Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Should I be worried about this Norton log?


  • Please log in to reply
6 replies to this topic

#1 Enterprise256

Enterprise256

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 08 March 2015 - 10:27 AM

67d0a051_1.PNG

 

3c737131_2.PNG

I'm away from the system at this time.



BC AdBot (Login to Remove)

 


m

#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:10:48 PM

Posted 08 March 2015 - 12:34 PM

The Teredo Tunneling Pseudo-Interface is a driver used to encapsulate IPv6 packets into IPv4 ones so they can be communicated throught the network. That adapter is mostly never used and often shown as "in error" in the Device Manager, but it doesn't really matter. As long as your network isn't fully configured to support IPv6, it shouldn't have a reason to be used except for specific purposes. Also, it seems that the target Norton-related, since BHDRVX64 is a Norton related service/driver.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Enterprise256

Enterprise256
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 08 March 2015 - 12:51 PM

The Teredo Tunneling Pseudo-Interface is a driver used to encapsulate IPv6 packets into IPv4 ones so they can be communicated throught the network. That adapter is mostly never used and often shown as "in error" in the Device Manager, but it doesn't really matter. As long as your network isn't fully configured to support IPv6, it shouldn't have a reason to be used except for specific purposes. Also, it seems that the target Norton-related, since BHDRVX64 is a Norton related service/driver.

I have all the IPv6 routing on one of the routers disabled.

 

Atleast I think I have.

 

EDIT: Our ISP does not support IPv6


Edited by Enterprise256, 08 March 2015 - 12:51 PM.


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:10:48 PM

Posted 09 March 2015 - 08:30 PM

The last part of the IPv6 address isn't correct, there should be no "%" in it, so I cannot look it up to see if it's legitimate or not. What you could do is to disable the Teredo Tunneling Pseudo-Adapter and see if you keep on getting warning messages like these.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:09:18 AM

Posted 12 March 2015 - 11:54 AM

Second screen shot is the error message related to Norton product's Norton Product Tamper protection, which is used to secure files, registry,thread and process related to Norton from external access, regardless of actor's intension.
The teredo adapter may be created by some software/tools you have installed. There is nothing wrong in that.
Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#6 Enterprise256

Enterprise256
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 14 March 2015 - 11:01 AM

The last part of the IPv6 address isn't correct, there should be no "%" in it, so I cannot look it up to see if it's legitimate or not. What you could do is to disable the Teredo Tunneling Pseudo-Adapter and see if you keep on getting warning messages like these.

How do I disable and is there anything negative about disabling it?



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:10:48 PM

Posted 14 March 2015 - 11:33 AM

Unless you use a IPv6 on your network, there's nothing to worry about disabling it. To disable it, simply go in your Device Manager, and under the Network Adapter, find the device, right-click on it and select Disable and it'll do it.

mYEYEX7.pngDevice Manager
Follow the instructions below for your version of Windows to open the Device Manager;
  • On Windows XP, right-click on My Computer, then go to the Hardware tab and click on Device Manager;
  • On Windows Vista and Windows 7, open the Windows Start Menu, right-click on Computer and select Properties;
  • On Windows 8, bring your cursor in the bottom-left corner of the screen, wait for the metro preview to show then right-click on it and select Device Manager;
  • On Windows 8.1, right-click on the Windows logo in the bottom-left corner of the screen and select Device Manager;
  • From the System window, click on Device Manager in the left pane;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users