| Home | Forums | Reviews | Articles | Register |
 |
| Thread Tools | Rate Thread |
|
Guest
Posts: n/a
|
This morning when start my computer and after the anti-virus (avg) finish he
found "trojan horse downloader.generic5.ao" as been bloqued and deleted. Now my firewall (Zonealarm) alerts me "application layer gateway service wantes to connect to IP 192.168.2  ort 4095" this can be a fake program as well butwindows defender, spyboot,avg and aol spyware protection don't found nathing. Is this a fake or real and i shud let act as server? Any help thanks |
|
|
|
|||
|
|
| |
|
Guest
Posts: n/a
|
Are you running more than one firewall? The application layer gateway
service is normally related to the Windows firewall. If you are running both the Windows firewall and Zone Alarm, you might see such an alert. The address it is connecting to is on your network--not across the Internet. OTOH, this worm: http://www.anti-virus-anti-spam.com/...s/rinbotan.htm opens port 4095--and port 4095 has a variety of legitimate uses, as well. I tried to spot this critter at Microsoft's new Security portal, and can't be certain I've got the right match--virus names are not standardized, and this is a significant issue with families with lots of members, as this one seems to be--but here's what may be related that I found: http://www.microsoft.com/security/po...Id=-2147415008 Many variants of this family are removed by the Malicious Software Removal tool, which I suspect you have been running as part of the monthly security updates from Microsoft. So--I can't be sure. This may be normal traffic. I think to be sure, I'd run some other antivirus app besides those you have already run. An online scan from any of the antivirus vendors, or http://safety.live.com would be a good thing to do just for peace of mind. -- "monteiro" <(E-Mail Removed)> wrote in message news:59BB0C3D-7D98-4083-BEFA-(E-Mail Removed)... > This morning when start my computer and after the anti-virus (avg) finish > he > found "trojan horse downloader.generic5.ao" as been bloqued and deleted. > Now > my firewall (Zonealarm) alerts me "application layer gateway service > wantes > to connect to IP 192.168.2 ort 4095" this can be a fake program as well> but > windows defender, spyboot,avg and aol spyware protection don't found > nathing. > Is this a fake or real and i shud let act as server? Any help thanks |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
| Rate This Thread | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Re: Use this important VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT | nemo | Microsoft VC .NET | 0 | 3rd Nov 2003 09:34 PM |
| Re: See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT | nemo | Microsoft Dot NET Framework | 0 | 12th Oct 2003 01:29 PM |
| Re: See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT | nemo | Microsoft Outlook Contacts | 0 | 12th Oct 2003 01:29 PM |
| Re: See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT | nemo | Windows XP Print / Fax | 0 | 12th Oct 2003 01:29 PM |
| Re: See update - VIRUS ALERT - VIRUS ALERT - W32.Swen.A@mm Worm - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT - VIRUS ALERT | nemo | Windows XP Photos | 0 | 12th Oct 2003 01:29 PM |
