« previous next »
Pages: [1]   Go Down

Author Topic: delete  (Read 3486 times)

0 Members and 1 Guest are viewing this topic.

ttguy

  • Guest
delete
« on: December 28, 2009, 01:56:44 PM »
tt
« Last Edit: December 31, 2009, 01:38:27 AM by ttguy »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89679
  • No support PMs thanks
Re: Can anyone help (PLEASE)
« Reply #1 on: December 28, 2009, 05:05:19 PM »
There won't be a folder called that as it is an internet URL not a folder location, something is connecting to that address. Since you mention this is a 'server' perhaps one of the networked systems/clients is accessing it.

What is your firewall ?
- It should be capable of blocking unauthorised outbound Internet Connections. - Which should be able to block this traffic.

Do you (or any other network clients) do any on-line banking with worldoffshorebanks.com ?
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

ttguy

  • Guest
Re: Can anyone help (PLEASE)
« Reply #2 on: December 28, 2009, 05:25:25 PM »
Hello DavidR

worldoffshorebanks.com does not have any online service. It is a directory.

My hosting company did a clean sweep of the server and the found absolutely nothing.

Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89679
  • No support PMs thanks
Re: Can anyone help (PLEASE)
« Reply #3 on: December 28, 2009, 07:03:52 PM »
Well considering you say that "worldoffshorebanks.com does not have any online service" that link is live and I presume not hosted on your server, so won't be a directory.

So all I can suggest is that they check the server logs to see what initiated the connection to to the URL as I somehow doubt it just connected to your server.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

ttguy

  • Guest
Re: Can anyone help (PLEASE)
« Reply #4 on: December 28, 2009, 07:21:09 PM »
DavidR

Yes they checked but found nothing.

I got this info from another source.
They said:


I get URLs like that too, once in a while, on my site.

I'm too lazy to check, but there's probably some exploit out for some poorly secured PHP app. Some botnets are trying the name for the exploitable page on every server they hit, including yours, in the hope that you are running this application and they can use it to take over your server.

Nope, so long as that file doesn't sit on your server, the worst effect will be the increase in traffic from all those bogus requests. You could reduce that a bit by presenting a shorter 404 page, or a custom one just for that access. But it's mainly just an annoyance.
Logged

CharleyO

  • Guest
Re: Can anyone help (PLEASE)
« Reply #5 on: December 28, 2009, 07:28:05 PM »
***

It is indeed not just a directory and does offer on-line services ... such as getting an off-shore account in 8 minutes.

I did not activate all of the page so you will see circled arrows in the image below. Click to enlarge.


***
Logged

ttguy

  • Guest
Re: Can anyone help (PLEASE)
« Reply #6 on: December 28, 2009, 07:37:08 PM »
CharleyO

Yes but those are external link of advertisers.

How can they be the cause?
Is there a solution?

Lets say is Capital Conservator. Whar d i do. Take down their link.

How would i know if it is or is not them.

Thanks
Logged
Pages: [1]   Go Up
« previous next »