No software installed when the new ISP service started. Just plugged in
modem, added my personal account info and connected fine.
I'm using Sygate firewall and looked through the logs to find this item. IP
10.0.0.138 did back trace and reported this:

IANA (RESERVED-6)
Internet Assigned Numbers Authority
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292-6695
US

Netname: RESERVED-10
Netblock: 10.0.0.0 - 10.255.255.255

Coordinator:
Internet Corporation for Assigned Names and Numbers (IANA-ARIN)
res-ip@iana.org
(310) 823-9358

Domain System inverse mapping provided by:

BLACKHOLE-1.IANA.ORG 192.0.32.18
BLACKHOLE-2.IANA.ORG 192.0.32.19

These blocks are reserved for special purposes.
Please see RFC 1918 for additional information.

Record last updated on 12-Oct-2001.
Database last updated on 23-Aug-2002 16:56:03 EDT.
The information in this WHOIS database is current as of August 23, 2002,
and has been retained for historical purposes only. For the most current
information, query whois.arin.net or visit http://whois.arin.net.

"-=ô;ö=-" <Not.Telling@nowhere.com> wrote in message
news:AyWkb.16137$Ee6.8787@nwrddc01.gnilink.net...
> Possible that it is the "Help Desk" software bundled in, both BellSouth
and Verizon have
> the same thing and I just deinstalled them with no ill effects..
>
>
> "BxP9" <NOMAIL> wrote in message
> news:0d5f7b9ffad498b146078eafae90b1f3@news.teranew s.com...
> | Will post them when the item pops-up again. Could it be the new DSL
modem
> | for this ISP?
> |
> | "sponge" <yosponge@yahoo.com> wrote in message
> | news:8d76ec03.0310191025.6cd66006@posting.google.c om...
> | > "BxP9" <NOMAIL> wrote in message
> | news:<4a4f86e801fa7cb8d1cfb6f226cf4642@news.terane ws.com>...
> | > > NDIS User mode I/O Driver is being connected by the remote machine
[ip
> | > > address] using local port xxxxx. Do you want to allow this
program...
> | > > Trying to connect every since I started using a new ISP.
> | > >
> | > > Safe? What is it?
> | >
> | > It would help to know the IPs and ports, if you'd be willing to post
> | > or email them, as well as the location of the application. However,
> | > off the bat it looks very suspect. First because you may be using
> | > ISP-provided software -- that's a big, big no-no. Second, NDIS
> | > driver's shouldn't be user mode. the NDIS driver is what takes data
> | > from an upper-layer protocol (I.E. TCP/IP, which is what the Internet
> | > uses to commumnication) and sends it out the hardware. It shouldn't be
> | > user mode: it's a driver, and part of the system.
> | >
> | > IOW, if you can connect to the Internet without it, then it is more
> | > likely to be malicious or suspicious than anything useful.
> | >
> | > Sponge
> | > Sponge's Secure Solutions
> | > www.geocities.com/yosponge
> | > My new email: yosponge2 et yahoo dot com
> |
> |
>
>