Windows 10: Virtual APP/ didlogical

  1.    05 Jan 2017 #1

    Virtual APP/ didlogical


    Hello, I'm having a problem with hack attacks I've been having lately. This guy is a real pest.

    Here is his credentials, I continue to remove them but he just shows back up un-invited.

    What can I do about this?
    Click image for larger version. 

Name:	Hacker ID.png 
Views:	12 
Size:	540.2 KB 
ID:	116010Click image for larger version. 

Name:	Hacker ID.png 
Views:	12 
Size:	540.2 KB 
ID:	116010
      My ComputerSystem Spec

  2.    05 Jan 2017 #2

    This may not be a hack attack, per se. It's associated with the various Microsoft Live products. See this posting at AVG for their explanation: virtualapp/didlogical | AVG.
    HTH,
    --Ed--
      My ComputersSystem Spec

  3.    05 Jan 2017 #3

    EdTittel said: View Post
    This may not be a hack attack, per se. It's associated with the various Microsoft Live products. See this posting at AVG for their explanation: virtualapp/didlogical | AVG.
    HTH,
    --Ed--

    Check this out Ed, it's a DDoS attack performed by him too...

    I checked Comcast Event Logs

    trouble.txt
      My ComputerSystem Spec


  4. Posts : 492
    Microsoft Windows 10 Pro 64-bit
       05 Jan 2017 #4

    It looks to me that what your router logs are saying is that it thinks your ISP is doing most of the DDos'ing (they are not) if ISP's spent another .0001 of a penny per box to the manufacturer of the box this behavior would stop.

    Your not being DDosed -- If you were you would not be able to use the internet at all.

    Now if you look at the other IP's on your log you will see other countries that probably have no (legal) reason to try to connect to your IP, Unfortunately this is unavoidable until the day ISP's realize decide that it is in their best interest to do so.

    I looked up who owns the Ip's from your log files:
    The IP's that are from other countries are tying to find services that they can exploit if you have none you are safe and they will move on to someone else.
    Code:
    \{
      "ip": "73.66.127.87",
      "hostname": "c-73-66-127-87.hsd1.ca.comcast.net",
      "city": "Merced",
      "region": "California",
      "country": "US",
      "loc": "37.3022,-120.4830",
      "org": "AS7922 Comcast Cable Communications, LLC"
    }{
      "ip": "98.50.154.190",
      "hostname": "m48F7C01FDD95.sjos5.ca.comcast.net",
      "city": "",
      "region": "",
      "country": "US",
      "loc": "37.7510,-97.8220",
      "org": "AS7922 Comcast Cable Communications, LLC"
    }{
      "ip": "110.249.212.46",
      "hostname": "No Hostname",
      "city": "Hebei",
      "region": "Hebei",
      "country": "CN",
      "loc": "39.8897,115.2750",
      "org": "AS4837 CNCGROUP China169 Backbone"
    }{
      "ip": "212.38.166.29",
      "hostname": "No Hostname",
      "city": "",
      "region": "",
      "country": "GB",
      "loc": "51.4964,-0.1224",
      "org": "AS20860 Iomart"
    }{
      "ip": "95.166.12.155",
      "hostname": "0111700698.0.fullrate.ninja",
      "city": "Helsinge",
      "region": "Capital Region",
      "country": "DK",
      "loc": "56.0228,12.1975",
      "org": "AS39554 TDC A/S",
      "postal": "3200"
    }{
      "ip": "93.84.97.33",
      "hostname": "No Hostname",
      "city": "",
      "region": "",
      "country": "BY",
      "loc": "53.0000,28.0000",
      "org": "AS6697 Republican Unitary Telecommunication Enterprise Beltelecom"
    }{
      "ip": "92.239.3.149",
      "hostname": "cpc94108-newt38-2-0-cust916.19-3.cable.virginm.net",
      "city": "Newton Abbot",
      "region": "England",
      "country": "GB",
      "loc": "50.5333,-3.6000",
      "org": "AS5089 Virgin Media Limited",
      "postal": "TQ12"
    }{
      "ip": "91.146.64.130",
      "hostname": "No Hostname",
      "city": "Narva",
      "region": "Ida-Virumaa",
      "country": "EE",
      "loc": "59.3772,28.1903",
      "org": "AS198966 Fill Ltd."
    }{
      "ip": "80.8.229.28",
      "hostname": "AMayotte-651-1-32-28.w80-8.abo.wanadoo.fr",
      "city": "",
      "region": "",
      "country": "FR",
      "loc": "48.8582,2.3387",
      "org": "AS3215 Orange S.A."
    }{
      "ip": "2.121.123.243",
      "hostname": "No Hostname",
      "city": "Eastbourne",
      "region": "England",
      "country": "GB",
      "loc": "50.8000,0.2500",
      "org": "AS5607 Sky UK Limited",
      "postal": "BN21"
    }{
      "ip": "194.1.233.68",
      "hostname": "No Hostname",
      "city": "Gryazovets",
      "region": "Vologodskaya Oblast'",
      "country": "RU",
      "loc": "58.8800,40.2525",
      "org": "AS57964 SkyNet LLC",
      "postal": "162000"
    }{
      "ip": "177.248.213.191",
      "hostname": "177-248-213-191-cable.cybercable.net.mx",
      "city": "",
      "region": "",
      "country": "MX",
      "loc": "19.4371,-99.0111",
      "org": "AS16960 Cablevision Red, S.A de C.V."
    }{
      "ip": "110.249.208.86",
      "hostname": "No Hostname",
      "city": "Hebei",
      "region": "Hebei",
      "country": "CN",
      "loc": "39.8897,115.2750",
      "org": "AS4837 CNCGROUP China169 Backbone"
    }{
      "ip": "109.110.71.99",
      "hostname": "No Hostname",
      "city": "Sevastopol",
      "region": "Gorod Sevastopol",
      "country": "UA",
      "loc": "44.5888,33.5224",
      "org": "AS35816 Lancom Ltd."
    }{
      "ip": "101.176.61.116",
      "hostname": "No Hostname",
      "city": "Pakenham",
      "region": "Victoria",
      "country": "AU",
      "loc": "-38.0702,145.4741",
      "org": "AS1221 Telstra Pty Ltd"
    }
    I used Linux to find the info from your log but windows Bash can use the same commands. I included a .zip file of the commands and results but if you want to view any of the files properly although they are all text files you will have to open them with Wordpad or notepad++ to view them because Windows notepad will not display them properly. All the line breaks are removed and it's difficult to downright confusing to read.

    Edit:
    I added that you can open linux text files with Wordpad that is included with Windows that shows them properly -- Just right click on any of the files extracted from the .zip and click on Open with and scroll down to Wordpad.
    Virtual APP/ didlogical Attached Files
    Last edited by sml156; 05 Jan 2017 at 23:43.
      My ComputerSystem Spec

  5.    06 Jan 2017 #5

    Nice sleuthing work, SML156. It may be time to wipe the affected machine(s) and start over with a clean, uncompromised image. Good work!
    --Ed--
      My ComputersSystem Spec


  6. Posts : 492
    Microsoft Windows 10 Pro 64-bit
       06 Jan 2017 #6

    EdTittel said: View Post
    Nice sleuthing work, SML156. It may be time to wipe the affected machine(s) and start over with a clean, uncompromised image. Good work!
    --Ed--
    I doubt he has been hacked script kiddies scan large swaths of IP's looking for vulnerable services and try to brute force them with a list of simple passwords.

    If you checked your router logs you would see similar activity.

    I used to check my router logs on a fairly regular basis and found similar activity. Nobody has ever hacked this computer.

    I used to save the log files with Whois information to pastebin
    AssHats who tried to hack my router June 26 2016 - Pastebin.com
      My ComputerSystem Spec

  7.    06 Jan 2017 #7

    I found out - It's a simple back door AVG anti-virus method of hacking. Cisco routers as well. Thanks though
      My ComputerSystem Spec


 

Related Threads
Virtual box on 10 in Virtualization
Just been watching some YouTube videos on the Oracle Virtual box set up and just as matter of curiosity can a virtual box with Windows 7 be run on an install of 10 using an external drive?? Because it seems to me it is very like running the Linux...
Hi, please forgive me if this has already been asked, I have run a search on "Virtual Desktop" but found almost 2000 results. If I have 2 virtual desktops VD1 and VD2 for explanation sake. I have various items open on both VD1 and VD2, VD1 is...
Solved Virtual Box 4.3.26 in Virtualization
Trying to install VB on windows 10 pro 10074 and it encounters an error and then backs out of the install. VMPlayer seems ok. Is there some problem with VB on the 10074 build? Shipinomore
Truly virtual in Virtualization
Since there is nothing to virtualize right now, this is a truly virtual topic. Anyone care to theorize on how easy it will be to virtualize 9? :)
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 11:32.
Find Us