Author

Topic: IP Address Infected (Read 534 times)

legendary
Activity: 1470
Merit: 1079
June 18, 2016, 04:54:33 AM
#1
I have a faucet list, visited a couple of new faucets to add it to my list, but none of them worked (all faucetbox)

Checked nastyhosts using my IP - result -deny

Checked ipvoid using my IP - result - Blacklist Status - BLACKLISTED 3/39

Checked CBL Lookup Utility

IP Address 163.**.**.** is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2016-06-17 19:00 GMT (+/- 30 minutes), approximately 14 hours, 30 minutes ago.

This IP is infected with, or is NATting for a machine infected with Win32/Dorkbot

This was detected by observing this IP attempting to make contact to a Win32/Dorkbot Command and Control server, with contents unique to Win32/Dorkbot C&C command protocols.

Win32/Dorkbot is a worm, and can travel to infect other computers via Instant Messaging, Twitter, Facebook and even USB drives.

Once installed, it gets involved with clickfraud, and can act as "ransomware" - locking the user out of their computer or encrypting the contents until the user pays a "ransom".


How the hell fix it Huh
Jump to: