Uugh...I can't believe this has happened to me, but it has. I've got a laptop that I use at a bunch of different client sites. I'm always doing security scans and virus removal, spyware removal, etc. Anyway, I'm back in my office and working on an IDS system (SNORT) and was trying to ssh to it, but for whatever reason was getting a network connection error. So, I go to my checkpoint firewall log and look to see where I'm being stopped. And what do you know...my machine is pinging ip addresses sequentially. Luckily, checkpoint is blcoking this traffic, but what the heck? I have updated virus software (symantec enterprise) and the...this is going to sound stupid...only virus it has found is iishack.exe. I was using this to test vulnerabilities on a host system at a client site. Of course, I couldn't figure it out as it was my first time using it...so I just updated all the security patches for the NT box and went about my business, but I kept the file to mess with it later. Could this be the cause? Is there a way to stop it? Thanks.