desktop Help\bin\mpbtn.exe
C:\PROGRA~1\Motive\Common\MOTIVE~1.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\Stuart\LOCALS~1\Temp\Temporary Directory 1 for hijackthis_199.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forums.moneysavingexpert.com/forumdisplay.html?f=5
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btinternet.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btinternet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Internet
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - !!53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Dimension4] F:\D4.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.btinternet.com/
O16 - DPF: !!17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: !!1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/bt/yregucfg.cab
O16 - DPF: !!31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: !!4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: !!56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0585f4186af83ca92919/netzip/RdxIE601.cab
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137957540609
O16 - DPF: !!71057C18-0507-4747-86BC-E11CE7512C5F} (mailhelper Class) - http://register.btinternet.com/templates/btmailcontrol013.cab
O16 - DPF: !!9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.sc-server1.bt.com/broadband/MotivePreQual.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) - http://register.btinternet.com/templates/btwebcontrol023.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\!!2C4390BF-A5A8-4288-AB9A-4755B6C29CF5}: NameServer = 194.74.65.69 194.72.9.34
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Inverse IP InSight Client (BT) (InverseLaunchIPI_BT) - Inverse Network Technology - C:\Program Files\Inverse IP InSight\BT\LaunchIPI.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Thanks once again for all your help (and all others that have contributed).
Best regards
newboy
They call me Mr Pig!:laugh:0 -
....actually it's still in a temporary location. Your "move" didn't work. Maybe you'd like to try it again.newboy wrote:hjt moved
On the bright side your log is clean.
To comment on your other points.
There could be many ways to differentiate. You just have to investigate. For example, the application could be running from the wrong place or it could be taking up an excessive amount of resources. The experienced analyst's eye and/or Jotti can help. Sometimes, though, it's just down to a matter of experience and occassionally a "gut feeling".newboy wrote:Trojan / legit programs - How do you tell the difference. If a trojan has the same name as a legit programme?
The Windows firewall isn't good enough.You should revert to a firewall from somewhere else. Preferably one that doesn't interfere with your other programs. Zone Alarm free personal firewall is popular. From here .....newboy wrote:Jotti - It was saying that my firewall may have been blocking., and , all the files that it was looking for were coming up as 0kb. I have since removed lavasoft, so am back to having windows firewall.
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
Don't forget .... download a new firewall FIRST and only then install it before you disable the Windows firewall.
You should be able to upload suspect files to Jotti to check for malware without having to disable your firewall.
Both should be OK.newboy wrote:Only a couple of processes that concern me, (after running and googleing as advised); - dslagent.exe and jusched.exe. I think these only get me querying, as these both have poss trojan links.
dslagent.exe is installed alongside broadband modems from eicon networks which comes bundled with many Internet providers. It's required for the Internet connection to operate.
jusched.exe is Sun Java's automatic update scheduler. It periodically starts another process that checks for Java updates.
If you want to check you can upload them (one at a time) to Jotti and post back here if anything odd turns up in the results.
Hope you are now fixed up.
Safe surfing.0 -
Hi pchelpman.
I've downloaded the zonelabs firewall as suggested, and have had many (over 50) alarms already where a remote computer has tried to access a port (137,139 and 445) on my pc.
Can you explain exactly what would be doing this. As it is my home pc, I am not on a network.
NewboyThey call me Mr Pig!:laugh:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards