tripp
Members-
Posts
18 -
Joined
-
Last visited
Reputation
0 Neutral-
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
I try to go to a bunch. PM sent as to not keep this at the top. -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
I havent seen them at all now. Must have been that. I had an extension on FF called reload every or something like that which must have still been active, seeing as how I saw these at random times. Good thing it's nothing to worry about. Thanks for the help. Have fun across the Tampa Bay. GO RAYS -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
That's interesting to know. I did notice it doing it when I use google. Doesnt really seem to be doing it now though. Maybe it was fixed? -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Cool - I was out and about looking for softball bats all day. I thought the fan fest was next week. The girlfriend and I had talked about going but I guess that is out of the picture. I'll keep an eye for the pop-ups. It seems to be sporadically. -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Tampa, FL -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
The 209 ones are basically the same it looks. here are others I think 11:17:49 Alan Brown IP-BLOCK 208.94.233.132 11:21:58 Alan Brown IP-BLOCK 209.239.114.77 that block of 209.239.114.XXX is pretty busy -
PM me when they do. Tough to monitor the forums all the time.
-
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Bah - came back it looks like.... (could these just be from cookies of some sort) Same Ip Addresses still being hit. Here is my log from MWB 12:01:07 AB IP-BLOCK 98.124.199.1 12:01:10 AB IP-BLOCK 98.124.199.1 12:01:16 AB IP-BLOCK 98.124.199.1 12:01:39 AB IP-BLOCK 209.239.114.15 12:01:39 AB IP-BLOCK 209.239.114.244 12:01:42 AB IP-BLOCK 209.239.114.15 12:01:42 AB IP-BLOCK 209.239.114.15 12:01:42 AB IP-BLOCK 209.239.114.244 12:01:48 AB IP-BLOCK 209.239.114.15 12:01:48 AB IP-BLOCK 209.239.114.15 12:01:48 AB IP-BLOCK 209.239.114.244 12:07:03 AB IP-BLOCK 209.239.114.15 12:07:04 AB IP-BLOCK 209.239.114.244 12:07:06 AB IP-BLOCK 209.239.114.15 12:07:13 AB IP-BLOCK 209.239.114.15 -
Wish this was still active. Have a few people that want it
-
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Thanks - Will do -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
interesting....Symantec Corp kept finding that but it wouldnt do anything. Now I know why. This PC has been set up since 04. Who knows whats left on here from various betas of programs. Thanks for the help in this. I will be purchasing MWB. Very useful program. On a side note - will combofix run on a USB connected drive? I have a badly infected laptop drive that wont boot into windows at all. If I can't get it to boot with a program after pulling it and connecting it via IDE to USB then it is getting formatted. Too much time can be wasted with these things. -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Sorry - I meant to post that before - I had to do the IE trick to get MWB to update. I googled the error number and there was clear instructions on how to fix it. Thanks - everything seems to be good to go. If possible, I would love to know the results of the files once they go through further analysis. Being an MIS professional, this stuff is interesting. Especially since the writers of these malwares are getting to be pretty good. -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
actually now that you ask it seems like the attacks have stopped strange how it took combofix three times. Any idea what it was? some variant of AV2010 is my guess -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
file was located and name as follows: C:\Qoobox\Quarantine\[4]-Submit_2010-02-13_18.19.33.zip -
Constant attacks to 94.228.209.143, 209.239.114.xx + more
tripp replied to tripp's topic in Resolved Malware Removal Logs
Thanks. Computer was offline during the scan so I had to submit it through the HTM file. New log attached. ComboFix.txt