> I checked the registry and didn't see anything suspicious looking. Also checked the
> processes under Task Manager and didn't see anything weird there either.
>
> I did turn on PeerBlock though and saw this strange IP address that my computer
> seemed to connect to right about the same time the viruses appear. Turns out it is in
> Argentina. I have now blocked that IP, and the virus hasn't come back since. My
> computer is still trying to connect to that IP every few minutes through a different
> port though. This thing must be it. But how do I figure out what program is making
> that outgoing request to that IP?
Maybe it's a running service and not a run on startup program. Type "services.msc" in a command prompt and check if you see anything unusual. It could also be a rootkit, that will be a bit harder to detect.
|
Index 
Flat 
Re: Found a strange IP
Reply
