close

Privacy guaranteed - Your email is not shared with anyone.

ok , this is a fun one...

Discussion in 'Tech Talk' started by m1911a1, Aug 19, 2004.

  1. m1911a1

    m1911a1

    Messages:
    78
    Likes Received:
    0
    Joined:
    Jun 18, 2004
    2 things... an app called smnp.exe...and a website that piggybacked in off of a british university webpage ...
    the id is xxxelit3.net ... all i know is its generating huge outgoing files , but of what i can't tell as there is no personal info on this comp...
    so how do i get rid of these bloody arf'ing things ?
    google is no help on either item and connection is refused for 137.205.145.182 ...whois; results in a lot of names that don't respond...
    my fire wall has it blocked...
    my scans show 0 there...
    this is the result of 'whois'
    % This is the RIPE Whois server.
    % The objects are in RPSL format.
    %
    % Rights restricted by copyright.
    % See http://www.ripe.net/ripencc/pub-services/db/copyright.html

    inetnum: 137.205.0.0 - 137.205.255.255
    remarks:
    remarks: This inetnum has been transfered as part of the ERX.
    remarks: It was present in both the ARIN and RIPE databases, so
    remarks: the information from both databases has been merged.
    remarks: If you are the mntner of this object, please update it
    remarks: to reflect the correct information.
    remarks:
    remarks: Please see the information for this process:
    remarks: http://www.ripe.net/db/erx/erx-ip/network-137.html
    remarks:
    remarks: **** INFORMATION FROM ARIN OBJECT ****
    remarks: netname: WARWICK
    descr: University of Warwick
    descr: Coventry CV4 7AL
    remarks: country: GB
    admin-c: MRC12-RIPE
    tech-c: MRC12-RIPE
    remarks: changed: hostmaster@arin.net 19900103
    remarks: changed: hostmaster@arin.net 19950921
    remarks: **** INFORMATION FROM RIPE OBJECT ****
    netname: WARWICK
    descr: Campus network for University of Warwick
    country: GB
    admin-c: AA1149-RIPE
    tech-c: WAR3-RIPE
    tech-c: CT334-RIPE
    tech-c: MF362-RIPE
    status: ASSIGNED PA
    mnt-by: JANET-HOSTMASTER
    changed: tony@noc.ulcc.ac.uk 19911107
    changed: dfk@cwi.nl 19911113
    changed: ripe-dbm@ripe.net 19990706
    changed: ripe-dbm@ripe.net 20000225
    changed: stan@whois.ja.net 20010917
    changed: ipaddress@ukerna.ac.uk 20020527
    changed: er-transfer@ripe.net 20040218
    source: RIPE

    route: 137.205.0.0/16
    descr: Warwick University
    descr: Information Technology Services
    descr: Coventry
    descr: CV4 7AL
    descr: UNITED KINGDOM
    origin: AS786
    mnt-by: JIPS-NOSC
    changed: selina@ans.net 19951011
    changed: stan@whois.ja.net 20010926
    source: RIPE

    person: Alison Allden
    address: IT Services
    address: University of Warwick
    address: Coventry
    address: CV4 7AL
    address: United Kingdom
    phone: +44 (0)24 765 23355
    fax-no: +44 (0)24 765 23267
    e-mail: a.allden@warwick.ac.uk
    nic-hdl: AA1149-RIPE
    changed: mark.fisher@warwick.ac.uk 20020527
    source: RIPE

    person: Mark R. Charlton
    address: Computing Services
    address: University of Warwick
    address: Coventry
    address: CV4 7AL
    address: GB
    phone: +44 1203 523058
    fax-no: +44 1203 523267
    e-mail: m.charlton@warwick.ac.uk
    nic-hdl: MRC12-RIPE
    mnt-by: RIPE-ERX-MNT
    changed: hostmaster@arin.net 19950921
    changed: hostmaster@arin.net 19950921
    changed: er-transfer@ripe.net 20040120
    source: RIPE

    person: Mark Fisher
    address: IT Services
    address: Network Services Team Leader
    address: University of Warwick
    address: Coventry
    address: CV4 7AL
    address: United Kingdom
    phone: +44 (0)24 765 74257
    fax-no: +44 (0)24 765 24333
    e-mail: mark.fisher@warwick.ac.uk
    nic-hdl: MF362-RIPE
    changed: jips-nosc@nosc.ja.net 19970213
    changed: m.t.fisher@rdg.ac.uk 19980414
    changed: mark.fisher@warwick.ac.uk 20020527
    source: RIPE

    person: Warwick University Hostmaster
    address: Information Technology Services
    address: University of Warwick
    address: Coventry CV4 7AL
    address: United Kingdom
    phone: +44 24 7652 3523
    fax-no: +44 24 7652 3267
    e-mail: hostmaster@warwick.ac.uk
    nic-hdl: WAR3-RIPE
    changed: stan@whois.ja.net 20010917
    changed: stan@whois.ja.net 20010926
    source: RIPE

    person: Chris Tilbury
    address: IT Services
    address: Network & User Services Manager
    address: University of Warwick
    address: Coventry
    address: CV4 7AL
    address: United Kingdom
    phone: +44 (0)24 765 23365
    fax-no: +44 (0)24 765 23267
    e-mail: chris.tilbury@warwick.ac.uk
    nic-hdl: CT334-RIPE
    notify: ipreq@pipex.net
    mnt-by: AS5519-MNT
    changed: mark.fisher@warwick.ac.uk 20020527
    changed: ipreq@pipex.net 20040707
    source: RIPE
     
  2. Clyde

    Clyde Lost in KY Millennium Member

    Messages:
    549
    Likes Received:
    1
    Joined:
    Jan 28, 1999
    Location:
    KY

  3. berniew

    berniew Liberty

    Messages:
    1,362
    Likes Received:
    0
    Joined:
    Nov 3, 2002
    Location:
    MN
  4. m1911a1

    m1911a1

    Messages:
    78
    Likes Received:
    0
    Joined:
    Jun 18, 2004

    have blocked the app fron accessing net , need simple way to find and remove ... found the registry entry with jv16 but there was only one entry ...
     
  5. m1911a1

    m1911a1

    Messages:
    78
    Likes Received:
    0
    Joined:
    Jun 18, 2004

    opened this page and got a immediate notification that the app dicussed therein was residing on the page ...
    it remained active until i deleted the page and cleared all the cache and memory apps...
    it was a brand new leech that came in with the above page !
    watch yourselves ...
     
  6. berniew

    berniew Liberty

    Messages:
    1,362
    Likes Received:
    0
    Joined:
    Nov 3, 2002
    Location:
    MN
    What 'notified' you? What did it say?