January 14th, 2004, 11:54 PM
Righty ... thats what I thought too ... svshost.exe will be toast shortly i think ... no point keeping the thing in a vile, unless someone esle wants to have a look at it before it goes.
January 14th, 2004, 11:23 PM
Thanx for the info Soulman ... I have a 24/7 IRC connection running anyway ... online gamer, lol. So it's not likely I would've noticed it based on that. Although, now you mention, I did also block...
January 14th, 2004, 08:11 PM
Righty ... well, my specific config here is 2 computers, Win XP Home on both, connecting through a 3com router (fully stealthed) to a cable-based broadband. Thats the way its always been. However,...
January 14th, 2004, 07:24 PM
Right ... thanx again ... useful info. Still didn't give me a reason for 3002, 3004, and 5000 to be active. Not overly concerned, since this machine is behind a 3com router which shows as stealthed...
January 14th, 2004, 07:05 PM
Excellent ... thank you ... can you also tell me why I should have Generic Host Process for Win32 Services listening to ports 3002, 3004, and 5000? As far as I know, I should have NO servers running...
January 14th, 2004, 06:52 PM
That'll do fine ... refresh my memory please ... how do you get that listing?
January 14th, 2004, 06:50 PM
Hmm ... well, I run AVG on a regular basis with updates, and it missed it. As did TrojanHunter. The only indication I even HAD a trojan was that Zone Alarm caught the traffic, and after about 3...
January 14th, 2004, 06:44 PM
I just went through my Zone Alarm logs, and thge IP address was 66.98.168.220 ... boom.badpenguin.com no longer resolves, lol ... guess they figured advertising was bad, lol.
Any info would be...
January 14th, 2004, 06:34 PM
Hello ... I thought I'd start here as I am definately a security newbie. I am a sys-admin whose had the luxery of focussing on performance over the years, and ignoring security in my profession. ...