Argus:
I may not be out of the woods yet. I just saw MalwareBytes runtime slide out a window saying something like "malicious website detected", with an IP address starting with "80." and it slipped away before I could see the rest. But I did notice it said "Inbound".
Is this part of the Powelik activity? I only see the one dllhost.exe in taskmgr, and my IE History does not show unknown sites having been visited.
How would a website get through my home router firewall (SonicWave) all the way to my computer?
MB scans have not shown any new malware for 3 days.
Is this the hint that I'm still infected, or MB just doing its normal job and telling me about common activity I never noticed before, using MS Security Essentials?
It's of concern because the first hint of this Trojan was the same runtime messagebox.
Thanks,
I may not be out of the woods yet. I just saw MalwareBytes runtime slide out a window saying something like "malicious website detected", with an IP address starting with "80." and it slipped away before I could see the rest. But I did notice it said "Inbound".
Is this part of the Powelik activity? I only see the one dllhost.exe in taskmgr, and my IE History does not show unknown sites having been visited.
How would a website get through my home router firewall (SonicWave) all the way to my computer?
MB scans have not shown any new malware for 3 days.
Is this the hint that I'm still infected, or MB just doing its normal job and telling me about common activity I never noticed before, using MS Security Essentials?
It's of concern because the first hint of this Trojan was the same runtime messagebox.
Thanks,