Every time I try to save something on paint, it tries to connect to some random ip, eg 69.94.107.14, though the last number varies slightly (~10-50). It would be less annoying if it didn't take 5 minutes for paint to do this. Strangely, nothing irregular happens if I pull my network cable. Any idea what's going on? That ip doesn't seem very suspicious.
Is there a default copy of mspaint.exe I can compare with?
Thanks for your thoughts,
inb4 trojan
Name:
Anonymous2010-01-20 8:27
Some AVs might do the job, but only if it's a known threat. I can't say much about them as I never use them myself. I just pop it up in a debugger and see what it does and if it's bad or not.
So every time you use a new program on Windows you inspect it in a debugger? How does that even work? How could you see in the debugger that the program is made to wipe your files on Oct. 31, 2010?
Before vista I spent most of my time without AV so I know it's doable, but that was just common sense and calculated risk. I don't see a debugger improving much on that unless you like playing your games one OS call at a time.
Also, AVs/firewalls also detect unknown threats. Rootkits and keyloggers will at least pop a warning.