Is secedit.exe left by a hacker?
From: Jim Matthews (jim_matt@swbell.net)
Date: 11/01/02
- Next message: Blade: "Re: Quota Restrictions"
- Previous message: Blade: "ftp server behind a zyxel router"
- Next in thread: Karl Levinson [x y] mvp: "Re: Is secedit.exe left by a hacker?"
- Reply: Karl Levinson [x y] mvp: "Re: Is secedit.exe left by a hacker?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jim Matthews" <jim_matt@swbell.net> Date: Fri, 1 Nov 2002 10:06:50 -0800
Recently I noticed a lot of net activity on my LAN from
my W2K system. When I looked to see what was going on, I
found a program called secedit.exe running out of
WINNT\System32. When I looked further, I saw a file
called secedit.sdb. I also found a file called 445.txt
which seems to contain a list of IP addresses that were
tested on port 445.
There are times when I have restarted my computer, I
have noticed a command window with a title of secedit.
I have a Linksys router that I use as a firewall to my
DSL connection so I thought I was pretty safe.
Can anyone tell me if this is legitimate or has a hacker
gotten in? Also, is there anything I need to set on the
Linskys that is not a default setting?
Thanks,
Jim
- Next message: Blade: "Re: Quota Restrictions"
- Previous message: Blade: "ftp server behind a zyxel router"
- Next in thread: Karl Levinson [x y] mvp: "Re: Is secedit.exe left by a hacker?"
- Reply: Karl Levinson [x y] mvp: "Re: Is secedit.exe left by a hacker?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
