mysli
-
Posts
5 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by mysli
-
-
On 12/30/2018 at 4:29 PM, nasdaq said:
Sorry for this long delay.
Let me know if you still nee help.
It seems it seems that the botnet is alternating between IP's and is trying connect to my computer and Malwarebytes is blocking these attempts.
I just would like to know if there is a possibility of one of those attempts to go unnoticed and if so what precautions would there be to avoid that. Since using proxies doesn't seem to make any difference for some reason...
-
Using chrome 99% of the time.
-
A bit late reply but here.
Also I've had a pretty interesting experience happen with my computer twice now. It might be absolutely irrelevant to the problem with the spambots but my computer has frozen twice in the past 2 months now. I don't mean like slowing down or anything of sorts. Just absolutely frozen screen, power doesn't turn off even when forcibly pressing down the power button on multiple occasions even for minutes at times. I've had to pull the cord from the wall to actually close the computer. Luckily so far I've notice no damage happen from it.
-
So I've been getting connections from strange IP's for a long time and Malwarebytes has always notified me of it and classified the attempts as malware. These attempts would usually happen around 4-5 times a week for the past 5 months or so and Malwarebytes Premium would show no additional information on the attempts apart from IP & Port.
Recently though these attempts have been much more frequent (3-9 times a day) and coming from different IP's and sometimes even showing domains which also are different from each other. Instead of saying it was an attempt to infect my PM with malware it now says it was a Trojan instead. I've scanned my PC with Malwarebytes Premium, Adwcleaner and Avast with no results each time. Just recently I've been looking into the IP's with different online tools:
https://exchange.xforce.ibmcloud.com/ https://www.virustotal.com/#/home/url
These would show that most of the IP's that Malwarebytes would inform me as Trojan infect attempts are trying to infect me with the Zero-day malware.
One of the recent IP's I had checked was this and it seems to be a spam bot (from a botnet most likely) trying to infect PC's with the Zero-day malware.
https://exchange.xforce.ibmcloud.com/ip/81.18.134.18
Most frightening is the fact that after after using a VPN or even double proxies they still manage to connect to me. I'm using NordVPN and even then I am getting spammed. Majority of the attempts only show the type of the malware and the IP. Not domain or the file it was coming from (assuming I have something on my PC that lets them connect to me through changing my IP address.
So is my PC, information and files in danger with how things are now, or am I safe?
Sorry the text on the image is in Finnish. Also not sure if the topic is in a wrong category, move it if it is.
Getting spammed with zero-day malware from a botnet.
in Resolved Malware Removal Logs
Posted
There is only an option to enable sync so I don't think I have it enabled.
Also at first when when the problem started I was only using one device using google.