Israel.
and that what I was sayin. my ip change's every day and these guys still attack my router gateway.
Here's another 2
‏שבת ‏09 ‏יולי ‏2011 23:22:03 Unrecognized attempt blocked from 94.59.175.226:2237 to 93.173.135.90 TCP:23
‏שבת ‏09 ‏יולי ‏2011 23:24:09 Unrecognized attempt blocked from 200.41.203.79:4101 to 93.173.135.90 TCP:23


This post was edited by Yakir on Jul 9 2011 02:51pm

are you sure theres no backdoor or any kind of virus on your computer?

did you do a scan with malwarebytes anti-malware?
did you only change your display IP?

I scan my pc every day.
and I have dynamic IP so it change's every day..

scanning with an anti-virus may not be enough
i suggest downloading an anti-malware (malwarebytes anti-malware)
its free
http://www.malwarebytes.org/
and which anti-virus do you have?

This post was edited by ShadowFiend on Jul 9 2011 02:58pm

I scan with Hijackthis , Nod32 , Ccleaner , S&D
I think its more then enough and sometime's I find something but most of the time nothing.


Here they start again
23:52:20 Unrecognized attempt blocked from 72.14.73.207:3743 to 93.173.135.90 TCP:23
‏שבת ‏09 ‏יולי ‏2011 23:59:04 Unrecognized attempt blocked from 218.10.19.21:6000 to 93.173.135.90 TCP:3128
‏שבת ‏09 ‏יולי ‏2011 23:59:11 Unrecognized attempt blocked from 201.230.79.196:4244 to 93.173.135.90 TCP:23


This post was edited by Yakir on Jul 9 2011 03:00pm

Upload Hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 00:04:36, on 10/07/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.walla.co.il/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

I think there's something with the IE.
notice there it's 3 processes.
thou I close all my IE shut down.

download process explorer from microsoft site and find out the command lines of those Iexplore (double click on it)
they might be trying to connect to a site/ip
e: when you put a new tab, it will place another process

This post was edited by ShadowFiend on Jul 9 2011 03:15pm

First of all, I would stop using Internet Explorer.
I don't know if it's anymore, but earlier versions are known for having security glitches.

I can't find anything weird in the hijackthis log either.
Maybe someone else has better luck.

Did you close down IE with the close button, or task manager?
The close button is usually a bit slow.

This post was edited by monehgers on Jul 9 2011 03:13pm