Re: attacks on port 11768?

Author	All Replies
GoodSamaritan @nextelpartners.com	reply to jamesv Re: attacks on port 11768? Just found an infected PC on our internal network trying to get out to random Internet IP addresses on port 11768 and being blocked by our firewall. Infected PC (Win2k) had all the critical MS updates installed and up-to-date virus definitions (McAfee). McAfee reported it as generic.backdoor.d trojan - the offending program was called ltht.exe but was not cleaned by McAfee or Stinger. Had to be manually cleaned.
	to forum · permalink · 2005-01-07 15:43:15 ·

atangel Now What?? Premium join:2002-02-18 Bronx, NY	Did you submit it to malware vendors? If not, do you have a copy of it still that you can submit? The information and e-mail link is located in here: »Security »I think my computer is infected or hijacked. What should I do? under "To Submit Suspected Malware:"
	to forum · permalink · 2005-01-07 15:54:41 ·
jamesv Premium join:2003-03-08 Austin, TX	reply to GoodSamaritan Yes it's well worth your time to submit the binary to all of the AV vendors: you don't want these probes showing up on your WAN port in a week or two... I wonder what it was trying to talk to on 11768?
	to forum · permalink · 2005-01-07 16:19:53 ·
starreem Premium join:2000-12-22 Raleigh, NC Reviews: ·Earthlink Cable .. ·EarthLink	Anyone understand polish? »www.di.com.pl/n/?lp=8563 It's recent (sort of-Dec 29) and I gather the word backdoor trojan is in one paragraph. -- From the Depths of Lurk
	to forum · permalink · 2005-01-07 17:41:53 ·

Broadband Tech > Security > Security > attacks on port 11768?