Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Mysterious activity from eastern europe

  • Please log in to reply
1 reply to this topic

#1 shauma


  • Members
  • 2 posts
  • Local time:09:36 PM

Posted 04 May 2017 - 11:48 PM

The last few days (since Sunday, 4/30), I've been getting occasionally activity from Russia and Ukraine hitting my malwarbytes. One of the two IP addresses is, the other is They're both attempting to run svchost.exe. I've run several root/trojan detectors and they came up with nothing. Malwarebytes and it's anti-rootkit program both come up with - nothing. Maybe that's good. I do have two computer games from eastern europe on my machine that have been there for a very long time. One for several years (World of Tanks, play it every day), and Warthunder (installed it once, played it for a few hours, haven't been back). On Saturday I had installed Sims 4 and downloaded some player-created content (doh) which I've since removed. Has anyone had this, know what's going on?



Edited by hamluis, 05 May 2017 - 10:12 AM.
Moved from Win 7 to Gen Security - Hamluis.

BC AdBot (Login to Remove)



#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,632 posts
  • Gender:Male
  • Local time:05:36 AM

Posted 08 May 2017 - 03:05 AM

Did you get this information with tcpview or netstat, and is svchost.exe listed on the same line as these IP addresses?

Didier Stevens

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018


If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.


Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users