• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 269
  • Last Modified:

Source port 5504 using UDP conecting to hundreds of ramdon IPs.....HELP STOP IT!!!

I have a computer that has hundeds of internet connections and i don't know why. My firewall says there are well over 900 connections on source prot 5504 using UDP connecting to random IP addresses. I have ran the antivirus and spyware programs but nothing short of disconnection helps. What do i need to look for???????
0
ncagroup
Asked:
ncagroup
3 Solutions
 
rsivanandanCommented:
Get hijackthis from www.hijackthis.de 

1. Run it and post the output there itself for analysis. Then post the link to the analysis here.

Cheers,
Rajesh
0
 
ncagroupAuthor Commented:
ok i will do that....
0
 
MereteCommented:
sounds like someone has probably added port forwarding, are using a torrent program such as bitcomet or such?
0
 
MereteCommented:
test with this, just remembered it. I found it exceptionally handy
active ports
Easy to use tool for Windows NT/2000/XP that enables you to monitor all open TCP/IP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to close any port. Active Ports can help you to detect trojans and other malicious programs.
http://www.majorgeeks.com/Active_Ports_d682.html
0
 
Ron MalmsteadInformation Services ManagerCommented:
go to command prompt... type "netstat -b"     Find one of the connections.... and in the last column...you will see "PID" stands for process ID.  If you open task manager and go to the processes tab, you will be able to see the PID that matches the connections shown in the command prompt window.....END PROCESS....  now do a search on your C: for the name of the executable that you just killed..  Rename it or delete it......reboot... check again to see if you have outbound connections..

You may have to investigate further...but that is how you identify and stop it.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now