Jump to content


  • Content Count

  • Joined

  • Last visited

About Lykoris

  • Rank
  1. Did exactly what you said but no luck, both still listening. DCOM: I had already unchecked File and Printer Sharing and also Client for MS Network so hit the uninstall butoon to remove them like you suggested, rebooted RPC: edited registry as said but no luck. link below still shows them after doing what you said and reboot, recheck and reboot again. still no luck. http://img241.imageshack.us/my.php?image=d...sslaunchcn6.png
  2. QUOTE(p2u @ 26.09.2007 08:04) * As a rule, you just CANNOT stop a Windows service with a firewall. You should disable services that open ports (are LISTENING on ports) if you don't want to provide services to the world... Thanks for the compliment... Since you know Russian, it will be interesting for you to find out that our story started with this post of mine as a reaction to a lot of complaints about Internet attacks... It is now a number one reader for people who do a search in Russian through Google concerning Windows configuration... I'm too busy looking good all the time, but I think NickGolovko will translate that book into English some day, although most of the info contained in it is spread all over the Internet in English already... smile.gif If you need help tweaking your system, create a log or a screen shot with TCPView and send it to me through PM. I will gladly help you close all your ports (remove anything that is LISTENING on ports)... If you control your OS the way described in the book, there's no need to create special rules in KIS; you can just leave the default rules for svchost. It won't go anywhere except for the updates you initiate yourself... Paul I would be really interested about this p2u, I've cut everything out of windows services that I can but still remain with PID 4 ( netstat -ano in dos shell), and process explorer by sysinternals tells me it is "system" - so I thought it was to contact MS server for updates as I have BITS/Automatic updates enabled.......google research was rather ambigous and often conflicting tcp port 445 udp port 445 and a tcp port 135, which I bellieve is the RPC - which I don't even understand what it is, think it has to do with the fact I have a DHCP assigned from the router, never seemed to be able to set a static address, so I only have a pool of 1 address in the router settings. having googled these remaining listening/open ports (445,135) and following the recommendations(this was many months ago) I always lost internet connection so I've left them listening but would dearly love to know if it is possible to disable them - I simply gave up in frustration. and as for the articile in Russian, would be nice to have a translation for others, I've had to put a word doc together from numerous sources after googling for days and then trial and error using different hardware profiles on booting up the PC. it is just one thing that has always bugged me and to which I never really found any solution..........I also read somewhere that one of them is incredibly hard to disable cos it is wrapped up in the kernel of Windows and using commands from DOS won't work - don't know how true this is either. I guess the main question is, these listening ports above - is it a real security risk?? I suspect yes, anf if so what can I do about it?? P.S. love the Backdoors logo, hilarious :-)
  3. I would be very curious to find out the outcome of this............ I tried Vista, had it on a dual boot, but it is resource hungry to say the least and I didn't try it very long. In terms of this problem, I've twice had the experience similar to this but on XP and only when I was transferring .chm files on a USB flashdrive to the hard drive of one of my PCs. Explorer window popped up, corrupted folder within which lay the .chm files and opening it out showed more folders all named 0000000000, and it simply kept recreating new folders til all the memory of the USB stick was full. Both times had to reformat the USB stick, and transfer the files again from laptop to desktop - second time round it was never a problem. Anyways, let me know the end of this and what you ended up doing, sounds like a complete disaster to be honest.
  4. as Sjoeii says, just hit the reset buttom on your modem/router - 99% of the time with all routers this is done by taking a pin/pencil and locating a little hole with reset written near it, you put in the pin to press the button below and depending on the router manufacturer have to hold it there for a certain period of time - with mine, it is 10 seconds, which is the longest I've had of all the modem/routers I bought and currently have - you will normally see all lights on the modem/router light up then go blank and it should be reset. Being reset means it is has been reset the the manufacturer's default factory settings (strongly encourage you to review the settings as the vast majority of the time the firewall can be deactivated, numerous ports left open). So reset the router, go to Shields Up on the net, run the tests and see what ports need to be closed on your router, common one left open is often FTP on port 21 so just find that setting an disable it on your router. The default password and login should be in the manual you received when you bought the router, if not just go to the manufacturers website and download it for your model to get it....normally it is something like this login :admin password :ovislink (or relevant manufacturer name) once inside, change the settings and configure it so you can test the port settings against the probe of Shields Up on www.grc.com. if you have a wifi LAN use a strong password to access the router and use WPA2 encryption or the best your router can provide/net adapter but dont use WEP - a 128 bit key can be broken in 15minutes, a 64 bit key in 5minutes. Neighbour A of mine ran an open wifi net connection and left the default password (elderly gentleman whose son had set up the WLAN), neighbour B (an obnoxious Parisian who "cleverly" enough had left his family name as the computer name) had accessed this guys router, changed the DHCP settings & port forward settings to allocate a port to his distributed I.P. address and ran a P2P application (I assume considering the monthly download) piggybacking my other neighbour. Neighbour A complained in the halls a few months back how large his bills were for internet cos he had to pay for every 1GB more than his contracted 10GB and couldnt understand it so I looked at it. Needless to say I felt like throwing this guy off his balcony when I went to talk to him about it, he denied everything but router logs don't lie. Anyways, I hope you get your router set up right. Good luck with it!
  5. I didn't even know that existed for a windows machine, thanks a lot! I'll download/install and explore the ones you mentioned before I do the reformat. Cheers! You've pointed me in another direction.
  6. as King Grub says it will hit your router not KIS, so if those ports are open you will need to access your router through a brower with the relevant address - (,, - whatever applies to you) and configure the settings to close these ports and ensure your router doesn't respond to ping requests but drops them altogether - unless you run a server off your PC? and you really should close these ports if it is on the router, as invariably hackers use the rather primitive but easy to use port scanning tools to sweep I.P. address ranges. The best site to use in my opinion, and I've tried them all, is the renowned Shields Up service provided by www.grc.com this is a page, link is just below you should bookmark to test every now and again the common service ports 0-1024 information on the specific sites you mentioned are as follows: port 143 http://www.grc.com/port_143.htm port 72 http://www.grc.com/port_72.htm port 139 https://www.grc.com/port_139.htm and of course as always ensure your password to access your router is not the default password, mine is mad - 36 in length all committed to memory with numbers, special characters, lowercase, uppercase letters. and to reply to your initial question, I run the "netstat -ano" command from DOS (open a shell by clicking start, run then type it in) which tells you what is open and what is not, alongside the PID so you can identify the relevant process with either Task Manager or procexp. Perhaps others have better ways such as running a port scanner from their PC out - I don't know about this but would certainly be interested in those reading it that do, as there are many on this board far more knowledgeable than me. +I don't trust websites that offer port scanners, nor do I trust the freeware port scanners available on the web so I've never tried. I also use TCPView from Sysinternals. hope that helps you out somewhat, I've had a lot of help today so I felt obliged to give something back to the community. Good luck to you.
  7. Hi again Don, I've backed up the keyfile to two external harddrives and I'll also put it on an old 256MB USB flashdrive. Perhaps that could explain it, I've always installed a security suite before doing anything on a newly installed PC as I'm paranoid about having something running there that shouldn't and working off a compromised machine but will definitely follow your advice Don on this occasion - perhaps it is also the fact I update all the drivers to the latest all the time (which can, on occasion result in the infamous blue screen of death). and on a separate question Don, considering your vast knowledge what do you think of using a "live CD" of say puppy linux that runs entirely off RAM behind a hardware firewall to perform onlinebanking activities - I've come to the conclusion it is perhaps the safest way to do online banking but would appreciate your input. I realise it is not a KIS question but I don't know anybody knowledgeable in PCs, only the guys on this board, for which I must say have the utmost respect, if only I knew a .01% of what you guys know :-) and for the Xth time today I've just rebooted having lost internet connection yet again
  8. Thank you SO VERY MUCH BUBBA!!! I've converted the activation code (having tracked down the relevant e-mail) and backed it up to two different external hard drives following your advice. To answer your question - No hardware failures, specs on this machine are very good and everything runs smooth, I don't install any software on this without running it through another machine so I know what is going where and only install purchased software with the exception of a bandwidth monitor I installed so I can monitor my monthly download/upload ratio - I scanned the .exe file with KIS and nothing was hit and it seems ok. In terms of back up, I've two external hardrives, the main (500GB) serves as a back-up of my primary back up being a 250GB drive as I run a RAID 0 set-up on this machine as I play one online game - Battlefield 2 every now and again, although its been several months since I've played it. This is what really alludes me, as I said, I left this machine in 100% perfect condition two weeks ago to work off another desktop with Mandriva (I'm attempting to switch everything to a Linux machine - I've really had the last straw with Windows despite having used it since Windows '95), nobody has had access to this PC but it is sluggish, unresponsive with multiple apps open (often crashing) and upon boot-up the main desktop comes up with background picture but the taskbar is missing and it stays blank (except for background photo) for 3-5 minutes (it depends) before the taskbar appears/mouse pointer and I can work. I have given-up trying to find a proper reply, first time this happened was two years ago and then I googled for countless hours on this question on numerous occastions, consulted every I.T. guy in the IT Department of my employer at the time, none of them could give me a response and everything they had suggested to be a plausible cause I had already considered and eliminated. so I will just format the whole thing and reinstall, nothing worse than a machine that takes 6 minutes to boot up before you can work, although I suspect I shall see in my lifetime a machine where you hit the power button and everything will be immediately accessible to begin working...I'll relish that day when it comes :-) as for your other advice, I will certainly look into the various software packages you suggested and again, many thanks to you and to the others that have replied. I simply want, upon reformatting, post XP install, to have KIS up an running, fully up-to-date before I go online to download the XP updates, it is 80+ by now I guess. Thanks to one and all and a very special thanks to you Bubba! Cheers!
  9. Hi Rich, Specs wise there is nothing to complain about, RAM I've 4 GB after having disabling more than 50% of the XP services that run in the background, so its definitely not that and I'm at a loss to understand it to be honest and it can be frustrating to write a response to someone, hit the send button then lose what I just sent cos the net is down and I have to reboot both PC and router and then retype what I just wrote. Only thing I can think of is maybe the ethernet wire is damaged but I doubt it cos its only 6 months old.
  10. Hey Don, ok, I've tracked down the e-mail I received from element 5 after purchasing the two year license of KIS within which I have an "Activation code to unlock the product" being what it is XXXXXXXXXXXXXX but it also states "the license key for KIS 6.0 (2 years)" so I guess now my question is this.... if I download the latest version of KIS from the website (clearly not being KIS 6.0 as I had downloaded the one month trial before KIS 7 came out), install it, then click within main GUI activation/Renew Key (install key option)/Activate using the activation code input the activation code per the e-mail I received upon purchasing it then all will be okay??? I'm guessing I can input it into a new KIS 7 version without any problems? Many thanks for your patience, I don't mean to draw this question out at all - plus I keep losing internet connection for whatever reason, ipconfig /all in DOS confirms my allocated I.P. from my modem router but pinging it does nothing, no response from the DOS shell. There is something amiss on this PC, I've been busy with Mandriva on another desktop and when I last used this one two weeks ago there was no problems, now everything is slow and unresponsive and as I said I keep losing the net connection - (could this have anything to do with the "stealth mode" activation in KIS???) Thanks in advance for your response Don, I greatly appreciate it!
  11. Hey M8, thanks for replying so quick but I don't fully understand....I've searched for the *.key file in the KIS directories and it turns up emtpy, when I click on the activation link within the KIS GUI I have a number for an installed key so I guess my question is this....... Is writing down this number on a piece of paper sufficient for manually input ok or do I need to copy an "electronic file" to my external hard disk and then upload this file into the KIS GUI to reactivate... .i.e. a .key file somewhere on the harddrive to activate my license again (which as I said I can't find...) I realise I'm asking for "exact" instructions cos as I said, I had a really hellish experience with ZA, sth I want to avoid at all costs ever again. Cheers!
  12. Hi Everyone, I'm going to have to reformat entirely my main desktop and would like to know exactly what I need to save or have backed-up - both electronically in terms of maybe a key file e.g. "relevantname.key" or what I need to note down so that I will have my full license recognised..... Reason I ask is that I had a 2 year license with ZoneAlarm before, 8-9 months later I did a low level reformat of the PC and upon reinstallation of the license number I only had a few months left as opposed to a full year - even sending the electronic receipt by e-mail to the support team didn't make a difference...which left me very frustrated indeed :-( :-( after such a frustrating experience I really don't want to undergo the same thing again - although I suspect it is highly unlikely with Kaspersky, I simply want to cover all bases by asking you guys before I do it what "exactly" I need to do. There is no rush to respond, whenever you find the time is fine. Many thanks, a massive KIS fan!
  13. In relation to the unresponsiveness I would have to say that I also doubt it is Kaspersky, I currently have the KIS running on a Compaq Armada laptop, which is donkey years old, 128 RAM, P3 647MHz Processor with XP Pro running on it and all runs flawlessly.
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.