5 replies to this topic

[kodeman]

I visited glowgaze.com and started to notice strange behavior coming from my PC, peerblock kept having IP's popup sometimes while i was not even using the internet. The sites appeared legit at first and peerblock was calling them amazon technologies and microsoft, i think i clicked allow for 15 minutes on amazon technologies the first few times i saw it. Also the vpn i use witopia wouldnt allow me to connect, peerblock blocked it and gave a message about Ubuiquty servers p2p(or somethign like that) After the peerblock program started to really get spammy with its blocks and I couldnt open webpages because peerblock was blocking a URL related to amazon technologies or microsoft..that had nothing to do with them and had opened in past many times without any issues I started to suspect I had some thing fishy going on. I ran maleware bytes microsoft security essentials, spybot search and destroy all found nothing , so I reinstalled windows on my PC and after getting mostly done with my installation of programs and such I started to see the same IP blocks coming from peerblock, I got a laptop that has never been to glowgaze.com and enabled peerblock , sure enough the same IP's were coming up , so i'm at the assumption now that somehow my IP is on a botnet, i'm not sure how my laptop or even my PC is still being messed around with , because I had file sharing off between them. I've looked into changing my IP address but with the comcast box i have there's no way to spoof the mac address, I tried setting up a lynksys router next to my comcast modem but i couldnt access the login to the lynksys router, even after resetting it and trying it just connected to my pc, and also to the modem + my PC. The things powering on and lights blinking I've reset it on back.. but no URL's i type are able to access it.. also i left the modem off for 10 hours last night in hopes it would re-assign a new IP. no luck there. can anyone explain the steps i need to take.. the only thing i can think of is switch internet companies to get a new IP or pick up a different router and try to get the new ip that way. The exact way i was going to do this was from an article i found on the net saying Have Comcast place the 862 in to FULL bridge mode so that it acts only as a straight cable modem with which you can you your own router. When the system sees the MAC address of the new router, your connection will be assigned a new / different WAN (public) IP address. If you purchase a new router make sure it has a MAC address cloning feature. Most stand-alone home networking routers do. Any help would be much appreciated Here are my OTL results

[kodeman]

i also wanted to note that peerblock blocked a shady IP 173.45.161.113 named: bunch o' porn

[kodeman]

Today i brought my laptop which had been connecting to the same IP's as my de sktop to the public library in town and connected to there wifi,  sure enough peerblock kept showing the same ip's being blocked ,  i'm having comcast come to the house tommorow and hopefully will get a new modem with mac and IP address,  my current modem cannot be mac spoofed, so this is my only option to change the modems mac and IP address,  I'll update this thread to my progress ,  I'm starting to think i have some sort of man in the middle  type thing going on ,  and its relathed to modems mac.. although bringing the laptop to a different network and still getting the peerblock  IP blocks doesnt make sense to me,   I'd love to hear what the professionals have to say,  let me know if you need any more information

btw i ran every utility at https://www.grc.com  including certificate fingerprinting and everything came back no problems.

[kodeman]

solved, Peerblock's lists were recently updated and many people are complaining of same issue on peerblock forum. 30 hours of learning experience

[Tomk]

Glad to hear you got it resolved.

[Tomk]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.