• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Backdoors...

C

CraSh_Zer0

Guest
#1
Hey, ive heard around lots of xp sites, about a file in xp, that sends info to the microsoft server about your computer.. well i have a firewall, and every now and then some c:/windows programs wanna connect to the net... Ive allowed
-c:/windows/system32/RUNDLL32.EXE
-c:/windows/system32/svchost.exe (twice :confused: )
Yes, well other programs are still tryna get out, but i block em.. so i wanna know if anyone has a list of ones to allow, and ones to block..or a program... thankz :)
 
#2
it all depends on what programs you have...svchost is gonna ask alot cause it runs the services, rundll32 can be any app using it almost...just turn off the windows error reporting and such, windows XP is sending any secret info off to MS, thats all paranoia :p
 
R

robin.munro

Guest
#4
I have used it and it is pretty simply, it just changes certain reg settings and never needs to be run again....

Look at what it says about the Alexia database!
 
L

Lactic.Acid

Guest
#5
Sorry to burst everyone's anti-corporate, conspiracy ridden bubbles, but this doesn't happen. MS transmits info for error reporting, which is just what type of NIC, Video card, sound card, what program crashed, any exceptions returned by the offending app, etc. This is done with your permission each time and is nothing but debugging info for MS developers. You can turn this off and there is a howto for that on every XP site you find (But ours is better =). As for svchost, that's a file that services on your computer run through (stuff like workstation, iis, etc) and is more or less essential for it all to work right. rundll is kind of a toolbox for an application writer and has all kinds of functions in it, including net access stuff. svchost is fine to allow permanently. rundll you can do on a case by case deal, so if you start program XYZ and it soon prompts you to allow rundll you can judge whether the app should have access to that or not. But some programs will fool you either way with random accesses or whatnot.
/Lactic
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,012
Latest member
Sierge