i keep getting this alert by my firewall every so often Direction: incoming Local Point: 0.0.0.0, port 1026 Adapter: USB Cable Modem 351000 - Packet Scheduler Miniport Remote Point: dialup-64.156.39.12.Dial1.Denver1.Level3.net [64.156.39.12], port doom [666] Protocol: UDP "generic host process for win32 services" is also mentioned in the alert whats that all about? port doom [666] doesnt sound too good to me so ive been denying them

I don't fully understand what they are saying in that link, but i think it will be off help http://ricardo.ecn.wfu.edu/~plug/mail_archive/0309/0005.html

POrt 666 TCP attack: Attack FTP simply installs a custom version of Serv-u invisibly. Quick fix: no quick fix programs Trojan B' Gone plugin might be as well. Manual removal: Remove the Reminder key located in the registry at: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. This can be done with regedit or any other registry editing program. Change the load=Wscan.exe key under [Windows] to load= in the win.ini. Which can be done with any text editing program. Reboot the computer or close the trojan. Delete the trojan files WScan.exe and drwatsom.exe in the windows system directory. If you got Port 666 UDP attack then its the N0kN0k Trojan, in this case: Attack FTP. 666 UDP N0kN0k Trojan/ 777 TCP, AIM Spy Application.

no that link didnt make much sense to me either tamtam =/ i couldnt find any of the registry settings/files you mentioned LiQuiD7 and i didnt understand the last thing you said. is that a different trojan? what do i do for that one. why didnt a trojan scanner pick this up