c:\\windows\slave.exe..trojan?
From: G (gonzalo_torresjr@hotmail.com)
Date: 02/19/03
- Next message: Grant Griffiths: "Installation failure of Security Updates"
- Previous message: Eddie Ekanem: "Limited User cannot access Yahoo mail or do Google search"
- Next in thread: cHaSeR: "c:\\windows\slave.exe..trojan?"
- Reply: cHaSeR: "c:\\windows\slave.exe..trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "G" <gonzalo_torresjr@hotmail.com> Date: Wed, 19 Feb 2003 02:04:10 -0800
Guys;
I have on my firewall detected a server called "RA
Service" which is remote anything similar to pcanywhere.
i see the log as trying to request access to the internet
3 times per reboot or login. There are several users in
this machine. I see the destination ip of 2 as empty,
but one is requesting to be allowed to connect to an ip
in Amsterdam (according to NeoTrace). Obviously this is
not acceptable but I have the follwoing question, Is that
executable standard with the windows installation? I
have checked the exe date and it was created around the
time this pc was configured. There are also users using
citrix ica client and some chat software. I have checked
online as some sites consider it a trojan...but before I
take it out I wanted to ask your more knoeledgeable
opinion...
thank you,
- Next message: Grant Griffiths: "Installation failure of Security Updates"
- Previous message: Eddie Ekanem: "Limited User cannot access Yahoo mail or do Google search"
- Next in thread: cHaSeR: "c:\\windows\slave.exe..trojan?"
- Reply: cHaSeR: "c:\\windows\slave.exe..trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
