avast! just finished a weekly Full Scan and found 12 infections in 2 locations.
1st location is C:\User(6 here), the 2nd location is my Backup Files(6 here).
Soooo, recently I had a Security Certificate alert saying something wasn’t valid, and if I wanted to install it, I did,(?).
MBAM Pro has been blocking a URL as well…
ENVY17-3090NR3D Michael User IP-BLOCK 222.76.94.156 (Type: incoming, Port: 40994, Process: svchost.exe)
And a bunch of others…
So where is the Quarantine File and how do I send this in for analysis?
I would like to get this cleared up soon.
That IP block you mention is for a mail server from Beijing (mainland China), see this report: https://www.projecthoneypot.org/ip_222.76.94.156
I get a :
Finally, bingo, as here we find that it was probably a badbot as this near IP is reported: http://www.blocklist.de/en/search.html?as=4134
(no action found for yours during the last 14 days)
The port forward is a Brothers in Arms gamer port if tcp…
Blacklisted network because of cyber reports, see this listing please: http://yutrade.net/blacklist.php:
222.76.0.0
222.79.255.255 China
CHINANET-FJ, CHINANET fujian province network, China Telecom, No1,jin-rong Street, Beijin …N i k e & other shoe spam incidents mentioned…
link resource info from: International Trade Development Centre, Belgrade,
Spam Bot?!
GRC Shields Up gives me total stealth, so I don’t understand the avast! thing,
I found the Quarantine folder and sent the 1st 6 to VT, all came back 0\44…
File type: Unknown…
So now what to do?
EDIT:
I looked at the 2 remaining files in Java Cache folder 30 (they are the leftovers that weren’t quarantined), and they are from a URL avast! blocked when I was surfing the net.
I cleaned out the Java Cache: http://www.java.com/en/download/help/cache_virus.xml
I will run another folder scan on the Java cache folders.
NO THREAT FOUND
Deleted all 12 files from the ‘Dead-mans Chest’ (Pirate Talk), anything else you would like me to do or have I done it all?
So how is it that avast! let this into my PC’s Java cache?
I remember that avast! blocked the URL when I went to the page, but somehow it still loaded into the Java cache, and subsequently was found during the Full Scan. Is there something I can do to prevent this from happening again? Some settings that I can improve? Something I have missed?
MBAM didn’t detect this, disappointing performance…
FYI:
avast! Full Scan; Clean
MBAM Full Scan; Clean