Hello i have a Linksys router WRT54G. I went into the router's configuration then to the admin and looked at the logs. I found 65.55.158.81 1117 65.55.158.81 1036 65.55.158.81 1039 65.55.158.81 1060 I did a who is on those ip addresses http://ws.arin.net/whois/ And it shows that its from Microsoft. What is going on? What are they trying to do? Keyboard not detected. Hit F1 to Continue. BREAKFAST.SYS HALTED Cerial port not Responding!!

As a newbie to the rarefied atmospherics of finding bugs and other strange happenings within XP Pro...can someone tell me if I am in the right forum? The problem is a unsolicited 'file' download from the net that occurrs every time I 'switch on'(over last 2 weeks). The incoming file size is around 20mb and the data sent in response is around 600kb. I want to know where it is coming from, where it is residing in my PC and how to stop it. If I shut the PC down during the download a 'box'informs me that Data from Real Networks will be lost if I terminate now. I am running PC-Cilin 2008. Please someone put me out of my misery?

XPlode, you need to post your own thread. For this issue, start with the Networking or Security Forum. NOT both. Life's more painless for the brainless.

Here are more logs as of today. Computer is a little slow. I went away for the weekend and came back and found this. in my router logs WRT54G. Source IP Destination Port Number 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 192.168.1.254 137 192.168.1.254 www 68.142.233.76 1110 68.142.233.74 1089 68.142.233.74 1054 68.142.233.76 1080 192.168.1.254 137 192.168.1.254 www 68.142.233.76 1067 192.168.1.254 137 192.168.1.254 www 68.142.233.76 1066 192.168.1.254 137 192.168.1.254 www 68.142.233.74 1052 192.168.1.254 137 192.168.1.254 www Keyboard not detected. Hit F1 to Continue. BREAKFAST.SYS HALTED Cerial port not Responding!!

192.168.1.254 will be your internal ip address. Because it is the last available in the ip address range it looks like a static ip address could be assigned. Port 137 is netbios which is needed for your pc to communicate over a LAN. Although strictly not a necessary process I believe it is a necassary process to communicate with the gateway / router to connect to a WAN or internet also. 68.142.233.74 68.142.233.76 Neighborhood Host : stun2a.voice.re2.yahoo.com Country : United States It looks like yahoo is doing something of its own accord in the background. I wouldn't worry about it too much although I prefer to control what has access to the net, so for me, I would disable yahoo from startup in msconfig and just start it manually when I need it. Here are two ip lookup sites: http://ip-lookup.net/index.php http://ws.arin.net/whois/ Here are two port description sites if you want to research what port is being used and why (the second link lists exploited ports and offending processes. Keep in mind legitimate processes will use these ports also): http://www.donkboy.com/html/ports2.htm http://www.iss.net/security_center/...

65.55.158.81 is one of Microsoft's Teredeo servers. Teredeo (see Teredo tunneling) is used to access IPv6 addresses behind an IPv4 NAT router.

Why is Microsoft hacking? When i went away for the weekend i signed on my laptop with yahoo with different ID than my desktop yahoo ID. My yahoo at home never went idle. Noone was at my house either to be useing the computer. It seems something was makeing my computer active and yahoo thought there was activity when there wasn't. Keyboard not detected. Hit F1 to Continue. BREAKFAST.SYS HALTED Cerial port not Responding!!