
RedZed69
Member-
Content Count
6 -
Joined
Community Reputation
0 NeutralAbout RedZed69
-
Rank
New Member
Recent Profile Visitors
1193 profile views
-
Closed Suspected malicious activity
RedZed69 replied to RedZed69's topic in Help, my PC is infected!
Thanks for the clarification and thanks for your help. This thread can be closed. -
Closed Suspected malicious activity
RedZed69 replied to RedZed69's topic in Help, my PC is infected!
Thanks. I have 3 more questions before this thread can be concluded. It's normal for svchost.exe to have an "established" connection and not a "listening" connection to 117.18.237.29 ? Are attempted facebook account intrusions common ? Combofix should only be used with expert supervision ? -
RedZed69 started following About checking the safety of URLs (a URL i'm suspicious of) and Suspected malicious activity
-
Hi, I'm a customer of Emsisoft antimalware. Recently, I've received an email from facebookmail security about an attempted log in to my facebook account from an intruder. I verified that this mail was legitimate from facebook itself. Furthermore, I've noticed via TCPView that svchost.exe has an established connection to this IP Address 117.18.237.29 (apparently EdgeCast Networks Asia Pacific Network) which I closed. I added a custom rule into Emsisoft Antimalware to block connections to this IP address, and attempts to connect to 117.18.237.29 would be blocked every time I booted the desktop
-
Hi, I'm a little paranoid after accidentally visiting a recipe site in Firefox (latest ESR edition) private browsing sandbox mode. The specific URL is http://www. recipesbnb. com/sloppy-janes/107634 Virustotal says it's safe and Sucuri Sitecheck says the site uses an outdated wordpress. Emsisoft Antimalware was active at the time with no problems. I quickly closed Firefox and opened TCPView and noted these 3 lines - <non-existent> 5068 TCP 50466 172.217.26.129 https LAST_ACK