I just joind this forum because of several problems so feel free to throw rocks at my hard drive for every error I display. First PE says I am sending & receiving 0.0 kbs for all connections. Why? Second PE says svchost is listening to port 1033 which is RAT. Netspy. Again, Why? Thank you...
Hi My System doesn't show port 1033 being used but the likelihood is that this might be a Windows service which is enabled by default on your system. I have turned an awful lot of them off and still have a perfectly workable and more secure system! For good information about Windows Services go to http://www.blackviper.com/index.html But do proceed with care! svchost is a genuine Windows service that you CANNOT shut down! But svchost will be doing this on behalf of something else. Find out what and you could possibly stop it if you don't need that software or service. If you have a good Firewall (mine is Zone Alarm Security Suite) then you might see some information about "Generic Host Process for Win32 Services" listening. You might be able to get info from the firewall about what is asking for this access and the ability to block it if you want or need to. Do a check at grc.com (https://www.grc.com/x/ne.dll?bh0bkyd2) and find out if you have open ports. Learn about them ports and them services. The trojans and rats use these ports precisely because they are standard one's that are likely to be open. Regards Jo M P.S. Shut down or "Deny" every server process that you don't need in your Firewall. If you don't have a Firewall............ Many users can make do with NO server activity on their machine at all. Why does Microsoft enable so many servers as a default?
Have you rebooted after installing PE? Programs (whether they're trojans, or legitimate, or otherwise) are free to use any port they like (as long as it's not already in use). RAT.NetSpy is known to use the port 1033, but simply finding that port open doesn't positively confirm that you're infected with that trojan. Best regards, Wayne