Hello to all!
About a month ago, Webroot Spysweeper 5.5 blocked my normal MSN Live messenger from opening (even though I used it for months previous with no problems) by claiming Trojan-Phisher-Oito was trying to activate. So when i quarantined the file, my msnmsgr.exe file was obviously removed from it's normal folder. I therefore uninstalled the MSNLive and reinstalled it fresh from it's proper msn.com website.
Every so often I run netstat.exe in order to determine ports connected to and so forth,
I've noticed that somedays when I am using MSN Live messenger it will connect to the normal MSN servers in additon to a certain IP address that I've looked up on those websites that locate IP addresses that claims to be from California but pertains to "Ad-Base Systems Inc." that is located in Philly because it is 71.251.xxx.xx and the port changes each time I reload MSN.
**Note: It doesn't always connect to the IP address from my port (which is usually 53065 or some large number port).
I've scanned my computer with
Webroot 5.5, Superantispyware, AVG Antispyware, updated 7.1.248 ZA internet security suite, trend micro 6.6 housecall, a-2 antispyware, and windows defender in normal windows and safe mode. All scans are clean.
I actually have an external firewall as well as using ZA's software firewall from the security suite.
My computer is running fine like normal, same boot-up time and shut down times, nothing strange out of the ordinary since I only use my computer for chatting (aim, msn), email, and some homework/essays.
I also used www.grc.com to test for open ports (all my ports are stealthed) and also tested the leaktest which ZA notified me of a problem (so I passed).
Someone please help, because I've had another computer hacked before 4 years ago and it was a very scary incident.
Operating System:Windows Vista Home Premium
Software Version:7.1 (Vista)
Product Name:ZoneAlarm Internet Security Suite