Ongevraagd files downloaden

Status
Niet open voor verdere reacties.
R

RobertBos

Nieuwe gebruiker
Lid geworden
8 sep 2008
Berichten
1
Mijn systeem maakt ongevraagd verbinding (om de 15 min) met "http://92.241.164.155?update1.exe".

Dit wordt gesignaleerd door de IMOM van ESET/NOD32 en ik kan die download daardoor tegenhouden.

Hoe kom ik er achter welk file in mijn PC dat veroorzaakt.
 
Ik heb deze info voor dit IP adres voor je gezocht.
Ik denk dat je de nodige antispam prgramma's eens moet draaien.

HTML: 
Address lookup
lookup failed 92.241.164.155 
  Could not find a domain name corresponding to this IP address. 

Domain Whois record
Don't have a domain name for which to get a record

Network Whois record
Queried whois.ripe.net with "-B 92.241.164.155"...

% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Information related to '92.241.164.1 - 92.241.165.255'

inetnum:        92.241.164.1 - 92.241.165.255
netname:        NET-2x4
descr:          2x4.ru network
country:        RU
admin-c:        UDF666-RIPE
tech-c:         UDF666-RIPE
status:         ASSIGNED PA
mnt-by:         RU-WEBALTA-MNT
changed:        lexa@wahome.ru 20080109
source:         RIPE

person:         Yuri Bogdanov
address:        Bolshiy Suharevski, 21
address:        Moscow City, Russian Federation
remarks:        ***************************************
remarks:        Virtual Hosting, Windows Lunux FreeBSD VPS/VDS Servers, Dedicated Servers
remarks:        English and Russian Sales and Support contact: ICQ 758291
remarks:        Egypt Support: Excellent Serv Co. a@xs.com.eg
remarks:        ***************************************
abuse-mailbox:  abuse@2x4.ru
phone:          +7 495 657-90-57
nic-hdl:        UDF666-RIPE
changed:        admin@2x4.ru 20080109
source:         RIPE

% Information related to '92.241.160.0/19AS41947'

route:          92.241.160.0/19
descr:          Wahome IP's =)
origin:         AS41947
mnt-by:         RU-WEBALTA-MNT
changed:        lexa@wahome.ru 20071218
source:         RIPE



DNS records
DNS query for 155.164.241.92.in-addr.arpa returned an error from the server: NameError

No records to display

Traceroute
Tracing route to 92.241.164.155 [92.241.164.155]...

hop rtt rtt rtt   ip address fully qualified domain name 
1 0 1 1   70.84.211.97 61.d3.5446.static.theplanet.com 
2 0 1 0   70.84.160.162 vl2.dsr02.dllstx5.theplanet.com 
3 0 0 0   70.85.127.109 po52.dsr02.dllstx3.theplanet.com 
4 0 0 0   70.87.253.29 et5-2.ibr04.dllstx3.theplanet.com 
5 0 0 1   64.208.170.197 gigabitethernet7-3.ar2.dal2.gblx.net 
6 128 127 127   64.208.222.202 edn-sovintel-llc.tengigabitethernet7-4.ar1.fra4.gblx.net 
7 166 187 171   194.186.157.137 cat07.moscow.gldn.net 
8 168 165 165   195.239.10.202 te1-1.maxwell.msk.wahome.ru 
9 165 162 162   77.91.227.166 saturncheg-gw.msk.wahome.ru 
10 165 168 166   92.241.164.60  
11 162 162 164   92.241.164.155  

Trace complete

Service scan
FTP - 21 Error: ConnectionRefused 
SMTP - 25 Error: ConnectionRefused 
HTTP - 80 HTTP/1.1 302 Found
Date: Mon, 08 Sep 2008 19:33:04 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch11
Location: http:///apache2-default/
Connection: close
Content-Type: text/html; charset=iso-8859-1 
POP3 - 110 Error: ConnectionRefused 
IMAP - 143 Error: ConnectionRefused
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan