Captcha request wherever I go

Post your questions about DNS based blacklists, what they are, listing status, and removal help.
Locked
d3j4n
New Member
Posts: 3
Joined: Tue May 30, 2017 5:27 pm

Captcha request wherever I go

Post by d3j4n » Tue May 30, 2017 5:38 pm

Some nights ago I noticed that almost wherever I go, whatever website I visit, I get captcha request!
I have no idea what's going on. I did some research and they led me to projecthoneypot, and there I enter my IP address, and it shows that I did some illegal activity.
Well, I have no idea how that happened, since I'm the only one who uses this computer.
I copied an url of a projecthoneypot page with info from my IP, so if anyone can explain to me how this works, or what to do, or what I could've done wrong, please tell me.
To be honest, I've been using my computer for a long time, but never did anything regarding IP changing, or anything that could harm my connection, simply because I don't know anything about that stuff.
This is really annoying, and I would like it gone as soon as possible.
Thanks in advance!
https://www.projecthoneypot.org/ip_62.4.55.185

User avatar
Chrispcritters
Forum Administrator
Posts: 2337
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: Captcha request wherever I go

Post by Chrispcritters » Wed May 31, 2017 8:18 am

If you perform a lookup on your IP address at http://www.abuseat.org/lookup.cgi you'll see the following:
IP Address 62.4.55.185 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2017-05-31 15:00 GMT (+/- 30 minutes), approximately 30 minutes ago.

This IP is infected with, or is NATting for a machine infected with s_unknown

Note: If you wish to look up this bot name via the web, remove the "s_" before you do your search.

This was detected by observing this IP attempting to make contact to a s_unknown Command and Control server, with contents unique to s_unknown C&C command protocols.

This was detected by a TCP/IP connection from "62.4.55.185" on port "57166" going to IP address "212.227.20.93" (the sinkhole) on port "80".

The botnet command and control domain for this connection was "nutqauytva7azxd.com".
There are a couple of possibilities of what is happening:

1) One or more computers on your network have been compromised and infected.
2) The IP address that is currently assigned to your network was previously assigned to someone else who has an infected computer.
3) Your ISP runs a proxy service and what you see as your IP address may be shared amongst many customers of your ISP.

I suggest the following:

1) Visit the CBL link above, enter your IP address, read the details and follow the instructions to check for and remove an infection.
2) If everything is clean try turning off your modem and router for at least 8 hours in the hopes your ISP will assign you a new IP address. -- Once you get a new IP address check it on CBL.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.

d3j4n
New Member
Posts: 3
Joined: Tue May 30, 2017 5:27 pm

Re: Captcha request wherever I go

Post by d3j4n » Tue Jun 06, 2017 11:08 am

Hey! Thanks for the reply! I will try to do what you told me to. I've been busy for the last few days, so I'll use the first opportunity I have to sit down and look this through in detail!
So, I will share the new findings here.

d3j4n
New Member
Posts: 3
Joined: Tue May 30, 2017 5:27 pm

Re: Captcha request wherever I go

Post by d3j4n » Wed Jun 21, 2017 5:03 pm

Well, the only solution was to reinstall OS! Prior to that I tried literally anything I could see online, but reinstalling was the only solution! My PC was obviously infected... SO, it's all good for now! I hope it doesn't appear again.

Locked

Who is online

Users browsing this forum: No registered users and 4 guests