Of course you could ignore the detected file in mbam. I put those there. RK does show some interesting results so I went ahead and posted it DDS.txt mbam-log-2012-10-05 (13-36-10).txt RKreport1.txt Attach.txt
I've recently been recieving incoming connections from foriegn IPs(Europe) over port 22028. MBAM blocks these connections prompting "Incoming connection from 85.x.x.x blocked; proc:"scvhost.exe". I'm worried about any other vulnerabilities this rootkit might exploit. I've tried TDSS and combofix but to no avail. I have a report generated for DDS and roguekiller.