I am liking CPF have a few questions about what it blocks.
tgcmd.exe when googled it came back could be from Comcast cable supprt although I use Charter I used the Charter install CD. CPF also says support.com Scheduler & Command Dispacter
svhost.exe -parent services.exe Googled it found it could be My Doom worm
on this forum found that it is used to update your IP address wiil lose connection if
you block it.
iexplorer.exe - CPF reported loaded sdcidle.dll global hook key logger
googled sdcidle.ll it could be Java related I do have Sun Java
I loose internet connection when blocking this
I downloade some vids when playing them WMP CPF pops up with wmplayer.exe trying to connect to internet remote location I deny on per turn basis it still works but
some feedback would be appreciated
regards stillen
tgcmd.exe: I cannot comment on this as it is used by an ISP, you may wish to contact your ISP to see what it is.
Is it located in the same folder as the Charter install files are?
svhost.exe: This is a component in Windows that helps your PC access the internet. The MyDoom worms will sometimes make a file named svhost.exe to fool the user into making it look like a legitimate file. In your case it is probably a legitimate file.
iexplorer.exe: If you use Java then you are fine with allowing what Comodo Firewall has warned you about. As Java is installed and now part of Internet Explorer you need to allow it to get internet access.
As previously stated - you need to be EXACT about the spelling.
You wrote above “svhost.exe -parent services.exe Googled it found it could be My Doom worm. on this forum found that it is used to update your IP address wiil lose connection if you block it.”
There is a HELL of a difference between SVHOST.EXE and SVCHOST.EXE.
In exactly the same manner, there is a HELL of a difference between IEXPLORER.EXE and EXPLORER.EXE and IEXPLORE.EXE.
Please, please, please, double and triple check the spellings on the alerts you’re getting.
If possible, can you attach screenshots of the alerts, just to avoid confusion.
stillen, if the application, as you have typed, is svhost.exe, as opposed to svchost.exe, then you have most likely been infected by a nasty.
You will, however, note that the difference is in the letter ‘c’ and seems to be a common typing mistake. That’s why I’ve taken steps to differentiate that.
If you will actually capture a screenshot and post here under Additional Options (use your Connections window, Application Monitor; wherever it shows that application/connection), that will eliminate any confusion caused by relayed information.
Thank you for the advice I am going to Reformat my PC in a week or so .
I have also been to Pandas Nanocscan it found nothing also went to Trendmicro’s online scanner it found one grayware issue it removed.
Also will not reinstall with Charter intsall CD so as won’t have to deal with tgcmd.exe will manually do my conection.
Also have done a Hijackthis post on a forum and found nothing.
OK here it is On CPF Activity then Connections this is what it shows iexplore.exe and svchost.exe
