[windows2000] svchost.exe - INCOMING over internet connection
- From: "Hazen Woods" <ehw@xxxxxx>
- To: "windows2000@xxxxxxxxxxxxx" <windows2000@xxxxxxxxxxxxx>
- Date: Fri, 19 Sep 2003 18:08:06 -0500
I understand svchost.exe can be corrupted by MSBlaster. Likewise the Welchia
Worm attacks
Svchost.exe. With that in mind if svchost.exe exhibits error, a virus such as
MSBlaster or Welchia
Worm would be high on the list of suspects.
In the most general of terms I understand svchost.exe plays a role in
organizing the DLL's needed to
run various applications.
With that little bit of knowledge I would suspect that the activity of
svchost.exe would be confined to
matters internal to my stand alone computer. However, in setting up Norton
Personal Firewall on a
Win 2000 Pro (SP2) box I opted to receive Security Alerts, I am receiving a
great number of alerts
saying:
"C:\WINNT\system32\svchost.exe
Protocol TCP (Inbound)"
"is attempting to access your computer"
Almost every time this happens, a new popup screen appears and this time it is
another computer
trying to access mine and NPF says to Block it. I block these, Intuitively I
think these should be
blocked, however NPF recommends Permitting it to access the computer.
Which should I chose?
If there is material on the subject please advise. Google reveals several
articles, but what I have
read either describes the role of svchost.exe or how to get rid of the various
virii which attach that
executable. I can't find anything that describes a relationship between
svchost.exe and accessing via
the internet.
TIA
Hazen Woods
Austin, TX USA
eCS and Win2k Pro
what a combination
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
- » [windows2000] svchost.exe - INCOMING over internet connection
