Security Incidents mailing list archives
Re: Fw: services.exe file
From: Harlan Carvey <keydet89 () yahoo com>
Date: Thu, 11 Dec 2003 13:20:36 -0800 (PST)
Dano,
http://www.thejamzone.com/services/services.zip
Thanks.
Within in XP, I can NOT uncheck the hidden attribute that is set although I can unhide in DOS. After unhiding it, I ran f-prot and it did say that it was a "security risk" or backdoor program.
Did F-prot say _which_ backdoor program it was?
It came to my attention after running a netstat and constantly seeing connections being made to the two outside hosts.
Hhhmm...do you remember which ports? Also, you didn't need to install a personal firewall...simply use fport or openports (my personal fav) to find out which process was using the ports, then get rid of the process and executable image. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Fw: services.exe file dano (Dec 11)
- Re: Fw: services.exe file Fred Bradford (Dec 11)
- Re: Fw: services.exe file Harlan Carvey (Dec 12)
- Re: Fw: services.exe file Dano (Dec 12)
- Re: Fw: services.exe file André Carezia (Dec 15)
- <Possible follow-ups>
- RE: services.exe file Jim Harrison (ISA) (Dec 12)