ftp server found.

i got a message on my machine. (listed below.)

checking, i also find that i have a ftp server also on my machine. server
name is NTSVCMGR.
this is ftp serv-U Daemon program.
but i am not running a ftp server on my machine.

just though others may want to know about this.



9.3.2006 13:40:34.140 [464] AVG for E-mail [7.1.371] started
9.3.2006 13:40:35.531 [464] Using AVG Kernel: 7.1.375 [268.2.1/277]
9.3.2006 13:40:35.671 [464] AvgCfg: 0, IniCfg: 1
9.3.2006 13:40:35 Config: AVGCFG
9.3.2006 13:40:36 Using Cyrus SASL 2.1.13
9.3.2006 13:40:39 Starting the main loop
9.3.2006 13:40:39 Redirector version 70004
9.3.2006 13:40:39 AutoPOP3(10110): Starting server
9.3.2006 13:40:39 Queue processing started
9.3.2006 14:29:22 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:29:22 AutoPOP3(10110): Connection from 127.0.0.1:1240
9.3.2006 14:29:22 AutoPOP3(10110): Client connected
9.3.2006 14:29:45 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:29:45 AutoPOP3(10110): Connect: A connection attempt failed
because the connected party did not properly respond after a period of time,
or established connection failed because connected host has failed to
respond. (10060)
9.3.2006 14:29:45 AutoPOP3(10110): Client disconnected
9.3.2006 14:30:35 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:30:35 AutoPOP3(10110): Connection from 127.0.0.1:1253
9.3.2006 14:30:35 AutoPOP3(10110): Client connected
9.3.2006 14:30:40 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:30:40 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:30:40 AutoPOP3(10110): Client disconnected
9.3.2006 14:31:48 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:31:48 AutoPOP3(10110): Connection from 127.0.0.1:1297
9.3.2006 14:31:48 AutoPOP3(10110): Client connected
9.3.2006 14:31:54 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:31:54 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:31:54 AutoPOP3(10110): Client disconnected
9.3.2006 14:33:12 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:33:12 AutoPOP3(10110): Connection from 127.0.0.1:1324
9.3.2006 14:33:12 AutoPOP3(10110): Client connected
9.3.2006 14:33:16 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:33:16 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:33:16 AutoPOP3(10110): Client disconnected
9.3.2006 14:35:26 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:35:26 AutoPOP3(10110): Connection from 127.0.0.1:1403
9.3.2006 14:35:26 AutoPOP3(10110): Client connected
9.3.2006 14:35:37 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:35:37 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:35:37 AutoPOP3(10110): Client disconnected
9.3.2006 14:38:02 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:38:02 AutoPOP3(10110): Connection from 127.0.0.1:1440
9.3.2006 14:38:02 AutoPOP3(10110): Client connected
9.3.2006 14:38:05 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:38:05 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:38:05 AutoPOP3(10110): Client disconnected
9.3.2006 14:42:34 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:42:34 AutoPOP3(10110): Connection from 127.0.0.1:1560
9.3.2006 14:42:34 AutoPOP3(10110): Client connected
9.3.2006 14:42:36 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:42:36 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:42:36 AutoPOP3(10110): Client disconnected
9.3.2006 14:48:59 AutoPOP3(10110): Connection from process 3792
9.3.2006 14:48:59 AutoPOP3(10110): Connection from 127.0.0.1:1618
9.3.2006 14:48:59 AutoPOP3(10110): Client connected
9.3.2006 14:49:04 AutoPOP3(10110): Cannot connect to
CPE000ea65500f6-CM000039b23862.cpe.net.cable.rogers.com:110
9.3.2006 14:49:04 AutoPOP3(10110): Connect: No connection could be made
because the target machine actively refused it. (10061)
9.3.2006 14:49:04 AutoPOP3(10110): Client disconnected

On Thu, 9 Mar 2006 15:19:29 -0600, "Peter" <mymail200112@yahoo.ca>
wrote:

>i got a message on my machine. (listed below.)
>
>checking, i also find that i have a ftp server also on my machine. server
>name is NTSVCMGR.
>this is ftp serv-U Daemon program.
>but i am not running a ftp server on my machine.

And your av scanner(s) don't identify it?

Art
http://home.epix.net/~artnpeg

Peter wrote:

> i got a message on my machine. (listed below.)
>
> checking, i also find that i have a ftp server also on my machine.
> server name is NTSVCMGR. this is ftp serv-U Daemon program.
> but i am not running a ftp server on my machine.

Look in your recycler directory. You will probably find a directory
tree that's about 1/2 dozen directories deep.

Hey - you might find some good warez, or movie or mp3's on your
system!

Enjoy!

From: "Peter" <mymail200112@yahoo.ca>

| i got a message on my machine. (listed below.)
|
| checking, i also find that i have a ftp server also on my machine. server
| name is NTSVCMGR.
| this is ftp serv-U Daemon program.
| but i am not running a ftp server on my machine.
|

One way to find out.

Download and execute TCPView
http://www.sysinternals.com/Utilities/TcpView.html

Then you can see what program (fully qualified name and path) is loading what local port and
is communicating with what Internet site.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm