Windows 8 Unexpected Printer Activity: Printout from ipv4scan.com

kemical

Essential Member

Joined

Aug 28, 2007

Messages

36,176

• Apr 29, 2014

• #2

Sounds like a malware attack of some sort. I tried to check out ipv4scan.com and Malwarebytes Pro flashed up. Try running the free version:
https://www.malwarebytes.org/

 

Upvote 0 Downvote

Solution

Sonny

Fantastic Member

Joined

Nov 17, 2009

Messages

1,387

• Apr 29, 2014

• #3

It won't show up on malwarebytes free.
after clicking on the last link he had above. I ran malwarebytes and nothing came up. However when I went to get into another web page, I found out it changed my IP configuration.

 

Upvote 0 Downvote

G

GoldenDreamer

New Member

Joined

Apr 29, 2014

Messages

2

• Apr 29, 2014

• #4

I woke-up just now (April 29th 8 am MDT) to the same print-out in my printer. I have a Dell PC.
Yesterday I was listening to a computer geek show on the radio and before he went on commercial break he said,'If you're on your computer, using Explorer get off NOW!'. I got to my destination and forgot about it. hmmmm

 

Upvote 0 Downvote

kemical

Essential Member

Joined

Aug 28, 2007

Messages

36,176

• Apr 29, 2014

• #5

I had a quick through google and found surprisingly little although was in a bit of a rush..

 

Upvote 0 Downvote

kemical

Essential Member

Joined

Aug 28, 2007

Messages

36,176

• Apr 29, 2014

• #6

This however looks related and is definitely not looking good:

Here we discuss the user-agent string, which identifies your browser and provides certain system details to servers hosting the websites you visit.

Click to expand...

http://msdn.microsoft.com/en-us/library/ms537503(v=vs.85).aspx

 

Upvote 0 Downvote

G

GoldenDreamer

New Member

Joined

Apr 29, 2014

Messages

2

• Apr 29, 2014

• #7

Apparently, Microsoft is advising people in the Denver, CO area to use a different Browser than IE until May 13th when Microsoft will have an update to fix the malware. Check today's (Tuesday, April 29, 2014) Denver Post for more information.

 

Upvote 0 Downvote

Shinrin

New Member

Joined

Apr 29, 2014

Messages

1

• Apr 29, 2014

• #8

I just got in to work and saw this on our main printer, I also noticed that the server was OFF too, which has me wondering if the our server got hacked. It's also on a battery backup and i find it strange that it was off while the other two computers that aren't on battery back up was on.

 

Upvote 0 Downvote

donb2012

Extraordinary Member

Joined

Dec 15, 2012

Messages

20

• Apr 29, 2014

• Thread Author
• #9

GoldenDreamer said:

Apparently, Microsoft is advising people in the Denver, CO area to use a different Browser than IE until May 13th when Microsoft will have an update to fix the malware. Check today's (Tuesday, April 29, 2014) Denver Post for more information.

Click to expand...

Weird, I don't live anywhere near Denver,Co. I guess it's a Microsoft thing and not a specific location situation.

 

Upvote 0 Downvote

D

DaveMB

New Member

Joined

Apr 30, 2014

Messages

1

• Apr 30, 2014

• #10

Here's little more on this, though the MS page @kemical posted shows the user agent strings posted to the printer during the scan. We used to get these on public facing printers while most of the computers in our labs at Idaho State University would drop the traffic with the firewall if they were on a public-facing subnet. Printers, however, liked to get scanned and tell us about it.

Link Removed

 

Upvote 0 Downvote