Solved

Compromised?

Posted on 2009-07-10
1
171 Views
Last Modified: 2013-12-04
Saw the below in my logs. I do have network analyzers on my machine, but they were not running at the time. Is my box hosed?  I am seeing this for lsass.exe and svchost.exe

Its a fully patched xp machine with antivirus software. Is someone sniffing my box?
The Windows Firewall has detected an application listening for incoming traffic.
 
Name: Communicator
Path: C:\Program Files\Microsoft Office Communicator\communicator.exe
Process identifier: 21616
User account: mbrown
User domain: BBS

Open in new window

0
Comment
Question by:WERAracer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
hmare earned 500 total points
ID: 24823943
Office communicator is supposed to listen for incoming traffic. Sometimes a firewall needs to be told that certain software is trusted (If you trust it)
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question