Multiple Ports Open

Hi, I am not new to Majorgeeks, I have downloaded from this site for years, I find it very helpful, but I have never posted threads before....I hope someone can help me... my ex-boyfriend set up my home network (which is my desktop computer, and 2 laptop's), was extremely intellegent with all aspects of the computer. He is very familiar with accessing surrounding computer's that were not set up securely. When he set up my network, he did not make it a secure connection, as far as my wireless connection. I have At&t DSL service, an ethernet connection, as well as a wireless connection for my laptop's, when I access the internet, my connection is extremely slow at loading pages, some are worse than others, sometimes they won't even load! I always had the feeling he somehow was able to access my computer. I kept telling him I wanted a secure connection, and he said it couldn't be completely secure because I am networked with my laptops, and assured me that noone could get access to my computer, because it had a "Mac Filter". I keep looking at my processes in spybot, and the task manager, thinking I have alot of processes running, and I tried to disable several of them, and a message pops up saying "access denied, see network administrator", I am the Administrator! And they are not system processes. I don't know what all the processes mean or what they are, all I know is, he Knew, and probably still does know my passwords to everything! I recently ran a program "Local Port Scanner v1.2.2 1997-2001 JPSoft DK" (www.jpsoft.dk), I did a full scan, and it found 11 "TCP Ports" Open, (Ports: 80, 135,443, 445, 1025, 1027, 1028, 1801, 2103, 2105, 2107). Do I need these ports open? And how do I secure my network so hacker's cannot access my files? I have several usernames and files on all my computers that I didn't put on there, and cannot open! It keeps saying the same message, and found several files including "My Documents" in the "Shared File", I have never put anything in the shared file! I know this is alot to ask you're help for, but I have hired a couple different people, that were experienced, to help me with this matter, and they were unsuccessful. I don't have anything that important on my computer, except to me anyways. I also have something called "virtumode" that spybot found, and that file is HUGE! If you have any suggestions for me, I would appreciate it.

Sincerely-"Hi-Jacked"

 

try running these steps first,
http://forums.majorgeeks.com/showthread.php?t=35407
to correct the virtumonde and other problems you probably have, and see how things go. then post back here after you fix the malware problems to get the networking sorted.

 

Thank you for your help, I got your message, and I'm in the process of the instructions you gave me, and it IS a process! Wow, but if it works, it will be worth it. I think 2 of my 3 computer's have that "virtumonde", so I'm going to check all of them, but I will post the logs individually, when I'm done, if thats ok? Thanks again.

Hyde_nSneek

 

just make sure you post your logs in the malware section of the forums.
http://forums.majorgeeks.com/forumdisplay.php?f=35

 

Hi, I am currently in Step 2 of the "Windows XP Cleaning procedure", and I've done everything up to "RootRepeal", when I was extracting it, it asked where to save it, and it was suggesting: "C:\documents and settings\Billie Jo\Desktop\Root Repeal"", and I clicked Browse, and clicked "Desktop", and then "ok", and when it went back to the save screen, it said it again, so I went back and clicked "Desktop" again, and it did it again, so I manually changed it to "C:\Desktop", and then ok. When it was done, it said it was in "C:\documents and settings\desktop", so I sent a shortcut to the desktop from that folder, so I could run it from the desktop, and then double clicked the shortcut, it opened,followed the instuctions in the Cleaning Procedure, and started the scan, and now my screen is frozen, with the scan on the screen, saying "Initializing, please wait....." above the "Stop" button, and at the bottom of the window it says: "Scanning for hidden/locked files..." and it has been like that with no other activity, for about an hour, my mouse is frozen, I can't close or stop the scan, what should I do? Also, all the other scans were successful, SUPERAntiSpyware didn't find anything, Malwarebytes found 3 files to delete and quarantine, I did that, the computer rebooted, and I checked the Quarantine section after it rebooted, the 3 files were still in there, do I delete them from the Quarantine? And I ran ComboFix, and when I was looking at the log after it was done, it said it was running from: "C:\documents and settings \Billie Jo\Desktop\ComboFix.exe", and I am positive I downloaded it to the desktop, so how did it end up in documents and settings? And I did exactly as instructed, in all the procedures, turned off all anti-virus, anti-spyware, but the only thing I forgot was, I didn't turn off the windows firewall before I started any scans, I realized it after I was done with ComboFix, so thats when I turned it off, before unzipping and installing RootRepeal, did that mess everything up? I saved all my logs, but I can't send them to you, because the computer is frozen, I'm sending you this from another computer, should I reboot the computer? I won't do anything to the computer until I hear from you, I don't want to have to go through all of that again. I'll keep checking for your post.
Thanks again.

Hyde_nSneek

 

in windows xp, the desktop is indeed located at C:\Documents and Settings\<username>\desktop
according to the malware removal instructions, if something doesn't go as planned, just move along to the next step (as in, If root repeal is frozen for a long period of time, do what you need to end the program and move along to the next step) When you post your logs in the malware section, also let them know any problems you have. I guess if you cant use task manager to close root repeal, you will probably need to reboot the computer. Hold down the power button for at least 5 seconds, and it should turn off. This method is not recommended, but sometimes it's needed.