|
tmksrvu.exe
|
View this Thread in Original format
| UglyDave |
anyone know what this file does?
It's trying to connect to something and i dont know what - zonealarm alerted me..
i searched yahoo & google but there were no results.
Thanks!
David |
|
|
| DJ-Fuq |
Just block it from connmecting, and delete it
What u should do is go through the list of programs in zonealarm and block every programs access except the 1s u know need to connect. For the 1s u want to connect, put on pass lock for them, then keep engage internet lock on in za all the time (but not stop all internet activity) |
|
|
| UglyDave |
Cheers whiskers! According to that article it's a trojan so thank you!
DJ-Fuq - u know a lot about everything!! Well, a lot about everything i have a question about :)
Cheers :)
David |
|
|
| DJ-Fuq |
| quote: | Originally posted by UglyDave
DJ-Fuq - u know a lot about everything!! Well, a lot about everything i have a question about :)
|
:D |
|
|
| Boomer187 |
where was the file? also look for a file called firedaemon.exe.
the reason I ask is that it looks like the name partially includes servu, it is very common for people to exploit your system and pop it on there under different names. I would try to find the weakness in your system and stop it. |
|
|
| UglyDave |
| quote: | Originally posted by Boomer187
where was the file? also look for a file called firedaemon.exe.
the reason I ask is that it looks like the name partially includes servu, it is very common for people to exploit your system and pop it on there under different names. I would try to find the weakness in your system and stop it. |
thank you also!
I havn't got firedaemon. the file was in c:\winnt\system32
cheers!
David |
|
|
| Boomer187 |
ah, prolly servu, that is the most common place for it.
they might have got in through a weak nt password, weak sql password or some other vulnerability. nothing too dangerous I would guess.
I would also check your drive space. good places to check are c:\system volume information and c:\recycler .that is if there is a good portion of space missing.
other than that I think ur good. |
|
|
|
|
