I have a question that I hope I can get some help with, as it is driving me crazy... Recently, my H/w Firewall appliance from Symantec has started reporting the following: 10/16/2005 17:30:42.52 Blocked - *Back Orifice Attack Source -My FTP Server, Destination 220.127.116.11:31337 UDP Also get this one: 10/16/2005 17:30:42.52 Blocked - *Portal of Doom Attack Source -My FTP Server, Destination 18.104.22.168:31337 UDP The Destination is always different each time these come up... I have 3 Spyware detection programs running (Counter Spy, Spyware Doctor & Pest Patrol) and Norton AV 10.. I have scanned all the system, checked the registry for common files concerning the 2 issues and have found nothing... Thoughts or suggestions??