|
-
September 5th, 2002, 10:53 AM
#1
Member
script.exe ??
everytime i start windows something called script.exe is running in the background, i have seen it try to connect to 2 different ip addys and have blocked it.
the 2 addys are 202.99.166.61:6667 (which turned out to be a japanese/korean website)
and the other 194.168.4.100 NS
i done a neotrace on the 2nd one and this time the ip terminated in the UK and give me the following info :
NeoTrace Trace Version 3.25 Results
Target: 194.168.4.100
Date: 9/5/02 (Thursday), 10:30:58 AM
Nodes: 11
Node Data
Node Net Reg IP Address Location Node Name
1 - - 213.106.205.235 St. Helens m7y1i8
2 1 - 10.51.48.1 Unknown
3 1 - 10.0.123.162 Unknown
4 1 - 10.0.123.12 Unknown
5 1 - 10.0.186.27 Unknown
6 2 1 213.105.172.117 Unknown man-bb-b-so-130-0.inet.ntl.com
7 2 - 62.253.185.138 Unknown
8 2 1 213.105.172.130 Guildford gfd-bb-b-so-500-0.inet.ntl.com
9 2 1 213.105.172.197 Guildford gfd-bb-a-ge-020-0.inet.ntl.com
10 2 1 213.105.172.153 Guildford gfd-dc-c-v300.inet.ntl.com
11 3 2 194.168.4.100 Southwark cache1.ntli.net
Packet Data
Node High Low Avg Tot Lost
1 0 0 0 1 0
2 16 16 16 1 0
3 13 13 13 1 0
4 33 33 33 1 0
5 15 15 15 1 0
6 15 15 15 1 0
7 27 27 27 1 0
8 21 21 21 1 0
9 20 20 20 1 0
10 19 19 19 1 0
11 36 36 36 1 0
Network Data
Network id#: 1
OrgName: IANA
OrgID: IANA-2
Network id#: 2
NTL Internet
Crawley Court
Winchester
Hampshire
SO21 2QA
Network id#: 3
NTL Internet
Crawley Court
Winchester
Hampshire
SO21 2QA
Registrant Data
Registrant id#: 1
Registrant:
Cable Online (NTL5-DOM)
NTL House Dunleavy drive
cardiff, uk cf11 0ww
GB
Registrant id#: 2
Registrant:
Cable Online (NTLI3-DOM)
Online House Cleppa Park
Newport, NP1 9UG
UK
_____
NeoTrace Copyright ©1997-2001 NeoWorx Inc
i cant make much out from this stuff but why would it be trying to connect to my pc through script.exe?
any help or ideas on whats happening would be very appreciated as since ive found this running i've also had my pc infected with the funlove virus which is proving pretty hard to get rid of and i've also had my 6 digit icq number stolen ( i think), i'm gonna do a fdisk & format my hd but i'd like to find out as much as possible about this before i do so i can maybe get my icq number back...
thanks a lot.
ivan.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote