Think i've been hijacked

SB118

SB118

SB118

Soldato
Joined
18 Oct 2002
Posts
7,699
Location
"Sunny" Plymouth
Just had this pop u pin the corner of my screen, the AVG email scanner. Which is odd as i only use webmail :confused:

hijacker.JPG


I'm thinking some sort of trojan or keyloger has snuck in (i'm not the only one who uses this computer! :p), and i get my dodgy porn from torrent sites, so it's not that.

Any ideas?

Cheers.
 
Hmm, dunno if it's related or not but my windows has just thrown up the WGA icon in the task bar saying my copy is a fake. :confused:
 
Curiosityx said:
:p Well youve either got an illegal copy of Windows or WGA (Windows Genuine Advantage) has detected a false positive and a call to Microsoft is needed to obtain a new product key.
Click to expand...

14 month old PB lappy, just about ready for the bin really. iss poor build quality :(

adaware found a handfull of tracking cookies, defender doesn't find anything. just rebooting to finish installing NOD32.
 
damn i'm popular, just had a nose in my router logs..


2006.12.20 17:59:47 **UDP Flood to Host** 218.1.153.224, 31848->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:47 **UDP Flood to Host** 196.202.33.108, 23733->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:47 **UDP Flood to Host** 219.249.45.72, 65201->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:42 **UDP Flood to Host** 75.82.187.24, 2505->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:42 **UDP Flood to Host** 83.49.28.118, 12989->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:15 **UDP Flood to Host** 58.9.157.223, 16794->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:59:15 **UDP Flood to Host** 61.54.78.30, 20004->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:58:23 **UDP Flood to Host** 125.31.26.111, 9495->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:58:10 **UDP Flood to Host** 200.206.201.7, 61746->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:58:09 **UDP Flood to Host** 58.216.57.248, 16748->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:58:09 **UDP Flood to Host** 218.79.141.74, 8443->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:55:57 **UDP Flood to Host** 74.103.142.87, 60371->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:55:57 **UDP Flood to Host** 218.200.123.138, 1759->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:55:57 **UDP Flood to Host** 218.1.168.171, 19301->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:55:09 **UDP Flood to Host** 218.85.43.185, 20000->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:55:01 **UDP Flood to Host** 59.121.106.213, 18917->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:50 **UDP Flood to Host** 128.239.159.246, 16471->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:50 **UDP Flood to Host** 203.198.116.153, 34349->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:08 **UDP Flood to Host** 86.84.110.64, 61681->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:08 **UDP Flood to Host** 218.206.109.194, 25931->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:08 **UDP Flood to Host** 61.149.26.180, 22801->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:08 **UDP Flood to Host** 218.72.70.52, 18484->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:54:01 **UDP Flood to Host** 218.65.180.217, 9426->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:53:14 **UDP Flood to Host** 221.219.203.30, 23004->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:52:59 **UDP Flood to Host** 61.15.105.22, 8285->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:51:34 **UDP Flood to Host** 85.187.191.147, 21731->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:51:13 **UDP Flood to Host** 85.221.97.177, 63317->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:51:13 **UDP Flood to Host** 61.230.223.175, 415->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:51:13 **UDP Flood to Host** 84.75.209.103, 21168->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:51 **UDP Flood to Host** 85.89.162.45, 16350->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:49 **UDP Flood to Host** 58.136.96.231, 14338->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:45 **UDP Flood to Host** 210.24.109.100, 17960->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:45 **UDP Flood to Host** 61.134.127.58, 61927->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:45 **UDP Flood to Host** 83.179.207.64, 11600->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:45 **UDP Flood to Host** 219.78.150.239, 23520->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:43 **UDP Flood to Host** 203.204.89.26, 12929->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:43 **UDP Flood to Host** 91.139.144.155, 13471->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:50:31 **UDP Flood to Host** 61.64.149.175, 51253->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:31 **UDP Flood to Host** 222.141.242.171, 9711->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:29 **UDP Flood to Host** 88.22.164.245, 11371->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:29 **UDP Flood to Host** 195.210.225.55, 10756->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:29 **UDP Flood to Host** 83.255.6.16, 11030->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:24 **UDP Flood to Host** 200.150.56.20, 60239->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:49:24 **UDP Flood to Host** 83.52.92.142, 10178->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:51 **TCP FIN Scan** 192.168.1.2, 1300->> 67.19.161.130, 80 (from PVC1 Outbound)
2006.12.20 17:48:36 **UDP Flood to Host** 58.33.122.173, 11651->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:36 **UDP Flood to Host** 163.23.224.73, 16465->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:33 **UDP Flood to Host** 90.31.235.85, 26544->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:33 **UDP Flood to Host** 213.243.61.21, 10765->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:08 **UDP Flood to Host** 58.251.83.108, 10969->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:08 **UDP Flood to Host** 85.195.58.25, 26799->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:48:08 **UDP Flood to Host** 60.181.165.246, 25360->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:46:40 **UDP Flood to Host** 81.84.150.144, 16881->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:46:28 **UDP Flood to Host** 58.246.82.98, 36359->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:46:28 **UDP Flood to Host** 82.224.242.241, 13050->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:46:28 **UDP Flood to Host** 222.137.53.174, 14088->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:46:17 **UDP Flood to Host** 85.176.185.200, 22721->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:50 **UDP Flood to Host** 87.120.162.66, 8739->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:50 **UDP Flood to Host** 62.57.73.141, 29302->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:45 **SYN Flood to Host** 192.168.1.2, 1263->> 62.3.251.3, 80 (from PVC1 Outbound)
2006.12.20 17:45:28 **UDP Flood to Host** 194.8.195.53, 33777->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:23 **UDP Flood to Host** 219.114.8.136, 17940->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:08 **UDP Flood to Host** 222.183.92.23, 21958->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:45:04 **UDP Flood to Host** 202.178.155.225, 15181->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:41:50 **TCP FIN Scan** 192.168.1.2, 1153->> 195.92.248.7, 80 (from PVC1 Outbound)
2006.12.20 17:41:50 **TCP FIN Scan** 192.168.1.2, 1117->> 209.85.50.13, 80 (from PVC1 Outbound)
2006.12.20 17:41:50 **TCP FIN Scan** 192.168.1.2, 1126->> 213.84.203.196, 80 (from PVC1 Outbound)
2006.12.20 17:41:27 192.168.1.2 login success
2006.12.20 17:39:19 **UDP Flood to Host** 86.215.170.98, 12021->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:39:19 **UDP Flood to Host** 61.180.120.52, 63541->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:39:18 **UDP Flood to Host** 85.255.171.149, 58771->> 88.109.217.92, 49469 (from PVC1 Inbound)
2006.12.20 17:38:54 NTP Date/Time updated.
2003.01.01 00:01:45 If(PVC1) PPP connection ok !
Click to expand...

Never knew so many people wanted to contact me :eek:
 
Curiosityx said:
Are you running any p2p apps on a different port number say "49469" on another note what do you hope to get out of this thread?!? You keep changing the subject.

Ps: Its connectionless UDP traffic possibly a port scan or p2p as mentioned.
Click to expand...


I've not had any p2p running since about midday.

I'm not changing the subject, i'm just giving all the possible information i think might be useful. The WGA popup seems to have cured itself.

I'm trying to work out where this hidden email is springing from and if somebody is trying to get information out of my pc.

NOD32 found 0 threats.
 
But i don't have any pop3 email setup, i use hotmail and yahoo mail, using the web interface.
 
Ahh, didn't have a clue what you were refering to (i've slept since i posted that!)

It's PB build quality. The battery is dead (died after 8 months), some of the pads under the keyboard stick, left click mouse button is duff, power socket is buggered, need to jam the adapter in and if you type too quickly/slam a door/give it a harsh stare/etc the power lead falls out and turns off instantly, DVD burner no longer burns a usable disc at 4x, need to use 2x. Piece of crap.
 
You must log in or register to reply here.
Back
Top Bottom