Ad Astra

Volunteer Security Advisor
  • Content Count

    874
  • Joined

  • Last visited

Everything posted by Ad Astra

  1. Hi Could you compare the Firewall settings on the PC and Laptop and see if any of these are different: Select Settings > Firewall > Network rules then click System-Wide rules then select low-level rules Is Block IGMP the same on both laptop and PC? Select Settings > Firewall > Network rules then click ICMP settings. Are "Echo Reply", "Echo Request", "Router Solication" settings the same on both laptop and PC?
  2. Hi In addition to Vistor's reply in the log file there is single port scan from 192.168.3.1 Some thoughts on this. 192.168.3.1 is a NAT address, typically a router. Are you using a router to connect to the Internet such a wireless broadband router? Port scanning is not strictly an attack but could indicate something quering to determine potential vulnerabilities by looking for open ports. I used to get similar messages from my router, this turned out to be a setting on the router, it had forward management information set on so the router was trying to find some service on the PC to send its log information to. I turned off the forward log information on the router and this type of message stopped appearing in the firewall log.
  3. Hi Some malware items detect HijackThis and stop it from running. Please try the following 1) Rename the hijackthis.exe file e.g. to myhjt.exe and try running this. 2) If it will still not run please post in the "Help with Stubborn Infections - HijackThis Logs go here " forum and explain that HijackThis will not run. The experts will be able to recommend some alternative tools to try.
  4. Hi Richard Did you manage to sort out your file association problem?
  5. Hi, The "Suspend Protection" you describe will turn off all the firewall protection. You mention that the computer crashes with the large file, does the system give a blue screen? If so can you capture the stop code displayed on the blue screen? Also have a look in the event log for a time when the system crashed, on XP open Control Panel (if in Category view select Performance and maintenance first) then select Administrative tools then select the Event viewer icon. When Event viewer opens select the system category in the left-hand panel and scroll down the right-hand panel for a time when the crash occured. Open any error messages, do they give any indication of what component was failing?
  6. What Firewall settings is it running? Right mouse click on the blue shield icon in the system tray select firewall policy, make sure it is set to rules wizard. It will look similiar to this:
  7. For help on adding your license key take a look at this post: http://www.lavasoftsupport.com/index.php?s...st&p=100899
  8. Hi, You can just need to add your license key to the trial version any time during the 30 day trial period to register your product. The software is identical in functionality. We are just helpers on the forums so if there are any issues using the license key on the 64-bit version you will need to contact Lavasoft support direct via: http://lavasoft.com/support/supportcenter/ Worth running the trial version on your 64-bit system and try adding your license key.
  9. Hi Yes, 32 and 64-bit is significant, just download the appropriate version from http://lavasoft.com/products/lavasoft_personal_firewall.php Use the 64-bit download for your 64-bit system.
  10. Hi How did you get on switching over to the Windows firewall? Alas the Miro log does not help much other than showing time outs which could be blocking via a Firewall. If you are still running the LS Personal Firewall try using Miro again, then double click on the blue shield icon in the system tray then under Event Viewer select Firewall, do you see any blcoked activity that looks like the sites Miro is trying to reach?
  11. I can not find reference to what the gray shield means in the LS Personal Firewall manual. Are you able to right mouse click on the shield icon and select disable? e.g. select 5 minutes option. If so turn can you turn on the Windows Firewall?, if yes can you access the web now? Turn off the Windows Firewall before the 5 minutes period is reached.
  12. I can not find reference to what the gray shield means in the LS Personal Firewall manual. Are you able to right mouse click on the shield icon and select disable? e.g. select 5 minutes option. If so turn can you turn on the Windows Firewall?, if yes can you access the web now? Turn off the Windows Firewall before the 5 minutes period is reached.
  13. Hi Could you try the following please. Right mouse click the blue shield icon in the system tray and select settings. In settings select application rules on the right-hand side window scroll down to your Micro Internet TV entry. Click on the network option to open the modify rules window, select the general tab then select the "allow all activity" Click on the OK button to close the windows and retry Micro Internet TV. Does this rule change allow it to work?
  14. Hi Having two firewalls causes complex problems as they are actively blocking each other. Can you try the following: 1) Check you have the LS Personal Firewall license key ready 2) Disconnect from the Internet (e.g. power down the modem) 3) Deinstall LS Personal Firewall 4) Reboot the PC 5) Open Security Centre and ensure Windows Firewall is turned off 6) Reinstall LS Personal Firewall (do not select check for updates during install) 7) Reboot the PC, if blue shiled is showing, reconnect the modem and check for updates in LS Personal Firewall Post back how you get on.
  15. Hi I have not heard of that error before. If you haven't followed GoddersUK tip then please follow thier advice to get official Lavasoft support. My best guess is that there is more than one firewall running at the same time. Which version of Windows are you running? If Windows Vista open the Control Panel and open the Security Centre. Click the drop down arrow against the firewall settings. Report back what information this displays. If you are running XP let me know as I do not have XP to test with so will have to look up the XP equivalent of this setting.
  16. Hi Please check under General Settings and ensure Product startup mode is set to Normal. If it is set to background change it to Normal.
  17. Hi, It should be possible to reset the file extensions back to their defaults but it may take several stages. As you are having problems opening the files from Doug Knox's page please download the zip folder association fix first. It is the last item on this page: http://www.dougknox.com/xp/file_assoc.htm Once downloaded double click the file and answer yes to the import prompt. This will correct the Zip file association. Now try to open the other file association zip files. Can you open them OK now?
  18. Hi Sounds like a technical issue. Please contact the Support center for technical assistance: http://lavasoft.com/support/supportcenter/ p.s. Casey, Lauri S mentions they are on Vista rather than XP.
  19. Hi Yes, the messages are incoming port scans being blocked so it suggests something outside of the laptop rather than something already on the laptop. Definitely worth running an Antivrius scan etc on XP system. Does the XP system also connect via a wireless connection to the router? If the XP system comes up clean on an Antivirus scan then maybe something is trying to gain access though the wireless router. Do you know if you have setup this up to be hidden from general view?
  20. Hi 192.168 does sound like a NAT address from a router. Which model of router do you have? How do you access the Internet from the Vista laptop? E.g. do you go direct via your router or do you use the XP desktop as a proxy or shared internet connection system? Have you also tried running an Antivirus / Antispyware program on the XP desktop system?
  21. Hi, sounds like you are on the right track. Have you managed to load your license key OK now? When the trial version starts it will display a window like Press the Enter Key button and a window like this will appear From your registration email copy the full license key, all five lines exactly as it appears. Then in the Lavasoft personal firewall Enter Key window press the Paste button followed by the OK button.
  22. Hi Looks like we will have to boot the Recovery Console and create a new boot option. This is well documented on the Microsoft web site. You will need an XP installation CD. If you do not have a copy try borrowing one as we only need to boot from the CD. Then follow the instructions on this Microsoft page under the resolution section: http://support.microsoft.com/kb/330184 The bootcfg /rebuild part will add a new boot option to the boot menu so the next time you boot you will see a menu asking which operating system to boot, just select the new one just created and then it should boot OK.
  23. Hi Try booting and when it asks for the userid and password use Administrator for the userid and leave the password field blank. Does this allow you to log on?
  24. Hi Stop codes occur when Windows reaches a state that it is not able to contiue. The first 8-digit number identifies the reason, the other numbers in brackets are specific to the actual PC. A list of these stop code can be found on the Microsoft developers site: http://msdn2.microsoft.com/en-us/library/ms841534.aspx They are usually hardware related but viruses can also cause stop code. Please post the logs from Blacklight and HijackThis: Download Blacklight from http://www.f-secure.com/security_center/ Use the link under the downloads section. Save to a folder on your hard disk. Close all running applications then doubleclick on fsbl.exe to run Blacklight Check "I accept" button and click "Next" button Click "Scan" button When scan finishes do not remove anything in the event Blacklight detects anything, just post the log file. The log file is named: fsbl.xxxxxxx.log (the xxxxxxx stand for numbers showing date) and is located in the same folder you saved fsbl.exe to. Double click on the log file to open in Notepad and post the contents please. Also post the log file from running HijackThis. Details can be found here: http://www.lavasoftsupport.com/index.php?showtopic=13639 but post the log in reply to this thread along with the Blacklight log. Many thanks