Results 1 to 4 of 4

Thread: Strange problem with port 3724

  1. #1
    razzel Guest

    Default Strange problem with port 3724

    I am running a dual boot on my pc.
    1) Boot 1 is used for pc gaming2) Boot 2 is used for work
    The pc is behind a Netgear router. I have ZA Internet Security on Boot 2. Boot 1 does not use any firewall software.
    My son plays a lot of World of Warcraft, using boot 1. Here's the problem. When I use boot 2, ZA registers and blocks connection attempts at port 3724. That is of course a port that is used by World of Warcraft. What I cannot understand is how these connection attempts get through the router. WoW is not installed on boot 2, so there is no software listening f r connections on that port. The router should drop these connection attempts, since my pc never asked for any traffic on port 3724.
    Is the router misconfigured? I don't think so. I have tested boot 2 on grc.com:s "Shields Up!" and similar services and got perfect resultat: my router protects my pc 100 percent (I have to manually open a port in the router to get a reaction from ZA).Any clue?

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:7.0

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Strange problem with port 3724

    What is the address associated with the blocked connection?

    That will explain a lot. Check the ZA logs.

    Oldsod
    Best regards.
    oldsod

  3. #3
    razzel Guest

    Default Re: Strange problem with port 3724

    One adress is from a Chinese Internet Cafe:

    inetnum: 61.174.171.0 - 61.174.171.3
    netname: YUAYO-WEIXING-NETBAR
    country: CN
    descr: Weixing Internet Bar
    descr: NULL
    admin-c: HG99-AP
    tech-c: CN13-AP
    status: ASSIGNED NON-PORTABLE
    changed: auto-dbm@dcb.hz.zj.cn 20040611
    mnt-by: MAINT-CN-CHINANET-ZJ-NB
    source: APNIC

    role: CHINANET-ZJ Ningbo
    address: No.180 Jiefang Road(North),Ningbo,Zhejiang.315010
    country: CN
    phone: +86-574-87278134
    fax-no: +86-574-87362712
    e-mail: anti_spam@mail.nbptt.zj.cn
    trouble: send spam reports to anti_spam@mail.nbptt.zj.cn
    trouble: and abuse reports to anti_spam@mail.nbptt.zj.cn
    trouble: Please include detailed information and times in UTC
    admin-c: CH105-AP
    tech-c: CH105-AP
    nic-hdl: CN13-AP
    mnt-by: MAINT-CHINANET-ZJ
    changed: master@dcb.hz.zj.cn 20031204
    source: APNIC

    person: Hongwei Gao
    nic-hdl: HG99-AP
    e-mail: anti_spam@mail.nbptt.zj.cn
    address: No.460 West Yangming Road,Yuyao City.
    phone: +86-574-63159646
    country: CN
    changed: auto-dbm@dcb.hz.zj.cn 20040610
    mnt-by: MAINT-CN-CHINANET-ZJ-NB
    source: APNIC

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Strange problem with port 3724

    Does the WOW run silently somehow and call out?

    Main concern is if this is a reply to call from the PC. If not the game itself , then maybe there is malware (trojan or rootkit being active).

    Block off the WOW from the first partition in the ZA Program Control of the second partition.

    Actually block off the site in the Zones of the Firewall or in the router itself or both.

    Do some checking for trojans...

    Online scans using the IE since they will require ActiveX...

    http://www.ewido.net/en/onlinescan/

    http://www.bitdefender.com/scan8/ie.html

    Downloadable freeware...


    http://www.superantispyware.com/

    http://www.emsisoft.com/en/software/free/

    If anything was found anything, then immediately do these next steps..

    Next run HJT and Gmer and save the logs!...

    http://www.majorgeeks.com/HijackThis_d3155.html


    http://www.majorgeeks.com/GMER_d5198.html

    Sign Up and Post the Logs in this Forum...


    http://www.castlecops.com/forum67.html

    Between the HJT and the Gmer logs, the good people at castlecops.com will be able to see everything from spyware to rootkits. They offer professional and expert help all for free.

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •