Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Am I Infected with Spyware halp!?

  • Please log in to reply
1 reply to this topic

#1 d4nkm4n


  • Members
  • 1 posts
  • Local time:11:35 AM

Posted 27 December 2016 - 04:52 PM

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP             Blessed:0              LISTENING       4
  TCP            Blessed:0              LISTENING       536
  TCP            Blessed:0              LISTENING       4
  TCP           Blessed:0              LISTENING       4
  TCP           Blessed:0              LISTENING       3560
  TCP          Blessed:0              LISTENING       796
  TCP          Blessed:0              LISTENING       1080
  TCP          Blessed:0              LISTENING       1068
  TCP          Blessed:0              LISTENING       2220
  TCP          Blessed:0              LISTENING       868
  TCP          Blessed:0              LISTENING       876
  TCP        Blessed:0              LISTENING       2716
  TCP       Blessed:0              LISTENING       4
  TCP     Blessed:0              LISTENING       2372
  TCP     msnbot-65-52-108-202:https  ESTABLISHED     1068
  TCP     ec2-54-191-148-23:https  CLOSE_WAIT      2716
  TCP     server-54-192-7-69:https  CLOSE_WAIT      2716
  TCP     TIME_WAIT       0
  TCP     a184-31-139-17:http    TIME_WAIT       0
  TCP      TIME_WAIT       0
  TCP    TIME_WAIT       0
  TCP     a-0001:https           ESTABLISHED     4312
  TCP     a-0001:https           ESTABLISHED     4312
  TCP     ESTABLISHED     5652
  TCP     a23-63-108-228:http    ESTABLISHED     6728
  TCP     msnbot-65-52-108-185:https  ESTABLISHED     6728
  TCP   ESTABLISHED     2372
  TCP    ESTABLISHED     2372
  TCP    ESTABLISHED     2372
  TCP    ESTABLISHED     2372
  TCP     a-0001:https           ESTABLISHED     4312
  TCP    ESTABLISHED     2372
  TCP     ESTABLISHED     2372
  TCP   ESTABLISHED     2372
  TCP     snt405-m:https         ESTABLISHED     2372
  TCP    ESTABLISHED     2372
  TCP    ESTABLISHED     2372
  TCP     bay406-m:https         ESTABLISHED     2372
  TCP    [::]:80                Blessed:0              LISTENING       4
  TCP    [::]:135               Blessed:0              LISTENING       536
  TCP    [::]:445               Blessed:0              LISTENING       4
  TCP    [::]:5357              Blessed:0              LISTENING       4
  TCP    [::]:49664             Blessed:0              LISTENING       796
  TCP    [::]:49665             Blessed:0              LISTENING       1080
  TCP    [::]:49666             Blessed:0              LISTENING       1068
  TCP    [::]:49667             Blessed:0              LISTENING       2220
  TCP    [::]:49668             Blessed:0              LISTENING       868
  TCP    [::]:49671             Blessed:0              LISTENING       876
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51269  dfw06s49-in-x0e:https  TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51468  dfw06s48-in-x0e:https  TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51471  rtr2:https             TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51472  yv-in-x5b:https        TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51474  yv-in-x71:https        TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51475  sfo07s13-in-x04:https  TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51491  yk-in-x5e:https        TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51492  yk-in-x5d:https        TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51528  [2600:1404:c:193::3114]:https  ESTABLISHED     4312
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51545  sfo07s13-in-x04:https  ESTABLISHED     5400
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51547  sfo07s13-in-x04:https  ESTABLISHED     1536
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51548  rtr2:https             ESTABLISHED     1764
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51562  sfo03s01-in-x04:https  TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51563  e1:https               ESTABLISHED     1764
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51564  sfo03s01-in-x04:https  ESTABLISHED     1764
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51565  dfw25s07-in-x0e:http   ESTABLISHED     1764
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51566  dfw25s07-in-x0e:http   TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51567  dfw25s07-in-x0e:http   TIME_WAIT       0
  TCP    [2602:306:3b27:eb00:9c7e:d9cf:97a4:2b14]:51568  dfw25s07-in-x0e:http   ESTABLISHED     1764
  UDP            *:*                                    1068
  UDP           *:*                                    1068
  UDP           *:*                                    3924
  UDP           *:*                                    1340
  UDP           *:*                                    3924
  UDP           *:*                                    1340
  UDP           *:*                                    1068
  UDP           *:*                                    1340
  UDP           *:*                                    1464
  UDP           *:*                                    1464
  UDP           *:*                                    3560
  UDP          *:*                                    2372
  UDP          *:*                                    3924
  UDP          *:*                                    1340
  UDP          *:*                                    2372
  UDP         *:*                                    3924
  UDP        *:*                                    3924
  UDP       *:*                                    4
  UDP       *:*                                    4
  UDP      *:*                                    3924
  UDP     *:*                                    2372
  UDP     *:*                                    1068
  UDP     *:*                                    3924
  UDP     *:*                                    2372
  UDP    [::]:500               *:*                                    1068
  UDP    [::]:3702              *:*                                    3924
  UDP    [::]:3702              *:*                                    1340
  UDP    [::]:3702              *:*                                    1340
  UDP    [::]:3702              *:*                                    3924
  UDP    [::]:4500              *:*                                    1068
  UDP    [::]:5353              *:*                                    1464
  UDP    [::]:5355              *:*                                    1464
  UDP    [::]:51694             *:*                                    2372
  UDP    [::]:58591             *:*                                    3924
  UDP    [::]:62978             *:*                                    1340
  UDP    [::]:65322             *:*                                    2372
  UDP    [::1]:1900             *:*                                    3924
  UDP    [::1]:56597            *:*                                    3924
  UDP    [fe80::9818:f382:996c:51fd%4]:1900  *:*                                    3924
  UDP    [fe80::9818:f382:996c:51fd%4]:56596  *:*                                    3924

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)


#2 buddy215


  • Moderator
  • 13,396 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:35 AM

Posted 27 December 2016 - 07:15 PM

Welcome to BC...


What symptoms of spyware, adware or malware are you experiencing?


You can scan your computer using the free programs below.


Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


  • download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply


  • download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878- and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users