Forum Discussion

Photo_Guy's avatar
Photo_Guy
New Contributor

Odd Route Log File

I had my internet disconnected last week due to "illegal movie downloads".  At the time of the 'theft' there was nobody home, and cox log showed no activity. I have since changed my passwords (they are 23 characters long, letters, numbers, symbols). I just looked at my router log after a reboot and found this:

[LAN access from remote] from 109.195.193.155:46069 to 192.168.1.9:26171 Monday, Oct 03,2016 12:51:02
[LAN access from remote] from 109.195.193.155:50003 to 192.168.1.9:26171 Monday, Oct 03,2016 12:51:02
[LAN access from remote] from 200.140.113.9:64143 to 192.168.1.9:26171 Monday, Oct 03,2016 12:50:51

I looked up the 2 ip addresses listed and they are from Brazil and Russia. How is someone logged into my network immediately after a reboot? In addition, there is no way anyone guessed my passwords. Both computers (laptop & desktop) are virus free.

3 Replies

Sort By
Most LikedOldestNewest
Replies have been turned off for this discussion
  • Bruce's avatar
    Bruce
    Honored Contributor III

    You may have malware within your network "calling home" after each boot.

    Malwarebytes is a great application to find and remove malware.  I'd install it to each computer.  You can download free at https://www.malwarebytes.org/

    You could also find the culprit by determining which software you've downloaded in the past 60 days.

  • Photo_Guy's avatar
    Photo_Guy
    New Contributor

    Thanks. I think I tracked it down. Doing some tests now. It does appear it was on a seldom used laptop, not one of the main 2 computers.

  • Bruce's avatar
    Bruce
    Honored Contributor III

    That's great.  However, it may have spread to your other computers.  I'd download Malwarebytes to all just in case.

    Please update on your results because others may have the same problem.