Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What is alg.exe?


  • Please log in to reply
8 replies to this topic

#1 Lloyd T

Lloyd T

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:41 AM

Posted 18 October 2008 - 04:35 PM

I saw that it was listening on port 1025 using Comodo Firewall Pro.

Is this a legitimate system program or is a malicious program planted by a hacker?

BC AdBot (Login to Remove)

 


#2 M...

M...

  • Members
  • 386 posts
  • OFFLINE
  •  
  • Local time:11:41 PM

Posted 18 October 2008 - 05:15 PM

The "File Database" tab here at Bleeping Computer shows:

http://www.bleepingcomputer.com/filedb/alg.exe-532.html

Additionally, Googling for "alg.exe" returns (among others):

http://www.2-spyware.com/file-alg-exe.html

#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 18 October 2008 - 05:55 PM

A description of the legitimate alg.exe: http://en.wikipedia.org/wiki/Application-level_gateway
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#4 Lloyd T

Lloyd T
  • Topic Starter

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:41 AM

Posted 18 October 2008 - 06:36 PM

So...if it's listening to port 1025, is it legitimate or not? I use a 3rd party firewall, not the Windows one.

#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 19 October 2008 - 06:11 AM

Is the one that's listening on port 1025 the same one that's located in your Windows\System32 sub-folder?
Have you scanned the one that's listening with any antivirus products? Here's a free, online scan for individual files: http://virusscan.jotti.org
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 Lloyd T

Lloyd T
  • Topic Starter

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:41 AM

Posted 19 October 2008 - 08:42 AM

I have scanned it with Ad-Aware and Avira, both came clean.

#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 19 October 2008 - 09:24 AM

I'd still submit it to Jotti just to be sure (just in case a virus has taken over your current protection).
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 Lloyd T

Lloyd T
  • Topic Starter

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:03:41 AM

Posted 24 October 2008 - 10:51 AM

Hi again,

Sorry for not replying in along time!

OK, I submitted the file alg.exe along with ctfmon.exe a while ago to Jotti. Both of them came up clean, no warnings or anything.

#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 25 October 2008 - 06:14 AM

I'm a great fan of "Independent" scans - since malware is able to take over much protection that's installed on the local machine. Also, if the scan is clean, it's an indication that your installed protection is doing it's job.

This is probably one of the legitimate accesses of the program. If you have Service Pack 2 installed, I'd leave it alone. If you have Service Pack 3 installed I'd set it to "Manual". More info here: http://www.blackviper.com/WinXP/Services/A...way_Service.htm
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users