missing dll file

[YARDofSTUF]

ok i was on icq explorer and lime wire with no firewall and i loaded PSP and it was missing a dll file it said then icq had a problem and closed then explorer and i had to reboot and now directcd has a problem LOL i have ZA up now but how do i find out whats missing?

[YARDofSTUF]

a wille? i dunno but i got about 3 IPs that hit me 13 times right after installing ZA pro

[YARDofSTUF]

Ok i'll try to make sense this time lol


Never had zone alarm installed

limewire is a file sharing program using the GNUtella network and users can CLEARLY see IPs. I closed a few connections of peeps dling from me cuz i wasnted to send banshee a file and that was hogging most of my upload so i may have pissed some one off, and i know i had 2 ports open on my comp.

PSP and MS paint had the same error missing a .dll file but the characters infront of the .dll are illegible(sp)it made me close it(on teh error msg it had the "colse" button)

IE crahsed when loading the windows update page and FTP sites, mentioned an error and then said i am not privaleged to access something... pls contact ur administrator.

i rebooted and after rebooting, during startup windows said direct CD cause a something in kernel32, same with icq.

I run inoculateIT fully updated, do not have a trojan or worm finder/scanner

Zone Alarm came into play after i got the errors and had to reboot i thought of teh possibility that someone from limewire could be on, jesse23 mentioned if someone was on my system it would be slow or get a promt for somethign, didnt get any promts but it was slow.

I play with the registery now and then, made no registery changes recently though.

no new programs installed

I use adware, have none now.

[YARDofSTUF]

heres my entire ZAP log file with my IP edited:

type,date,time,source,destination,transport
FWIN,2001/08/03,05:04:35 -7:00 GMT,210.253.166.10:41948,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:04:39 -7:00 GMT,210.253.166.10:41948,EDIT:6346,TCP (flags:S)
PE,2001/08/03,05:05:32 -7:00 GMT,mIRC,0.0.0.0:0,N/A
FWIN,2001/08/03,05:06:18 -7:00 GMT,210.50.74.137:2995,EDIT:12345,TCP (flags:S)
FWIN,2001/08/03,05:06:18 -7:00 GMT,210.50.74.137:2996,EDIT:12345,TCP (flags:S)
FWIN,2001/08/03,05:06:18 -7:00 GMT,210.50.74.137:2997,EDIT:12345,TCP (flags:S)
FWIN,2001/08/03,05:07:22 -7:00 GMT,24.6.12.188:4705,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:20:50 -7:00 GMT,24.6.12.188:4801,EDIT:6346,TCP (flags:S)
PE,2001/08/03,05:21:03 -7:00 GMT,AOL Instant Messenger (SM),24.2.144.33:53,N/A
PE,2001/08/03,05:21:21 -7:00 GMT,ZoneAlarm Pro,24.2.144.33:53,N/A
FWIN,2001/08/03,05:21:39 -7:00 GMT,212.244.27.177:62579,EDIT:6346,TCP (flags:S)
PE,2001/08/03,05:22:16 -7:00 GMT,Windows Explorer,127.0.0.1:1042,N/A
FWIN,2001/08/03,05:24:18 -7:00 GMT,212.56.122.14:4113,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:28:59 -7:00 GMT,24.219.136.190:1170,EDIT:27015,UDP
FWIN,2001/08/03,05:31:24 -7:00 GMT,64.60.52.130:2559,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:38:43 -7:00 GMT,172.144.185.2:1913,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:47:31 -7:00 GMT,64.60.52.130:2303,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:47:43 -7:00 GMT,172.137.206.83:3199,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:48:15 -7:00 GMT,213.76.128.199:63172,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,05:58:53 -7:00 GMT,62.54.15.81:2665,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:07:58 -7:00 GMT,172.149.98.252:1599,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:08:32 -7:00 GMT,206.132.188.145:19015,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:11:16 -7:00 GMT,172.171.154.168:4440,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:16:28 -7:00 GMT,64.60.52.130:2878,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:26:24 -7:00 GMT,62.11.125.21:1880,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:27:13 -7:00 GMT,61.217.209.37:2610,EDIT:27015,UDP
FWIN,2001/08/03,06:38:21 -7:00 GMT,209.140.175.69:1525,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:40:37 -7:00 GMT,131.95.135.183:3168,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:45:05 -7:00 GMT,62.254.9.188:1047,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:45:50 -7:00 GMT,213.77.174.239:62326,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:46:56 -7:00 GMT,172.133.212.44:1308,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:47:59 -7:00 GMT,64.60.52.130:1213,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:51:23 -7:00 GMT,209.86.3.239:2224,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:53:02 -7:00 GMT,213.76.137.130:62613,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,06:55:12 -7:00 GMT,213.76.137.130:62851,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:03:50 -7:00 GMT,64.60.52.130:4579,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:03:50 -7:00 GMT,151.189.140.150:2286,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:12:34 -7:00 GMT,209.55.2.130:64208,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:17:08 -7:00 GMT,172.149.58.143:1905,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:17:38 -7:00 GMT,216.77.201.53:3311,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:17:46 -7:00 GMT,213.149.32.71:16737,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:29:17 -7:00 GMT,193.146.189.1:1164,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,07:29:37 -7:00 GMT,24.79.112.174:0,EDIT:0,ICMP (type:8/subtype:0)
FWIN,2001/08/03,07:32:22 -7:00 GMT,172.171.154.168:3734,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:32:40 -7:00 GMT,24.0.0.203:33864,EDIT:119,TCP (flags:S)
FWIN,2001/08/03,07:32:40 -7:00 GMT,24.0.0.203:34527,EDIT:119,TCP (flags:S)
FWIN,2001/08/03,07:34:38 -7:00 GMT,172.178.39.252:1991,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:35:28 -7:00 GMT,208.216.85.222:2827,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:41:11 -7:00 GMT,64.60.52.130:4435,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:56:27 -7:00 GMT,24.26.69.109:1267,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,07:59:31 -7:00 GMT,210.165.104.235:50589,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,08:03:55 -7:00 GMT,131.159.4.216:48562,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,08:11:51 -7:00 GMT,64.8.32.13:1107,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,08:18:36 -7:00 GMT,164.164.87.35:2490,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,08:30:02 -7:00 GMT,66.95.26.37:1872,EDIT:515,TCP (flags:S)
FWIN,2001/08/03,08:45:06 -7:00 GMT,193.252.44.158:62216,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,09:32:22 -7:00 GMT,211.225.219.147:2464,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,10:19:32 -7:00 GMT,61.217.212.233:2591,EDIT:27015,UDP
FWIN,2001/08/03,10:26:58 -7:00 GMT,24.2.81.35:4783,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,10:54:10 -7:00 GMT,217.224.214.136:1669,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,11:28:26 -7:00 GMT,216.147.133.3:4524,EDIT:111,TCP (flags:S)
FWIN,2001/08/03,11:33:17 -7:00 GMT,193.217.180.59:1532,EDIT:1243,TCP (flags:S)
FWIN,2001/08/03,11:33:17 -7:00 GMT,193.217.180.59:1535,EDIT:27374,TCP (flags:S)
FWIN,2001/08/03,12:16:28 -7:00 GMT,24.0.0.203:42824,EDIT:119,TCP (flags:S)
FWIN,2001/08/03,12:16:29 -7:00 GMT,24.0.0.203:43971,EDIT:119,TCP (flags:S)
FWIN,2001/08/03,13:21:30 -7:00 GMT,212.161.41.138:1035,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,13:58:22 -7:00 GMT,211.57.56.40:2351,EDIT:80,TCP (flags:S)
PE,2001/08/03,15:38:49 -7:00 GMT,Windows Explorer,127.0.0.1:1025,N/A
PE,2001/08/03,15:39:05 -7:00 GMT,ZoneAlarm Pro,24.2.144.33:53,N/A
PE,2001/08/03,15:41:30 -7:00 GMT,AOL Instant Messenger (SM),24.2.144.33:53,N/A
FWIN,2001/08/03,15:44:31 -7:00 GMT,24.23.70.27:1655,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,15:47:00 -7:00 GMT,24.15.1.67:65108,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,15:48:59 -7:00 GMT,24.232.50.85:3477,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,16:02:52 -7:00 GMT,24.49.197.250:3295,EDIT:80,TCP (flags:S)
FWIN,2001/08/03,16:03:35 -7:00 GMT,64.60.52.130:3018,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,16:41:28 -7:00 GMT,210.91.32.8:3565,EDIT:80,TCP (flags:S)
PE,2001/08/03,16:49:11 -7:00 GMT,Outlook Express,24.2.144.33:53,N/A
FWIN,2001/08/03,17:27:36 -7:00 GMT,140.160.236.80:1077,EDIT:6346,TCP (flags:S)
FWIN,2001/08/03,17:27:45 -7:00 GMT,24.0.0.203:61756,EDIT:119,TCP (flags:S)
FWIN,2001/08/03,17:27:46 -7:00 GMT,24.0.0.203:62505,EDIT:119,TCP (flags:S)


also nothign going out from netstat live and the programs in ZAP are just IE, AIM, Windows explorer, netstat, outlook, and IRC

[greEd]

phew .... quite a mess ya got there

go
here
and check all the ports that were accessed

[YARDofSTUF]

ok i found these on that page:

119/tcp # Network News Transfer Protocol

80/tcp # World Wide Web HTTP

111/tcp # portmapper, rpcbind

1243/tcp # Sub Seven Trojan Horse

515/tcp # spooler (lpd)


a few prots werent listed on that site though, so does this mean i have the sub7 on me and or a partmapper or is that an ok thing lol

[Jesse23]

111/tcp # portmapper, rpcbind

1243/tcp # Sub Seven Trojan Horse


Well lets see
Slow down, file sharing, missing dll's out of nowhere, no firewall, pissed guy off on limewire, and 2 open ports...
you do the math .

[YARDofSTUF]

Update wordpad doesnt work either lol

[Jesse23]

hmm either yer comp is falling apart,
how high fsb?
HD corruption...
Vrus..

[YARDofSTUF]

scanned for trojans, nothing found active or on my system

[SannieRose]

Reboot into DOS, type scanreg/restore at C:> prompt and restore registry to day before you started having problems. See if that helps.

[YARDofSTUF]

nope didnt help, problem is i'm missing the files

[SannieRose]

YARDofSTUF, go to warez site I included in other post to TRILLAZ. Look for Easy Recovery Professional. Use it to recover your missing files. Hope that helps.

[YARDofSTUF]

sannie good idea i actually have that proggie now, bah why didnt i think of that? thanks i'll see if it works!

[YARDofSTUF]

no luck

[YARDofSTUF]

poop, anymore ideas?