Sign in with
Sign up | Sign in
Your question

Are network TCP connections attempted by service files a security risk

Last response: in Networking
Share
March 10, 2012 1:43:55 AM

I am rephrasing and maybe better placing an unanswered thread. My AV often reports my windows 7 ultimate 64 service files, such as winmon.exe or or service.exe requesting opened TCP connections along with a number of .DLL filkes, and then times they are flagged as heuristic behavior modification, however i know many of those are undeletable, due to windows security replacing them as soon as they are noticed to be missing and in another thread it was also indicated that these must be deleted from three places at once almost to actually prevent those from being instantly replaced, this explains maybe why i get this repeatedly immediately after boot up, but after five or some times it slows down to now and then... still quite a hassle to stop on start up.


Thanks for any understanding of this.

TSG!
a b 8 Security
March 10, 2012 5:23:14 AM



It all depends on what they are and to whom they're phoning home.

Download HijackThis from http://www.trendmicro.com and install it. In Windows 7, right click and RunAs Administrator then carefully comb through the entries under the 023 section. Tick to remove anything you don't like the look of and restart after letting the programme do its job. It's also a good source of information in the 04 section as to what starts up when the system comes on - better than msconfig, in fact.

m
0
l
March 13, 2012 1:11:16 AM

Thanks so much for the link and info!

As soon as i get to running it and see the results i will come back and post what they translate as being, for others to reference and if it needs some clarification.

Thanks again,

TSG!
m
0
l
!