Wow, repeating my analysis from .
Any BITS download leftover? Your DNS server? Random DNS lookups of non-accepted connections due to some misconfigured mechanism? Any special software running, looking for an automatic update or alike?
That what pending rename operations are good for. Most likely it's just part of an uninstaller (which is not clever enough to delete itself without letting Windows schedule it).
That's the DnsCache service of Windows. Nothing to see here, move along.
And you still didn't find the simple technical description of svchost and why this is normal behaviour?
HijackThis?
That something is part of the normal login process.
Yeah, quite normal. Anyway, why do you have write access to that file? :-)
On
I do have a software firewall on my windows xp pc behind my wireless router and I did scan using not only AdAware but SpyBot Search and Destroy and the Microsoft malicious software removal tool. None found anything suspicious but there was that strange file GLB1A2B.EXE which I'm still trying to figure out if it is a bad guy or part of AdAware which I updated before I ran the scan.
I can't find any legitimate use for this "TCP 192.168.0.101:1058
63.236.111.222:80 SYN_SENT process 912" Quest Communications outfit.Why or how did they get into my startup sequence such that it makes my machine send the SYN_SENT signal to their port 80? Can they figure out my ISP IP address from this one-way communication?
Thanks, .....Pam
That might be the actual cause of the problem.
I keep running the netstat and keep seeing MORE AND MORE of these SYN_SENT signals, for example.
TCP 192.168.0.102:1435 207.46.20.93:80 SYN_SENT 920 C:\\WINDOWS\\system32\\WS2_32.dll C:\\WINDOWS\\System32\\WINHTTP.dll [svchost.exe]
To make matters even more exasperating, THIS ip address resolves to Microsoft themselves!
I just located & downloaded HijackThis
Thanks, .....Pam
Unbelievable, WinXP's Automatic Update Service actually works!
Wow, random ports. but isn't that just how it's supposed to be?
The others servers could be part of Akamia's load balancing system that is used by Microsoft. Unbelievable, they're using load balancing!
start>control panel>administrative tools>services
Yes.
This question implies its answer.
No.
Just read RFC 793 on
Yours, VB.
I suggest that you use either msconfig and selective startup or the more advanced Autoruns from SysInternals to see what you have as far as startup applications/services/processes and these programs give you the ability to disable such to troubleshoot in a trial and error method. Once you track down the offending process you can disable or remove it if you want. Offhand I have no idea why it is on your computer as everyone has different applications and hardware installed.
"Can they figure out my ISP IP address from this one-way communication?" Yes they can because it is not a one way communication. IMHO the fact that someone knows your public IP address is not any sort of security threat and is a necessary part of internet communications.
If your malware and spyware detection and removal programs are current with their definition files and you also scan in Safe Mode and nothing is found then very likely you do not have anything of major concern though Microsoft malicious software removal tool is not meant to do a thorough scan for malware. You need to use a full virus detection and removal program to do that and if you do not have one you can get a free one from AVG here
I suggest that you get yourself the Windows XP Resource Kit Book buy it or go to the library and see if you can check out one. It's a little bit technical but you seem you might be able to deal with it. I didn't read all of this thread.
You can use the tools in the link
Long
Duane :)
GLB1A2B.EXE is invasion ware. You're in for some googling on how to get rid of it, it is pretty invasive.
charles.....
Hm... this file would make me a little nervous:
Not at anyone, actually :)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.