Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Accounts created online are immediately altered?


  • Please log in to reply
10 replies to this topic

#1 tulewerx

tulewerx

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 07 December 2014 - 02:17 PM

Greetings. I am running Windows 7 x64 and am pretty sure my pc is compromised. Processes such as svchost.exe seem to take up a lot of networking when not doing anything, and there have been multiple occasions where I create an account for a website online, and it will be automatically canceled, or I will recieve an email about a change. This is minutes after creating it. 

 

I run Malwarebytes with an active subscription and MSE and they dont seem to find anything. I have also lost access to some of my library folders and cannot change permissions. Please Help. 

 

 



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 07 December 2014 - 02:29 PM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Download MiniToolBox

  • Click here to download MiniToolBox to your desktop.
  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Install and run a scan with Malwarebytes Anti-Malware

  • Click here to download Malwarebytes to your desktop.
  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.


  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Download Security Check

  • Click here to download Security Check to your desktop.
  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

Thanks and good luck!



#3 tulewerx

tulewerx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 07 December 2014 - 02:42 PM

Hi! Thank you for taking the time. Running Malwarebytes scan right now. Do I post the logs hosted on a site as a link, as an attachment, or just in plain text?



#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 07 December 2014 - 02:44 PM

Just in plain text in a reply on here :)



#5 tulewerx

tulewerx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 07 December 2014 - 02:52 PM

Malwarebytes did not detect anything, and these are my logs:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Work (administrator) on 07-12-2014 at 13:36:07
Running from "C:\Users\Work\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
 
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40915 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{17992A33-06A9-9191-B613-86018E3A017E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{6E016C56-820F-4B2D-A36F-34CCADF90C16}) (Version: 1.0.0.09 - Belkin)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.09 - Belkin) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0402.444.6576 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version:  - SEIKO EPSON Corporation)
Extreme NAC Assessment Agent (HKLM-x32\...\{10FDE9CC-2B8D-4DBA-89A5-24A7B08A60AD}) (Version: 1.13.0.0 - Extreme Networks)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
NVIDIA Control Panel 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1284 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Psi (remove only) (HKLM-x32\...\Psi) (Version:  - )
qBittorrent 3.1.11 (HKLM-x32\...\qBittorrent) (Version: 3.1.11 - The qBittorrent project)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
SDC Workbench (HKCU\...\d02f2f09230efb49) (Version: 4.4.0.2 - Support.com)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
SPRTPhone 1.5.20.1 (HKLM-x32\...\SPRTPhone 1.5_is1) (Version:  - supportdotcom)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Support.com Ninjato (HKLM-x32\...\Support.com Ninjato) (Version: 66.0.22.0 - Support.com, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.1 - The Wireshark developer community, http://www.wireshark.org)
========================= Restore Points ==================================
 
04-12-2014 07:58:39 Windows Update
05-12-2014 05:53:57 Restore Operation
05-12-2014 06:20:43 Installed DirectX
05-12-2014 06:27:02 Restore Operation
05-12-2014 07:44:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
05-12-2014 07:45:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
 
**** End of log ****
 
 

 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 15.0.0.239  
 Adobe Reader XI  
 Mozilla Firefox (33.1.1) 
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 


#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 07 December 2014 - 02:55 PM

Hello there,
 
:step1: Uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Java 8 Update 25
  • qBittorrent

If any programs listed above aren't in Programs and Features, you can just skip them. Please download JavaRa from here and once opened it, select 'remove JRE'. 
 
:step2: Download and run AdwCleaner

  • Click here to download AdwCleaner to your desktop.
  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear (AdwCleaner[S0].txt).
  • Please post this in your next reply.

:step3: Download Junkware Removal Tool

  • Click here to download Junkware Removal Tool to your desktop.
  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.


#7 tulewerx

tulewerx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 07 December 2014 - 03:13 PM

Ok.
 
 
# AdwCleaner v4.104 - Report created 07/12/2014 at 14:03:24
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Work - WORK-PC
# Running from : C:\Users\Work\Desktop\adwcleaner_4.104.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v33.1.1 (x86 en-US)
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [792 octets] - [07/12/2014 14:01:50]
AdwCleaner[S0].txt - [714 octets] - [07/12/2014 14:03:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [773 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Work on Sun 12/07/2014 at 14:05:11.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Work\AppData\Roaming\mozilla\firefox\profiles\226c8g9p.default\minidumps [2 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/07/2014 at 14:11:04.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Edited by tulewerx, 07 December 2014 - 03:14 PM.


#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 07 December 2014 - 03:16 PM

How is the PC now?



#9 tulewerx

tulewerx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 07 December 2014 - 03:24 PM

I can't really tell. I have ok performance, but still see odd (at least I think) connections. To add, if I post lets say a private pastebin document, there's immediately 4 viewers. Is this me just being paranoid? This is my netstat output. Again thank you for taking a look.

 

Active Connections
 
  Proto  Local Address          Foreign Address        State
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
  RpcSs
 [svchost.exe]
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
 Can not obtain ownership information
  TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING
 [wininit.exe]
  TCP    0.0.0.0:49153          0.0.0.0:0              LISTENING
  eventlog
 [svchost.exe]
  TCP    0.0.0.0:49154          0.0.0.0:0              LISTENING
  Schedule
 [svchost.exe]
  TCP    0.0.0.0:49155          0.0.0.0:0              LISTENING
 [services.exe]
  TCP    0.0.0.0:49156          0.0.0.0:0              LISTENING
 [lsass.exe]
  TCP    0.0.0.0:49157          0.0.0.0:0              LISTENING
 [spoolsv.exe]
  TCP    127.0.0.1:43227        0.0.0.0:0              LISTENING
 [mbamservice.exe]
  TCP    192.168.66.102:139     0.0.0.0:0              LISTENING
 Can not obtain ownership information
  TCP    192.168.66.102:49189   192.168.66.103:8009    ESTABLISHED
 [chrome.exe]
  TCP    192.168.66.102:49195   192.168.66.103:8008    ESTABLISHED
 [chrome.exe]
  TCP    192.168.66.102:49211   74.125.198.136:443     TIME_WAIT
  TCP    192.168.66.102:49212   173.194.77.101:443     TIME_WAIT
  TCP    192.168.66.102:49229   162.243.127.7:443      ESTABLISHED
 [chrome.exe]
  TCP    192.168.66.102:49230   162.243.127.7:443      ESTABLISHED
 [chrome.exe]
 
 [chrome.exe]
  TCP    192.168.66.102:49256   74.125.198.113:443     ESTABLISHED
 
 [chrome.exe]
  TCP    [::]:135               [::]:0                 LISTENING
  RpcSs
 [svchost.exe]
  TCP    [::]:445               [::]:0                 LISTENING
 Can not obtain ownership information
  TCP    [::]:49152             [::]:0                 LISTENING
 [wininit.exe]
  TCP    [::]:49153             [::]:0                 LISTENING
  eventlog
 [svchost.exe]
  TCP    [::]:49154             [::]:0                 LISTENING
  Schedule
 [svchost.exe]
  TCP    [::]:49155             [::]:0                 LISTENING
 [services.exe]
  TCP    [::]:49156             [::]:0                 LISTENING
 [lsass.exe]
  TCP    [::]:49157             [::]:0                 LISTENING
 [spoolsv.exe]
  UDP    0.0.0.0:5353           *:*
 [chrome.exe]
  UDP    0.0.0.0:5353           *:*
 [chrome.exe]
  UDP    0.0.0.0:5353           *:*
 [chrome.exe]
  UDP    0.0.0.0:5355           *:*
  Dnscache
 [svchost.exe]
  UDP    0.0.0.0:62440          *:*
 [spoolsv.exe]
  UDP    192.168.66.102:137     *:*
 Can not obtain ownership information
  UDP    192.168.66.102:138     *:*
 Can not obtain ownership information
  UDP    [::]:5353              *:*
 [chrome.exe]
  UDP    [::]:5353              *:*
 [chrome.exe]
  UDP    [::]:5355              *:*
  Dnscache
 [svchost.exe]
  UDP    [fe80::f9f2:d8f7:99d1:fbf2%12]:546  *:*
  Dhcp
 [svchost.exe]

Edited by tulewerx, 07 December 2014 - 04:25 PM.


#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 07 December 2014 - 03:51 PM

Pastebin is very popular and there will be about four people viewing newly created threads when they are made. Have you checked with the companies that you're having your accounts automatically canceled on?



#11 tulewerx

tulewerx
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  

Posted 07 December 2014 - 03:57 PM

No. It was for an nmap like tool to test my security. What made that really odd was you needed to register for a license and activate it. And right after creation it would tell me it was already activated. I really don't remember the software but oh well. I am truly grateful for you helping me today.  :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users