Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
General Security
Go to first new post Security -Expert installed multiple remo ...
Go to first new post Solved: not sure?about site
Go to first new post Computer security, may have been hacked ...
Go to first new post Account Maintenance/Upgrade
Tag Cloud
access acer asus bios bsod computer crash desktop dns driver drivers error ethernet excel freeze gaming graphics hard drive hardware hdmi internet laptop malware memory monitor motherboard network printer problem ram registry repair router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > General Security >
Lewitt

Reply  
Thread Tools
Lewitt's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Sep 2008
Location: Tacoma, WA
Experience: Intermediate/Advanced
02-Sep-2008, 12:50 PM #1
Lewitt
I recently upgraded to Service Pack 3 and two days later I had an infection called Vundo.gen!R. (It's gone now). I think that Service Pack 3 disabled my Windows Firewall and put it on some kind of group policy. I struggled with it for three days and could not enable the firewall. I left it disabled and installed Sygate and it seems to be doing the job.
I am still learning all the features of Sygate and I have a question about one of these features called Back Trace. I used the 'whois' directory on a blocked item and found out it is coming from an organization called "Internet Assigned Numbers Authority" in Marina Del Rey, CA.
It tried 20 times to access my computer and was blocked by Sygate every time.
In some instances it took several 'hops', which I take to mean it accessed (or tried to) other computers before it got to mine.
Can enyone enlighten me on how to treat this incident? I can download the complete report if you are interested. I haven't checked todays log to see if is still trying to get in.

Thanks, Lewitt
Register for free to hide this ad!
TOGG's Avatar
Distinguished Member with 5,362 posts.
  
Join Date: Apr 2002
Location: Birmingham, England
02-Sep-2008, 04:09 PM #2
Have a look at this; http://www.iana.org/abuse/ The fact that these attempts are being blocked by your firewall is a good thing but there could be something else going on.

If you want to go into this further, head over to the 'Malware Removal and HJT Logs' Forum and follow the instructions on downloading HijackThis and posting a log If you do that, it would be a good idea to use the 'Report' feature and ask a Moderator to transfer this thread to Malware Removal in case your trojan has left some nasty surprises behind.

You should also be aware that they are very busy over there and it could be some time before you receive a response.
__________________
Nothing matters very much, and few things matter at all.

Lord Balfour 1848-1930
Lewitt's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Sep 2008
Location: Tacoma, WA
Experience: Intermediate/Advanced
02-Sep-2008, 07:50 PM #3
Reply on Back Trace appreciated
Thanks Togg,
I read the item on iana.abuse, and found it interesting. I have
Malware's program on board and I'll run a scan to see if anything is getting through.
Believe me I will keep a close watch on this since IANA claims it isn't coming from them. I have a stand alone computer, not connected to anything but the net, so it can't be coming from something on my network.
Thanks again, and if I find out anything I will certainly post it for all to see.

Lewitt
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | General Security | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 08:55 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.