You need to either disable or remove the application/process that is using
the port or use a firewall that can block outbound traffic. In your case you
really want to find the offending application/process and remove it using
additional malware and spyware detection and removal programs since your
initial attempt seems to have failed. You can use programs such as the free
one called TCPView that will show what process/executable is using the
offending port that may help you determine what is going on. Autoruns from
will show you your various startup programs and you might be able to disable
it there or see if it is installed as a service and stop and disable the
service. Though that may help you really want to try additional programs to
try and find and remove the rouge program. Also be sure to scan in Safe Mode
and check that any malware/spyware program you use is using the latest up to
date definitions that you can download from the vendors website. --- Steve

http://www.sysinternals.com/Utilities/TcpView.html --- TCPView
http://www.sysinternals.com/Utilities/Autoruns.html --- Autoruns
http://www.microsoft.com/athome/secu...s/default.mspx --- MS info
on viruses and worms.


"networm" <networm8848@yahoo.com> wrote in message
news:erGbQ4u9FHA.3132@TK2MSFTNGP12.phx.gbl...
> Hi all,
>
> Somebody remotely in another part of the world sent me email complaining I
> have a "backdoor-g-1" trojan connecting to his computer. using port
> 1243... I've also run Norton Security check from their website and found
> the following port open along with the 1243 port...
>
> > > PORT STATE SERVICE
> > > 80/tcp open http
> > > 443/tcp open https
>
> Since Norton Antivirus and Norton Security Check did not find any virus...
> or anything else. Perhaps there is nothing I can do and I can just close
> the ports...
>
> Suspciously, these ports should not open...
>
> Now what shall I do? And how can I close the ports on XP sp2?
>
> Thanks a lot!
>