Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

i dont know why my ip is sending spam

Hello,

As of August i have had problems with my internet and found out that my IP has been blacklisted due to spam and dictionary attack, after finding out that i have been blacklisted i ran multiple full-scans using Windows Defender and have ran Malwarebytes and have removed everything that has popped as a virus or a malware, after that i ran scan on 2 other android phones and have found out that they are not infected with anything, even after that my IP is still sending spams but no dictionary attacks, and yes i have changed my routers wi-fi and upgraded its firmware (TP-Link Wireless N Router WR840N).

Can somebody help me pretty please, I am desperate, i have ran so many checks even blocked port 25 with Windows Firewall(does that even work tho?).

bruh.PNG

Link to post
Share on other sites

You could have been wardriven by a criminal who is using your ip to send spam.  

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites

Change ISPs, this is an attack.

春の八王子、君はもういない。独り八王子、君はいないから。春の八王子、君はもういない。独り八王子、君はいないから。

Link to post
Share on other sites

Go in to your routers firmware and verify all the devices connected. Make sure no "Other devices" are connected that shouldn't. 

Was there dairy in that? ***30 min later**** Yep..... You might want to let it air out for a bit.....😂😂😂😂😂😂

Link to post
Share on other sites

It's possible your PC is more deeply infected that you realize and you'll have to bite the bullet and nuke your entire windows install.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to post
Share on other sites
1 minute ago, Lurick said:

It's possible your PC is more deeply infected that you realize and you'll have to bite the bullet and nuke your entire windows install.

Could in theory be even deeper than that too.  There is malware that hides out in motherboard stuff and just reinfects.  It’s rare though.

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
14 hours ago, Donut417 said:

Go in to your routers firmware and verify all the devices connected. Make sure no "Other devices" are connected that shouldn't. 

i have already done that and have found no other devices

Link to post
Share on other sites
14 hours ago, Bombastinator said:

Could in theory be even deeper than that too.  There is malware that hides out in motherboard stuff and just reinfects.  It’s rare though.

If it is a malware that can hide in the motherboard do i need to change my PC or what?
 

Link to post
Share on other sites
15 hours ago, MewMew said:

Change ISPs, this is an attack.

If only i could have changed my ISP ;(

I have no other possible ISPs in my area.

Link to post
Share on other sites
2 minutes ago, shrimpgfx said:

If it is a malware that can hide in the motherboard do i need to change my PC or what?
 

Did you read this?

 

14 hours ago, Lurick said:

It's possible your PC is more deeply infected that you realize and you'll have to bite the bullet and nuke your entire windows install.

 

Link to post
Share on other sites
2 minutes ago, Falcon1986 said:

Did you read this?

 

 

Doesnt that mean i just have to reinstall Windows and not save any old files from the old Windows?
 

Link to post
Share on other sites
6 minutes ago, shrimpgfx said:

Doesnt that mean i just have to reinstall Windows and not save any old files from the old Windows?
 

Correct, create a bootable USB on a different device and then reinstall from that one and delete everything.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to post
Share on other sites
1 minute ago, shrimpgfx said:

Doesnt that mean i just have to reinstall Windows and not save any old files from the old Windows?

If you absolutely don’t need anything, wipe the drive(s) completely then reinstall Windows.

 

Unfortunately, you run the risk of transferring the infected old files to the new installation if they are indeed infected. That’s a call you’ll have to make.

Link to post
Share on other sites
1 minute ago, Falcon1986 said:

If you absolutely don’t need anything, wipe the drive(s) completely then reinstall Windows.

 

Unfortunately, you run the risk of transferring the infected old files to the new installation if they are indeed infected. That’s a call you’ll have to make.

Well the problem is that i do not have any bootable USB. ;/

BTW how is that the infected files are transferred when i am installing a new Windows and deleting the old version?

Link to post
Share on other sites
58 minutes ago, shrimpgfx said:

If it is a malware that can hide in the motherboard do i need to change my PC or what?
 

You’d need to do fresh bios installs as well as an OS wipe.  The motherboard has writable data storage on it too.

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
4 minutes ago, Bombastinator said:

You’d need to do fresh bios installs as well as an OS wipe.  The motherboard has writable data storage on it too.

Is it really possible that i have a rootkit or a malware on my bios?

Link to post
Share on other sites
6 minutes ago, shrimpgfx said:

Is it really possible that i have a rootkit or a malware on my bios?

It’s apparently been badly infected for a long time.  Little is impossible.

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
7 minutes ago, shrimpgfx said:

Is it really possible that i have a rootkit or a malware on my bios?

 

The BIOS infection is super rare and IIR not actually not wide spread. You might have a rootkit or some other virus that you need to do a full diskpart /clean and format re-install to clear. 

 

One thing you could try doing is contacting your ISP about this and see if you can get a new IP? Usually ISPs don't give static IPs to non-business customers, so I would be curious if that traffic continues after you get a different IP address.

Link to post
Share on other sites
1 hour ago, shrimpgfx said:

BTW how is that the infected files are transferred when i am installing a new Windows and deleting the old version?

Please reread my response. If you save files from the current installation (e.g. music files, Word documents, etc.), reinstall Windows, then put the saved files back on the system, your system could get reinfected if the malware compromised those files. That's not to say that it's the case in your scenario, but based on how bad things seem to be, I'd be wary of carrying over anything unless it was absolutely necessary.

 

2 hours ago, shrimpgfx said:

Well the problem is that i do not have any bootable USB

Most modern motherboards will allow USB booting on demand (at the time of bootup, press the relevant function key to access the boot menu) or you can set the boot order within the BIOS itself.

 

There are many bootable toolkits that can erase drives properly, but I've lost touch with what's popular now. Not sure if DBAN is still what it used to be.

Link to post
Share on other sites
1 hour ago, Bad5ector said:

 

The BIOS infection is super rare and IIR not actually not wide spread. You might have a rootkit or some other virus that you need to do a full diskpart /clean and format re-install to clear. 

 

One thing you could try doing is contacting your ISP about this and see if you can get a new IP? Usually ISPs don't give static IPs to non-business customers, so I would be curious if that traffic continues after you get a different IP address.

+1 for this.
I wouldn't go full Murphy's Law until you know for sure.

春の八王子、君はもういない。独り八王子、君はいないから。春の八王子、君はもういない。独り八王子、君はいないから。

Link to post
Share on other sites
13 minutes ago, MewMew said:

I wouldn't go full Murphy's Law until you know for sure.

I'm a huge fan of occam's razor when it comes to troubleshooting.

Link to post
Share on other sites
6 hours ago, Bad5ector said:

 

The BIOS infection is super rare and IIR not actually not wide spread. You might have a rootkit or some other virus that you need to do a full diskpart /clean and format re-install to clear. 

 

One thing you could try doing is contacting your ISP about this and see if you can get a new IP? Usually ISPs don't give static IPs to non-business customers, so I would be curious if that traffic continues after you get a different IP address.

I already tried that and they closed the phone on my face cause "i dont want to get another IP blacklisted and pay money for that". What the f Am I supposed to do in that situation?

Link to post
Share on other sites
31 minutes ago, shrimpgfx said:

I already tried that and they closed the phone on my face cause "i dont want to get another IP blacklisted and pay money for that". What the f Am I supposed to do in that situation?

Huh? That makes no sense. Are you paying for static IP or something? If anything they should want to help you. 

 

Are you saying that they said that they don't want to get another IP blacklisted and that it would cost them more money to get another IP? You know they have pools of IPs right? What kinda Mickey Mouse ISP are you with?

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Newegg

×