On Mon, 20 Oct 2003 19:29:29 GMT, "BxP9" <NOMAIL> wrote:

>No software installed when the new ISP service started. Just plugged in
>modem, added my personal account info and connected fine.
>I'm using Sygate firewall and looked through the logs to find this item. IP
>10.0.0.138 did back trace and reported this:
>
>IANA (RESERVED-6)
> Internet Assigned Numbers Authority
> 4676 Admiralty Way, Suite 330
> Marina del Rey, CA 90292-6695
> US
>
> Netname: RESERVED-10
> Netblock: 10.0.0.0 - 10.255.255.255
>
> Coordinator:
> Internet Corporation for Assigned Names and Numbers (IANA-ARIN)
>res-ip@iana.org
> (310) 823-9358
>
> Domain System inverse mapping provided by:
>
> BLACKHOLE-1.IANA.ORG 192.0.32.18
> BLACKHOLE-2.IANA.ORG 192.0.32.19
>
> These blocks are reserved for special purposes.
> Please see RFC 1918 for additional information.
>
> Record last updated on 12-Oct-2001.
> Database last updated on 23-Aug-2002 16:56:03 EDT.
>The information in this WHOIS database is current as of August 23, 2002,
>and has been retained for historical purposes only. For the most current
>information, query whois.arin.net or visit http://whois.arin.net.
>
>"-=ô;ö=-" <Not.Telling@nowhere.com> wrote in message
>news:AyWkb.16137$Ee6.8787@nwrddc01.gnilink.net. ..
>> Possible that it is the "Help Desk" software bundled in, both BellSouth
>and Verizon have
>> the same thing and I just deinstalled them with no ill effects..
>>
>>
>> "BxP9" <NOMAIL> wrote in message
>> news:0d5f7b9ffad498b146078eafae90b1f3@news.teranew s.com...
>> | Will post them when the item pops-up again. Could it be the new DSL
>modem
>> | for this ISP?
>> |
>> | "sponge" <yosponge@yahoo.com> wrote in message
>> | news:8d76ec03.0310191025.6cd66006@posting.google.c om...
>> | > "BxP9" <NOMAIL> wrote in message
>> | news:<4a4f86e801fa7cb8d1cfb6f226cf4642@news.terane ws.com>...
>> | > > NDIS User mode I/O Driver is being connected by the remote machine
>[ip
>> | > > address] using local port xxxxx. Do you want to allow this
>program...
>> | > > Trying to connect every since I started using a new ISP.
>> | > >
>> | > > Safe? What is it?
>> | >
>> | > It would help to know the IPs and ports, if you'd be willing to post
>> | > or email them, as well as the location of the application. However,
>> | > off the bat it looks very suspect. First because you may be using
>> | > ISP-provided software -- that's a big, big no-no. Second, NDIS
>> | > driver's shouldn't be user mode. the NDIS driver is what takes data
>> | > from an upper-layer protocol (I.E. TCP/IP, which is what the Internet
>> | > uses to commumnication) and sends it out the hardware. It shouldn't be
>> | > user mode: it's a driver, and part of the system.
>> | >
>> | > IOW, if you can connect to the Internet without it, then it is more
>> | > likely to be malicious or suspicious than anything useful.
>> | >
>> | > Sponge
>> | > Sponge's Secure Solutions
>> | > www.geocities.com/yosponge
>> | > My new email: yosponge2 et yahoo dot com
>> |
>> |
>>
>>
>
My system has been doing this same thing for awhile now, I have never
let it access the net, it pops up every 2 minutes, how do you
uninstall it??? Thanks, Moon