Checked nastyhosts using my IP - result -deny
Checked ipvoid using my IP - result - Blacklist Status - BLACKLISTED 3/39
Checked CBL Lookup Utility
IP Address 163.**.**.** is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.
It was last detected at 2016-06-17 19:00 GMT (+/- 30 minutes), approximately 14 hours, 30 minutes ago.
This IP is infected with, or is NATting for a machine infected with Win32/Dorkbot
This was detected by observing this IP attempting to make contact to a Win32/Dorkbot Command and Control server, with contents unique to Win32/Dorkbot C&C command protocols.
Win32/Dorkbot is a worm, and can travel to infect other computers via Instant Messaging, Twitter, Facebook and even USB drives.
Once installed, it gets involved with clickfraud, and can act as "ransomware" - locking the user out of their computer or encrypting the contents until the user pays a "ransom".
How the hell fix it
