homecomputeraid Posted January 13, 2005 Report Share Posted January 13, 2005 Zombie connections? Sounds like you've done some Unix. :)There's a free utility called TCPView that lets you terminate unused network connections real-time. Please take a look at it. I'm still working, so I'll look at your post some more when I get home.Sincerely, Quote Link to comment Share on other sites More sharing options...
korgg Posted January 14, 2005 Author Report Share Posted January 14, 2005 Thanks for the link ... I had a program like that at home ... Forgot about it :( ..That was just what I needed for that problem ...Still my problem remains ... Still looking for answers...Hope MS gets public with some hotfix ...And I'm anxious about your opinion about that ethereal file...Connected users can be seen in control panel -> administrative tools -> computer management -> shared folders....The thing is that I tried to connect to a computer that has my problem and I got that message ... But in the sessions section it appeared as connected (I mean my computer connected to the problem computer )... Weird , really weird ! :( Quote Link to comment Share on other sites More sharing options...
korgg Posted January 14, 2005 Author Report Share Posted January 14, 2005 I have found it ! Long live GOOGLE.COM ....that computer guy]Hey, just passing through, I just had this problem and I didn't know what it could be:The problem being \\computername is not accessible. and/or your home network gives error 'Access is Denied. Please contact your system administrator.'You may get that error if your LSA\restrictanonymous regkey is set to hexadecimal '1', which would be found atHKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous. I set that to evade the common LSA exploit, but it messed up my home network, so I got a firewall and set it back to 0, now everything's fine again, and working properly.bounce.gifHope that helps another user!byeProbably the hotfix for sasser did this or some worms after that ... Thanks a Lot guys ! ... Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted January 14, 2005 Report Share Posted January 14, 2005 Thanks for posting the solution Korgg! :) Quote Link to comment Share on other sites More sharing options...
korgg Posted January 14, 2005 Author Report Share Posted January 14, 2005 I'm not that egoist ...I just hope it will help somebody else too ...It did a lot of great good to me today :) ... Anyway, if I see that guy around, I'll buy him a beer :D ... Quote Link to comment Share on other sites More sharing options...
korgg Posted January 19, 2005 Author Report Share Posted January 19, 2005 News and updates about how I got my problem ... Sad but true ... W32/Rbot-PN is an IRC backdoor Trojan and network worm.W32/Rbot-PN may spread to remote network shares and computers vulnerable to common exploits. The worm also opens up a backdoor, allowing unauthorised remote access to infected computers via the IRC network, while running in the background as a service process.W32/Rbot-PN copies itself to the Windows system folder and creates the following registry entries to run automatically on log-on:HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Sygate Personal Firewall = "Sygate.exe"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Sygate Personal Firewall= "Sygate.exe"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Sygate Personal Firewall = "Sygate.exe"W32/Rbot-PN also attempts to set the following registry entries:HKLM\SOFTWARE\Microsoft\Ole\EnableDCOM = "N"HKLM\SYSTEM\ControlSet001\Control\Lsa\restrictanonymous = 1HKLM\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous = 1W32/Rbot-PN can receive commands from a remote intruder to delete network shares, log keypresses, participate in DDoS attacks, scan other computers for vulnerabilities, steal passwords, steal registration keys for computer games, create local administratoraccounts and capture video from webcameras attached to the computer. More info at www.sophos.com Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted January 19, 2005 Report Share Posted January 19, 2005 Thanks for the additional resolution info Korgg! :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.