#109 Checking scan

Randall Hammond

Malwarebytes was blocking an incoming and outgoing request from an IP in china. Did a scan to see if there was something suspicious.

1 Attachments


    • status: open --> pending
  • Hmm, I ran rootkit-buster and rubotted. Both returned negative. I'll run a full zonealarm scan tonight. Any reason to use housecall if I have Zonealarm?

    When I logged in just now malwarebytes said it prevented a suspicious outgoing request from svchost.exe to port 63840. A lookup put that in Romania.

  • I ran a zonealarm scan that found two viruses in a thunderbird inbox that I haven't used in quite a while. It said it treated them.

  • You should disable your zonealarm and run housecall, as different scanner may have different results. Also, you can run TDSS Killer tool and let me know if anything has been found. This connection to Romania clearly means that something is going on on your machine.

    • status: pending --> closed
  • No update. Case closed.