Jump to content


Photo

New Moldovan malware using svchost.exe?

malware moldova block

  • Please log in to reply
1 reply to this topic

#1 eltopo71

eltopo71

    New Member

  • Members
  • Pip
  • 1 posts

Posted 11 June 2013 - 09:21 PM

MBAM has been giving me notifications steadily all night that it was blocking an outgoing connection by svchost.exe to 89.28.97.15:54512. I decided to look it up and found that it was an ISP in Moldova, so now my spidey sense is tingling. I've not been able to isolate the svchost instance yet but I'd be curious to know if I'm the only one getting blocks on this particular address/port. Thx.

#2 Firefox

Firefox

    Forum Deity

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 10,123 posts
  • Gender:Male
  • Location:USA

Posted 11 June 2013 - 09:36 PM

Hello and Welcome to Malwarebytes

Being that you are probably infected or if you want to make sure your not infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

post-2065-0-92797800-1392234217.jpg


Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users