Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Ms Asn1 Integer Overflow Tcp" Against Your Machine Was...

  • Please log in to reply
1 reply to this topic

#1 moscatomg1


  • Members
  • 8 posts
  • Local time:12:26 PM

Posted 19 January 2008 - 01:52 PM

I'm attaching the hijack this log. Below is a description of the problem.

Attempted Intrusion "MS ASN1 Integer Overflow TCP" against your machine was detected and blocked.
Risk Level: High.
Protocol: TCP.
Attacked Port: microsoft-ds(445).

I've repeatedly been getting this message from Norton for the last several days (each time a different intruder IP address.) I've been doing some scanning and removal with the recommended programs, but the message is still coming up. I've read a bit about this online from various sources. Supposedly Microsoft has updates for this, but none listed for my version (XP Service Pack 2). Also, for this specific event Norton doesn't allow me to take any further detailed actions so I can't even toggle just the warning off, which is popping up frequently. Lastly, someone recommended on one site to just turn on the windows internet firewall and shut off completely the Norton internet worm protection (I'm not too excited about doing that--but is that really the best and easiest solution?) Thanks for any help!

Attached Files

BC AdBot (Login to Remove)


#2 Grinler


    Lawrence Abrams

  • Admin
  • 43,659 posts
  • Gender:Male
  • Location:USA
  • Local time:11:26 AM

Posted 04 February 2008 - 11:41 AM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users