Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Tcpview Log Analysis Needed

  • Please log in to reply
No replies to this topic

#1 mtolan


  • Members
  • 1 posts
  • Local time:09:00 AM

Posted 01 August 2008 - 10:46 AM


I really hope someone can help me with this. I have a virus on my computer, and even the company we use to fix our systems at work can not find it. I've gone online to several forums and found one that said the program TcpView can help me figure out if someone has hijacked. I am getting pop up pages when doing a VISA or Mastercard purchase, and also with Ebay asking for personal information such as ssn., bank account number, routing number, birth date, etc.

If you know about this, please tell me if there is anything on this log that does not look normal. Thank you so much!


TCPView Log:

[System Process]:0 TCP tolan:1083 mail.chartermi.net:pop3 TIME_WAIT
[System Process]:0 TCP tolan:1099 mail.chartermi.net:pop3 TIME_WAIT
[System Process]:0 TCP tolan:1103 localhost:1082 TIME_WAIT
[System Process]:0 TCP tolan:1103 localhost:1098 TIME_WAIT
alg.exe:2836 TCP tolan:1036 tolan:0 LISTENING
avgemc.exe:2512 TCP tolan:10110 localhost:4796 CLOSE_WAIT
avgemc.exe:2512 TCP tolan:10110 tolan:0 LISTENING
ccApp.exe:3396 TCP tolan:4796 localhost:10110 FIN_WAIT2
ccApp.exe:3396 TCP tolan:1103 tolan:0 LISTENING
iexplore.exe:17816 UDP tolan:1033 *:*
inetinfo.exe:1952 TCP tolan:http tolan:0 LISTENING
inetinfo.exe:1952 TCP tolan:1034 tolan:0 LISTENING
inetinfo.exe:1952 TCP tolan:https tolan:0 LISTENING
inetinfo.exe:1952 TCP tolan:smtp tolan:0 LISTENING
inetinfo.exe:1952 UDP tolan:3456 *:*
lsass.exe:548 UDP tolan:isakmp *:*
lsass.exe:548 UDP tolan:4500 *:*
Rtvscan.exe:1752 TCP tolan:2967 tolan:0 LISTENING
services.exe:532 TCP tolan:8648 tolan:0 LISTENING
services.exe:532 TCP tolan:8658 tolan:0 LISTENING
spoolsv.exe:1584 UDP tolan:1035 *:*
svchost.exe:1004 UDP tolan:ntp *:*
svchost.exe:1004 UDP tolan:ntp *:*
svchost.exe:1180 UDP tolan:1900 *:*
svchost.exe:1180 UDP tolan:1900 *:*
svchost.exe:964 TCP tolan:epmap tolan:0 LISTENING
System:4 TCP tolan:1081 ibmserver:netbios-ssn ESTABLISHED
System:4 TCP tolan:microsoft-ds tolan:0 LISTENING
System:4 TCP tolan:netbios-ssn tolan:0 LISTENING
System:4 UDP tolan:netbios-dgm *:*
System:4 UDP tolan:netbios-ns *:*
System:4 UDP tolan:microsoft-ds *:*

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users