Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE settings keep changing and system running slow


  • This topic is locked This topic is locked
117 replies to this topic

#106 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 22 September 2010 - 03:58 AM

This makes no sense at all. Are you sure the firewall is on, and didn't you forward any ports and so on? These tests are looking like no firewall is doing anything.

Did the settings still get changed?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


BC AdBot (Login to Remove)

 


#107 kschwi

kschwi
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 22 September 2010 - 06:23 AM

I noticed that as well. I did forward one port used by a different computer for gaming not this one. Would forwarding just one port for a different computer make that much difference in the number of ports shown as closed?

I see the Zone Alarm icon in bottom right so I assume it is on. I know the Outpost Firewall was on when that was installed.

#108 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 22 September 2010 - 07:14 AM

QUOTE
Would forwarding just one port for a different computer make that much difference in the number of ports shown as closed?
If you did that on this computer and forwarded it so another computer could connect to it, then yes, that leaves your computer open to vulnerabilities and other settings can be modified from outside.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#109 kschwi

kschwi
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 24 September 2010 - 10:18 AM

yes, but I did not open the port on this computer. I opened one port on my downstairs desktop (this computer is upstairs and is connected wirelessly and the one I have problems with) I am confused as to why neither firewall seems to be effective.

#110 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 24 September 2010 - 10:46 AM

Does your other computer (that is connected to the same network) have problems? If that runs fine, can you please repeat the portscans from that computer and post me the results. That way we can compair them.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#111 kschwi

kschwi
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 25 September 2010 - 02:31 PM

I don't think a software firewall can change the ports to stealth. I did ask the Outpost why their firewall did not change my ports to the stealth mode and they said there won't be any difference when using Outpost.

Edited by kschwi, 25 September 2010 - 02:34 PM.


#112 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 25 September 2010 - 02:55 PM

I know for a fact software firewalls can do this (did some testing myself). But I see indeed why the scan gave these results.

Lets also have a look at the routing table now.

Please right click on your Internet Connection icon in the System Tray and select Status. In the Status window click the Options button.

Look under "this connection uses the following items" and highlight Internet Protocol (TCP/IP). Click Properties.

On the General tab, make sure "Obtain an IP address automatically" and "Obtain DNS server address automatically" are both ticked.
On the Alternate Configuration tab, make sure "Automatic private IP address" is ticked.

Click OK to exit the Properties and OK to exit the other windows as well.

Now, click Start > Run and type cmd in the runbox.

A command window will open. Type ipconfig /flushdns and press enter.


Please run Notepad (start > All Programs > Accessories > Notepad) and copy and paste the text in the code box into a new file:
CODE
@echo off
(ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print) >>Log1.txt
start notepad Log1.txt
del %0

Go to the File menu at the top of the Notepad and select Save as.
Select save in: desktop
Fill in File name: test.bat
Save as type: All file types (*.*)
Click save.
Close the Notepad.
Locate and double-click tast.bat on the desktop.
A notepad opens, copy and paste the content it (log1.txt) to your reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#113 kschwi

kschwi
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 25 September 2010 - 10:01 PM



Windows IP Configuration



Host Name . . . . . . . . . . . . : D6XGLH41

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-0C-F1-D2-69-AA



Ethernet adapter Wireless Network Connection 3:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Belkin Basic Wireless USB Adapter

Physical Address. . . . . . . . . : 94-44-52-5D-C5-A2

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Saturday, September 25, 2010 9:50:26 PM

Lease Expires . . . . . . . . . . : Sunday, September 26, 2010 9:50:26 PM

Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.95.147, 74.125.95.104, 74.125.95.103, 74.125.95.106
74.125.95.105, 74.125.95.99

Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 69.147.125.65, 72.30.2.43, 98.137.149.56, 209.191.122.70
67.195.160.76



Pinging google.com [74.125.95.106] with 32 bytes of data:



Reply from 74.125.95.106: bytes=32 time=48ms TTL=54

Reply from 74.125.95.106: bytes=32 time=32ms TTL=50



Ping statistics for 74.125.95.106:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 48ms, Average = 40ms



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=108ms TTL=56

Reply from 72.30.2.43: bytes=32 time=93ms TTL=56



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 93ms, Maximum = 108ms, Average = 100ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c f1 d2 69 aa ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x10004 ...94 44 52 5d c5 a2 ...... Belkin Basic Wireless USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 25
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 25
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 25
255.255.255.255 255.255.255.255 192.168.1.64 2 1
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None


#114 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 26 September 2010 - 01:38 AM

Well, this brings us back to the router....

I found the following manual: http://www.2wire.com/pages/pdfs/5100-000326-000.Rev.A.pdf

Can you please go there, and go to the chapter: Troubleshooting - Resets

Let me know which option you used to reset your router.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#115 kschwi

kschwi
  • Topic Starter

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 26 September 2010 - 08:52 AM

I just physically pressed the button on the side of the router. I am pretty sure it reset since it re-installed the 2-wire software. It did not prompt me to click any reset buttons on a screen like shown in the manual when installing.

#116 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 26 September 2010 - 09:26 AM

The only thing I can think of what we have not yet tried is to use the reset function as shown in the manual (the last one, called RESET to factory state).

We checked and double checked every other possible cause, so if that does not do it, I honestly wouldn't know what is causing this.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#117 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 04 October 2010 - 05:23 AM

Hi, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#118 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,449 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:58 PM

Posted 10 October 2010 - 05:25 AM

Due to lack of feedback, this topic will now be closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users