| Author |
Under attack. |
Avlid
Member
Posts: 53
Location: Sweden
Joined: 24.02.09
Rank: Monster |
|
Hey guys, im on my phone so limited text.
the last 20h i've been pinged and scaned by 216.240.157.88 (safarel.com)
since this started my cpu is at 100%
my firewall and antivirus have removed one threat after another. What should i do? any advice is appreciated!
|
 
|
| Author |
RE: Under attack. |
mattseanbachman
Member
Posts: 57
Location: In the sky lol
Joined: 24.02.10
Rank: Elite |
|
http://security.thejoshmeister.com/
That site goes into it. Do a ctrl+ F to find where that domain is mentioned (safarel.com).
I looked that site up on the WOT site and here's the result, probable connections to malicious software:
http://www.mywot.com/en/scorecard/www.safarel.com
Just based on what you said, definitely don't think that it's something to brush off. Try to remove any malware from your system is about all that I can offer (which you've tried already).
Hopefully someone else can offer a bit more on this than I can. I'm a newcomer to this site but hopefully this points you in the right direction. |
|
|
| Author |
RE: Under attack. |
korg
Member
Posts: 1677
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank: God |
|
You got jacked big time, It on a threat list already:
http://www.threatexpert.com/report.aspx?md5=202808483a9f8447d5dec38677593ff9
Best advise is to remove these files manually, If not try running malwarebytes it should get rid of it.
|
|
|
| Author |
RE: Under attack. |
Avlid
Member
Posts: 53
Location: Sweden
Joined: 24.02.09
Rank: Monster |
|
I now have just slightly more info.
The exakt adress of what is attacking me is safarel.com/oms.php
I´ve found some of the malware but not all, any tip of a good malware remover? Thanks guys this is appreciated 
|
|
|
| Author |
RE: Under attack. |
only_samurai
[IRC Rockstar]
Posts: 984
Location: idling in some random irc channel
Joined: 18.08.06
Rank: .|unranked|. |
|
I'd recommend both AVG and TrendMicro's Housecall, as they are both free.
Depending on what you use that computer for, it may just be best to backup your files and re-install the OS. Malware is quite tricky and even if you remove everything you (or the AV scanners) find, you may still have an infection. The only way to be sure is to completely rebuild the box and then move your data back over (after giving it a virus scan or two, you don't want to rebuild the box and then copy the malware back over.)
If you use this computer for any sort on online banking or the like, definitely change those passwords.
~samurai
The problem with a fool-proof system, is eliminating the fool.
"His name is Cereal Killer...Like Fruitloops." If you cut me, I bleed binary.
http://blog.psych0tik.net/ |
|
| Author |
RE: Under attack. |
Avlid
Member
Posts: 53
Location: Sweden
Joined: 24.02.09
Rank: Monster |
|
I Think that i´ve solved it for now. Installed norton 2010 instead of eset smart secutiry and it found a great deal of infected files.
Since the only thing i use that computer for is games and the likes i don´t think that is that big problem.
Thank you
|
|
|
| Author |
RE: Under attack. |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
if I get someone scanning or trying to bruteforce my ftp or something (usually from china :/) I just restart my router so i get a new ip.
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
|
|
|
| Author |
RE: Under attack. |
spyware
Member
Posts: 4158
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
|
wolfmankurd wrote:
if I get someone scanning or trying to bruteforce my ftp or something (usually from china :/) I just restart my router so i get a new ip.
wat
Just add them to the blacklist. Or better, reroute to fbi.gov.
The most censored HBH profile.
"The chowner of property." - Zeph“Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.” - Carl Sagan “Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert |
|
|
| Author |
RE: Under attack. |
Avlid
Member
Posts: 53
Location: Sweden
Joined: 24.02.09
Rank: Monster |
|
#wolfmankurd: I have a fixed ip 
#spyware: said and done 
all trafic from the specified ip will rerout through my vpn to fbi.gov
|
|
|
| Author |
RE: Under attack. |
yihoshi
Member
Posts: 1
Location:
Joined: 07.11.10
Rank: Newbie |
|
U re-routed all malicious traffic going into your i.p back out from ur i.p to Fbi.gov!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! hmm i wonder which i.p will show up in the logs yours or the attackers  |
|
|
| Author |
RE: Under attack. |
spyware
Member
Posts: 4158
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
:/
The most censored HBH profile.
"The chowner of property." - Zeph“Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.” - Carl Sagan “Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert |
|
|
| Author |
RE: Under attack. |
ynori7
Future Emperor of Earth
Posts: 1481
Location: #valhalla
Joined: 08.10.07
Rank: Diabolical |
|
yihoshi wrote:
U re-routed all malicious traffic going into your i.p back out from ur i.p to Fbi.gov!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! hmm i wonder which i.p will show up in the logs yours or the attackers
I suspect those logs are long gone since this happened more than half a year ago.
|
|
| Author |
RE: Under attack. |
goluhaque
Member
Posts: 179
Location: India
Joined: 17.02.10
Rank: Hacker Level 1
Warn Level: 30
|
|
ynori7 wrote:
yihoshi wrote:
U re-routed all malicious traffic going into your i.p back out from ur i.p to Fbi.gov!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! hmm i wonder which i.p will show up in the logs yours or the attackers
I suspect those logs are long gone since this happened more than half a year ago.
Lawl.
|
|
|
| Author |
RE: Under attack. |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
goluhaque wrote:
ynori7 wrote:
yihoshi wrote:
U re-routed all malicious traffic going into your i.p back out from ur i.p to Fbi.gov!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! hmm i wonder which i.p will show up in the logs yours or the attackers
I suspect those logs are long gone since this happened more than half a year ago.
Lawl.
Laughing and wielding longsword?
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
 |
|
|
| Author |
RE: Under attack. |
korg
Member
Posts: 1677
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank: God |
|
|
MoshBat wrote:
This was a dead topic, before it was bumped with some atrocious English. We don't particularly need a discussion on how badly a thread was bumped, or what "lawl" may or many not stand for, or mean.
Lock and let die.
Good idea.
|
|
|
Main:
