G
Guest
I'm getting an annoying firewall Program Control Alert, Inbound, svchost.exe How do I stop this, please? This has been happening for a few weeks now.
I'm using XP Home, Dell 2350, Pentium 4, Norton AntiVirus 2004 & Personal Firewall 2003. The Firewall keeps giving a Program Control alert, C:\Windows\System32\svchost.exe, TCP (Inbound), remote IP address (when using Norton's Tracking its mostly from other countries), TCP(Inbound), [MyIP]:1025. I block it each time. The Task Manager shows running SVCHOST.EXE (all caps) System(3), Network Service, Local Service. A search result for svchost.exe shows C:\I386\SVCHOST.EXE and C:\Windows\System32\SVCHOST.EXE (all caps).
I have scanned off line with Norton and at the Symantec site both virus & security scans, spywareguide.com free X-Cleaner scan, McAfee free scan, and PCPitstop Panda free scan and they found nothing. I use Spobot S&D 1.3 and it found nothing. GRC.com ShieldUP! shows that port 1025 is open and says to close it. I don't know how to do that. It also showed a "Danske Net Bank" plugin installed & I haven't been to any bank sites. How do I get rid of that? I did a Firewall program scan set to "automatic". Even tried a System Restore when all else failed but couldn't go back too far because I was afraid of previous driveby adware I couldn't get rid of. The firewall logs show the alert occuring every 5-20 min. Thanks for any help you can give me to stop this annoying alert.
Judy
I'm using XP Home, Dell 2350, Pentium 4, Norton AntiVirus 2004 & Personal Firewall 2003. The Firewall keeps giving a Program Control alert, C:\Windows\System32\svchost.exe, TCP (Inbound), remote IP address (when using Norton's Tracking its mostly from other countries), TCP(Inbound), [MyIP]:1025. I block it each time. The Task Manager shows running SVCHOST.EXE (all caps) System(3), Network Service, Local Service. A search result for svchost.exe shows C:\I386\SVCHOST.EXE and C:\Windows\System32\SVCHOST.EXE (all caps).
I have scanned off line with Norton and at the Symantec site both virus & security scans, spywareguide.com free X-Cleaner scan, McAfee free scan, and PCPitstop Panda free scan and they found nothing. I use Spobot S&D 1.3 and it found nothing. GRC.com ShieldUP! shows that port 1025 is open and says to close it. I don't know how to do that. It also showed a "Danske Net Bank" plugin installed & I haven't been to any bank sites. How do I get rid of that? I did a Firewall program scan set to "automatic". Even tried a System Restore when all else failed but couldn't go back too far because I was afraid of previous driveby adware I couldn't get rid of. The firewall logs show the alert occuring every 5-20 min. Thanks for any help you can give me to stop this annoying alert.
Judy