Are network TCP connections attempted by service files a security risk

The_Smoking_GunMar 10, 2012, 1:43 AM

I am rephrasing and maybe better placing an unanswered thread. My AV often reports my windows 7 ultimate 64 service files, such as winmon.exe or or service.exe requesting opened TCP connections along with a number of .DLL filkes, and then times they are flagged as heuristic behavior modification, however i know many of those are undeletable, due to windows security replacing them as soon as they are noticed to be missing and in another thread it was also indicated that these must be deleted from three places at once almost to actually prevent those from being instantly replaced, this explains maybe why i get this repeatedly immediately after boot up, but after five or some times it slows down to now and then... still quite a hassle to stop on start up.

Thanks for any understanding of this.

TSG!

2 answers Last reply Mar 13, 2012

More about network connections attempted service files security risk

Saga LoutMar 10, 2012, 5:23 AM

It all depends on what they are and to whom they're phoning home.

Download HijackThis from http://www.trendmicro.com and install it. In Windows 7, right click and RunAs Administrator then carefully comb through the entries under the 023 section. Tick to remove anything you don't like the look of and restart after letting the programme do its job. It's also a good source of information in the 04 section as to what starts up when the system comes on - better than msconfig, in fact.

The_Smoking_GunMar 13, 2012, 1:11 AM

Thanks so much for the link and info!

As soon as i get to running it and see the results i will come back and post what they translate as being, for others to reference and if it needs some clarification.

Thanks again,

TSG!

Can't find your answer ? Ask !

Ask a new question

Firewalls Security TCP/IP Networking

Are network TCP connections attempted by service files a security risk

Read More