Adsubtract Pro

Discussion in 'Port Explorer' started by elcid123, Mar 23, 2004.

Thread Status:
Not open for further replies.
  1. elcid123

    elcid123 Registered Member

    Joined:
    Mar 9, 2004
    Posts:
    11
    Location:
    Runcorn, Cheshire, UK
    I see in port exproler that adsubtract is highlighted in RED is it a Tojan or does it open port 4444 to atacks by troans?

    Regards Steve
     
  2. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    From the help file ... (Interface | Socket Colors)
    So in other words, Adsubtract is 1) a hidden/invisible program (there are no visible windows, although it might be in your system tray), and 2) it's using sockets.

    If you know what the program is that uses those sockets (ie. you know that those sockets belong to Adsubtract), then there's not much cause for concern. However, if you don't know what the process is, then there's a good chance it might be a trojan.

    Best regards,
    Wayne
     
  3. Syke

    Syke Registered Member

    Joined:
    Apr 3, 2004
    Posts:
    2
    Correct. As Wayne said, if you know that AdSubtract should be using that port, then don't be alarmed. I would suggest to you that you scan the file(s) to see if it is a know trojan, or if you use TDS, scan the file(s) to see if it is a known trojan, or if it has a generic trojan string. Also, if you know what you are doing, then I would also recommend that you enable spying on the socket it is using and monitor the packets going in and out. If you see something suspicious, then post it here and someone should be able to help you out. Hope that helps.

    -Syke
     
Thread Status:
Not open for further replies.