Reboot.exe [friend or foe? Trojan ??]

Open your firewall configuration panel and click the Programs tab. Scroll through the list to see what 'rule' has been created for each process listed. Once a rule is set for a process, the log will show 'preparing to access' only, as it carried out whatever rule was set for that process.

 

Hi Dave. I have had a look at the Programmes and I think all three must come under "Microsoft Generic Host Process for Win32 Serv" which has automatic access.
Incidently I updated and scanned with AdAware which removed 14 items. I then scanned again with Ewido which found a further 5 items. I downloaded the Shredder but this did not find anything. Thanks again. Roger

 

Hi Dave. Whilst I downloaded and ran CWShredder yesterday I can't find this programme today. I ran a Search and it is apparently in C:WINDOWS\Prefetch but when I tried to open it again it asked which programme I wanted to use for this purpose. Can you please tell me what to do as I also downloaded another Trend programme which also seems not to have opened although I used it as well yesterday. Thanks. Roger

 

Sorry for the delay. Did you by chance download those progs to a temp folder and then empty it?

Would you see if Ewido saved a scan log and post it's contents please?

 

Hi. If I did empty it then I didn't mean to. Is this the Ewido scan log you mean.
ewido security suite - Connection report
---------------------------------------------------------

+ Created on: 17:57:08, 23/07/2005
+ Report-Checksum: 35DA8119

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 82.18.222.54:139 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1025 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1032 0.0.0.0:0 LISTENING
TCP 127.0.0.1:54110 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445
UDP 0.0.0.0:500
UDP 0.0.0.0:1040
UDP 0.0.0.0:1481
UDP 0.0.0.0:1802
UDP 0.0.0.0:4500
UDP 82.18.222.54:123
UDP 82.18.222.54:137
UDP 82.18.222.54:138
UDP 82.18.222.54:1900
UDP 127.0.0.1:123
UDP 127.0.0.1:1758
UDP 127.0.0.1:1900
I re-posted under PF File and I now understand that I did not actually download any programmes but merely did online scans. Roger

 

Hi Roger!

No, that's not the Ewido log I was referring to. There probably won't be one unless you specifically told it to create and save a log after running it. I was curious as to whether it had removed anything it shouldn't have since you mentioned missing apps. Since you've determined they weren't downloaded, but online scans, no problem, with the exception of CWShredder. That would have been downloaded. Not a problem if it is MIA either though, since it's readily available and something one rarely needs anyway.

Looks as though all is in order. Happy surfing!

 

Thanks Dave. Roger