Broadband Tech > Security > Security > MyNetInfector

reply to eburger68

Re: MyNetInfector

adawarelog.zip 4,509 bytes (adawarelog.TXT)

hijackthis.zip 1,466 bytes (hijackthis.log)

SpySweeperSe···sLog.zip 17,126 bytes (SpySweeperSessionsLog.txt)

A WHOIS reveals that they use a "proxy" registrant for their domain name.

Contact info for the registrant is on this page:

»domainsbyproxy.com/LegalAgreemen···prog_id=

Prohibitions: Domains By Proxy will not do business with you,
nor protect your identity, if you:
• Transmit spam, viruses or harmful computer programs;
• Violate the law or infringe a third party’s trademark or copyright;
• Engage in morally objectionable activities, including but not limited to those which are child pornographic, defamatory, abusive, harassing, obscene, racist, or otherwise objectionable

Anyone want to try contacting these guys and filing a complaint? I've done this in past cases, but I'm too busy to get very involved with this right now.

Here is the godaddy.com abuse contact as well.
Web: »www.godaddy.com/gdshop/spamrepor···port.asp
Email: abuse@godaddy.com

UPDATE:

FOUND THE ACTUAL HOST USING VISUALROUTE AND ANOTHER WHOIS:

205.134.161.89

---------------------------------------------------------------------------------- ---------- ---------------------------------------------------------------------------------- ---
| Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network |
---------------------------------------------------------------------------------- ---------- ---------------------------------------------------------------------------------- ---
| 0 | | 161.58.180.113 | WIN10115.visualware.com | Dulles, VA, USA | -05:00 | | | Verio, Inc. VRIO-161-058 |
| 1 | | 161.58.176.129 | - | ?Englewood, CO | | 0 | | Verio, Inc. VRIO-161-058 |
| 2 | | 161.58.156.140 | - | ?Englewood, CO | | 0 | | Verio, Inc. VRIO-161-058 |
| 3 | | 129.250.28.206 | xe-1-2-0-3.r20.asbnva01.us.bb.verio.net | Ashburn, VA, USA | -05:00 | 0 | | Verio, Inc. VRIO-129-250 |
| 4 | | 129.250.2.61 | p16-5-0-0.r01.asbnva01.us.bb.verio.net | Ashburn, VA, USA | -05:00 | 0 | | Verio, Inc. VRIO-129-250 |
| 5 | | 206.223.115.83 | WASHDC5LCE1.3.0.wcg.net | Washington, DC, USA | -05:00 | 0 | | Equinix, Inc. EQUINIX-IX-ASH |
| 6 | | 64.200.95.117 | hrndva1wcx3-pos15-0-oc48.wcg.net | - | | 0 | | Williams Communication IP Services WLCO-HRNDVA1INTERN-30 |
| 7 | | 64.200.95.94 | washdc7lce1-pos4-0-oc48.wcg.net | Washington, DC, USA | -05:00 | 0 | | Williams Communication IP Services WLCO-HRNDVA1INTERN-30 |
| 8 | | 64.200.94.230 | washdc7lce1-yipes-gige.wcg.net | Washington, DC, USA | -05:00 | 0 | | Williams Communication IP Services WLCO-HRNDVA1INTERN-30 |
| 9 | | 209.120.218.2 | - | ?San Francisco, CA | | 0 | | Yipes Communications, Inc. YIPES-BLK4 |
| 10 | | 205.134.161.89 | hodur.ai.net | Columbia, MD, USA | -05:00 | 0 | | AiNET Hosting Operations AINETWEB-BLK177 |
---------------------------------------------------------------------------------- ---------- ---------------------------------------------------------------------------------- ---

CustName: AiNET Hosting Operations
Address: 6470 Freetown Road
Address: Suite 200-39
City: Columbia
StateProv: MD
PostalCode: 21044
Country: US
RegDate: 2002-12-03
Updated: 2002-12-03

NetRange: 205.134.182.0 - 205.134.182.255
CIDR: 205.134.182.0/24
NetName: AINETWEB-BLK182
NetHandle: NET-205-134-182-0-1
Parent: NET-205-134-160-0-1
NetType: Reassigned
Comment: Hosting Infrastucture
RegDate: 2002-12-03
Updated: 2002-12-03

TechHandle: AI-ORG-ARIN
TechName: American Information Network
TechPhone: +1-301-497-9620
TechEmail: nc@ai.net

OrgTechHandle: NETWO142-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-800-779-6938
OrgTechEmail: noc@ai.net

# ARIN WHOIS database, last updated 2004-03-22 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

OrgName: American Information Network
OrgID: AI
Address: 6470 Freetown Road Ste 200-39
City: Columbia
StateProv: MD
PostalCode: 21044
Country: US

NetRange: 205.134.160.0 - 205.134.191.255
CIDR: 205.134.160.0/19
NetName: AINET-BLK
NetHandle: NET-205-134-160-0-1
Parent: NET-205-0-0-0-0
NetType: Direct Allocation
NameServer: DNS9.AI.NET
NameServer: DNS6.AI.NET
NameServer: DNS8.AI.NET
Comment:
RegDate: 1995-04-27
Updated: 1998-09-29

TechHandle: AI-ORG-ARIN
TechName: American Information Network
TechPhone: +1-301-497-9620
TechEmail: nc@ai.net

OrgTechHandle: NETWO142-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-800-779-6938
OrgTechEmail: noc@ai.net

# ARIN WHOIS database, last updated 2004-03-22 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

OrgName: American Information Network
OrgID: AI
Address: 6470 Freetown Road Ste 200-39
City: Columbia
StateProv: MD
PostalCode: 21044
Country: US
Comment:
RegDate: 1995-04-27
Updated: 2003-01-21

AdminHandle: AI-ORG-ARIN
AdminName: American Information Network
AdminPhone: +1-301-497-9620
AdminEmail: nc@ai.net

TechHandle: NETWO142-ARIN
TechName: Network Operations
TechPhone: +1-800-779-6938
TechEmail: noc@ai.net

# ARIN WHOIS database, last updated 2004-03-22 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

reply to Rifleman

said by Rifleman:

---

The mods should put this in the news section to warn as many as they can.

---