* Home Help Search Login Register  

Welcome, Guest. Please login or register.
March 21, 2010, 10:17:52 PM

Login with username, password and session length

373578 Posts
41454 Topics
94200 Members
Latest Member: shchen22

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Learn about Computer Security and Interact with Security Experts
| |-+  Leak Testing/Attacks/Vulnerability Research
| | |-+  Follow on from My last post concerning fireall intrusions(*new info)		 « previous next »
Pages: 1 2 [3] Go Down Print
Author Topic: Follow on from My last post concerning fireall intrusions(*new info)  (Read 6010 times)
eXPerience
Malware Researcher Virus Removal Helper Advanced Tweak Freak Crazy Little Devil
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 6892


Why not ? The choice is yours !
« Reply #30 on: January 20, 2009, 02:25:38 PM »
could you post the hijackthislog in the meantime ?

Xan
Logged
Fake_monkey
Newbie
*
Offline Offline

Posts: 4
« Reply #31 on: January 20, 2009, 02:34:45 PM »
I really don't think this is an real attack, possible a malware but I doubt it since you did so much scanning, as for System I would just set the thing to block both inbound and outbound and NOT LOG.

If you have the time you could do a rootkit scan with RootkitReveler
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

(download link almost at the bottom of the page)

And hijackthis as Xan suggested!
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #32 on: January 20, 2009, 02:46:51 PM »
well ive found access to all the blocked ip.s including contact emails and info location ect.via the dshield webiste
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #33 on: January 20, 2009, 02:48:12 PM »
the program you gave me the link to will not install states..acess denied.
Logged
eXPerience
Malware Researcher Virus Removal Helper Advanced Tweak Freak Crazy Little Devil
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 6892


Why not ? The choice is yours !
« Reply #34 on: January 20, 2009, 02:53:44 PM »
Well, I got it from here http://www.emsisoft.com/en/software/free/

Xan
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #35 on: January 20, 2009, 02:58:09 PM »
Quote from: Fake_monkey on January 20, 2009, 02:34:45 PM
I really don't think this is an real attack, possible a malware but I doubt it since you did so much scanning, as for System I would just set the thing to block both inbound and outbound and NOT LOG.

If you have the time you could do a rootkit scan with RootkitReveler
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

(download link almost at the bottom of the page)

And hijackthis as Xan suggested!

what do you mean by not a real attack...what are the other possibilities?
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #36 on: January 20, 2009, 03:02:05 PM »


the a squared program will not install on my pc...mayb issue with xp sp3

tryin the root kit reavler then thats enuff for 1 nite..

cheers Thumb Up
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #37 on: January 20, 2009, 03:06:15 PM »
could it possibly be incoming requests via utorrent?>>
Logged
commanding the celsius
Product Translator
Comodo's Hero
*****
Offline Offline

Posts: 1401


^^^^
« Reply #38 on: January 21, 2009, 10:52:41 AM »
Quote from: deleon30 on January 20, 2009, 03:06:15 PM
could it possibly be incoming requests via utorrent?>>



Dunno.  Huh
If you notice a exceeding number of "attacks" when you turn on utorrent and get none when you have utorrent off you probably could draw that conclusion.
But Iam no expert in the field!  Cheesy
Logged
deleon30
Comodo Family Member
***
Offline Offline

Posts: 70
« Reply #39 on: January 21, 2009, 11:59:11 AM »
the attacks are consistant.with or without utorrent or even without using my browser.

still unresolved... Sad
Logged
Bad Frogger
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 947
« Reply #40 on: January 21, 2009, 01:39:27 PM »
deleon30,

Did you ever go check the other thread you started?
There are three pages of this, with almost no mention that you are torrenting
while all these "attacks" are happening.

When you shutdown utorrent it can take some time for these connection attempts
to slowdown.
To answer your last question Yes it could all be torrent related, but for some reason
it's like you are resistant to setting up your firewall properly for utorrent.

Later
Logged
CIS    Firefox  NoScript  Please remember to follow The Forum Policy.
eXPerience
Malware Researcher Virus Removal Helper Advanced Tweak Freak Crazy Little Devil
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 6892


Why not ? The choice is yours !
« Reply #41 on: January 21, 2009, 03:37:34 PM »
Could you please give us screenshots of your settings ?

Xan
Logged
Tags:
Pages: 1 2 [3] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.617 seconds with 18 queries.
Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com