Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IP Addresses and Malware


  • Please log in to reply
3 replies to this topic

#1 Hayley J.

Hayley J.

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:09:25 AM

Posted 06 October 2008 - 05:18 PM

Hello,

I have been working with someone in the Malware forum, but he suggested I check with someone in Networking on this. Since installing ZoneAlarm firewall, I have had over a hundred instances of the same IP address trying to connect to my computer. I have also recently been infected with the Zlob trojan, which I am in the process of removing. The IP address attempting to connect is 192.168.1.107. I ran an IP configuration, which is as follows. Is this anything to worry about? Please let me know. Thank you in advance for your help!

These are the results of the IP configuration:
Microsoft® Windows DOS
©Copyright Microsoft Corp 1990-2001.

C:\DOCUME~1\STUDENT>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : WLU-2584B03C82E
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Peer-Peer
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cavalierbroadband.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Cont
roller
Physical Address. . . . . . . . . : 00-0F-1F-1C-B6-B2

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : cavalierbroadband.com
Description . . . . . . . . . . . : Dell Wireless 1450 Dual Band WLAN Mi
ni-PCI Card
Physical Address. . . . . . . . . : 00-90-96-B4-20-63
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 208.254.204.18
208.254.204.17
Lease Obtained. . . . . . . . . . : Sunday, October 05, 2008 15:22:57
Lease Expires . . . . . . . . . . : Monday, October 06, 2008 15:22:57

BC AdBot (Login to Remove)

 


#2 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:25 PM

Posted 07 October 2008 - 04:23 AM

The IP address 192.168.1.107 is not an actual address on the internet. That's part of the security a NET router provides - using NAT your IP address is specific to your local network - only the router actually sees your "real" internet address.

Hope this helps in someway.

E-Mu
~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"


#3 i am not known

i am not known

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 07 October 2008 - 04:57 AM

is it possible that the malware is not gone

the reason it would only start poping up when zone alarm was installed is normal fire wall was not picking it up
have you got utorrent or a peer to peer programmee

Edited by i am not known, 07 October 2008 - 05:00 AM.

I hear a boy only has a certain amount of tears one day the pain and dissapointment happen so often the pain dissapers and the boy becomes a man

#4 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:25 PM

Posted 07 October 2008 - 05:10 AM

I have also recently been infected with the Zlob trojan, which I am in the process of removing.


~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users