Is my machine compromised?

Status
Not open for further replies.

mehulved

18 Till I Die............
I was checking the logs of firestarter when I saw a few programs I couldn't recognise. One of them was gatecrasher. Google doesn't give any info on that. Other program shown is back orifice, which googling around, told me that it's a kind of trojan. Is this a false positive or has my machine been compromised?
I have attached the log of firestarter. I have removed bittorrent and unknown from the list.

EDIT - I disabled boinc client, now I don't see back orifice. Do they use same ports or something?
The services I see now are - bittorrent, gatecrasher, NTP, pop3s, SSDP and unknown.
netstat shows, pop3s is connecting to google via opera. So, that's safe. Azureus is running, so BitTorrent is also OK. Now, I got ssdp is simple service discovery protocol so that's safe. Is there any connection between ssdp and HAL?
sheesh, gatecrasher is a protocol used in connection with bittorrent. So, it seems lot better now.
 
Last edited:
OP
M

mehulved

18 Till I Die............
It's confirmed that it's boinc client using those ports. So, I guess it's all right but still can someone confirm if it's just because of the ports or anything else?
 
Status
Not open for further replies.
Top Bottom