Jump to content

Please read the following announcement about thanks posts and their replacement; the like / thanks button.




Welcome to nsane.forums


Sign In  Log in with Facebook Log in with Twitter

Create Account
Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.
  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates
 
Guest Message by DevFuse

Photo
- - - - -

PC infected by something ?


This topic has been archived. This means that you cannot reply to this topic.
16 replies to this topic

#1 Hitman6267

Hitman6267

    Senior Member

  • Members
  • PipPipPipPip
  • 253 posts

  • Lebanon

Posted 29 January 2009 - 09:58 AM

This is a log from TCPView (a program)

[System Process]:0 TCP home:30606 localhost:1770 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1768 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1800 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1766 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1750 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1798 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1780 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1774 TIME_WAIT
[System Process]:0 TCP home:1776 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1778 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1777 ew-in-f167.google.com:http TIME_WAIT
[System Process]:0 TCP home:1779 ew-in-f164.google.com:http TIME_WAIT
[System Process]:0 TCP home:1726 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1760 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1764 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1756 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1782 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1783 bw-in-f127.google.com:http TIME_WAIT
[System Process]:0 TCP home:1797 ey-in-f113.google.com:http TIME_WAIT
[System Process]:0 TCP home:1796 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1814 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1818 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1828 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1826 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1806 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1792 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1808 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1824 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1822 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1816 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1812 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1810 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1790 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1794 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1786 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1802 TIME_WAIT
[System Process]:0 TCP home:1854 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:1855 ey-in-f101.google.com:http TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1804 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1836 TIME_WAIT
[System Process]:0 TCP home:1700 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1852 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1839 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1858 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1842 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1844 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1860 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1846 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1832 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1834 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1862 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1820 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1838 TIME_WAIT
[System Process]:0 TCP home:1758 localhost:30606 TIME_WAIT
[System Process]:0 TCP home:30606 localhost:1788 TIME_WAIT
AppleMobileDeviceService.exe:944 TCP home:27015 localhost:1025 ESTABLISHED
chrome.exe:188 TCP home:1358 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1696 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1328 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1698 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1716 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1702 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1496 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1704 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1744 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1752 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1830 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1848 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1850 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1856 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1870 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1866 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1868 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1872 localhost:30606 ESTABLISHED
chrome.exe:188 TCP home:1874 localhost:30606 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1868 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1850 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1866 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1496 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1704 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1848 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1752 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1830 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1702 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1716 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1698 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1874 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1696 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1872 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1744 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1328 ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1856 ESTABLISHED
ekrn.exe:1456 TCP home:1703 downlink.lynx.net.lb:http ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1358 ESTABLISHED
ekrn.exe:1456 TCP home:1705 downlink.lynx.net.lb:http ESTABLISHED
ekrn.exe:1456 TCP home:30606 localhost:1870 ESTABLISHED
ekrn.exe:1456 TCP home:1697 downlink.lynx.net.lb:http ESTABLISHED
ekrn.exe:1456 TCP home:1359 channel27.01.05.sf2p.facebook.com:http ESTABLISHED
ekrn.exe:1456 TCP home:1497 186.178.212.67.no-rdns.ord02.singlehop.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1699 downlink.lynx.net.lb:http ESTABLISHED
ekrn.exe:1456 TCP home:1329 channel27.01.05.sf2p.facebook.com:http ESTABLISHED
ekrn.exe:1456 TCP home:1717 downlink.lynx.net.lb:http ESTABLISHED
ekrn.exe:1456 TCP home:1701 downlink.lynx.net.lb:http FIN_WAIT1
ekrn.exe:1456 TCP home:1745 74.125.99.83:http ESTABLISHED
ekrn.exe:1456 TCP home:1753 4.71.209.9:http ESTABLISHED
ekrn.exe:1456 TCP home:1831 ey-in-f101.google.com:http ESTABLISHED
ekrn.exe:1456 TCP home:1849 a.tribalfusion.com:http ESTABLISHED
ekrn.exe:1456 TCP home:1851 209-8-114-146.static.pccwglobal.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1857 209-8-114-146.static.pccwglobal.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1869 209-8-114-146.static.pccwglobal.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1871 209-8-114-146.static.pccwglobal.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1867 a.tribalfusion.com:http ESTABLISHED
ekrn.exe:1456 TCP home:1873 209-8-114-146.static.pccwglobal.net:http ESTABLISHED
ekrn.exe:1456 TCP home:1875 ew-in-f104.google.com:https ESTABLISHED
GoogleDesktop.exe:700 TCP home:1059 localhost:30606 CLOSE_WAIT
iTunesHelper.exe:632 TCP home:1025 localhost:27015 ESTABLISHED
msnmsgr.exe:1884 TCP home:1078 by1msg3093102.gateway.edge.messenger.live.com:1863 ESTABLISHED




Is that many connections normal ?

Edited by Hitman6267, 29 January 2009 - 09:59 AM.


#2 shought

shought

    ViP Member

  • Administrator
  • 11,774 posts
  • Gender:Male
  • Location:Anywhere you can imagine

  • Netherlands

Posted 29 January 2009 - 10:10 AM

I don't see anything wrong, it should be fine :welcome:

'Viam interdum tantum deerrāntēs invenīre possunt.'
Posted Image
How to work with 'sharecodes' - Infected fix? - Forum Rules - Frontpage FAQ


#3 KilJaden

KilJaden

    ViP Member

  • Veteran
  • 1,179 posts
  • Gender:Male

  • Pirate

Posted 29 January 2009 - 10:13 AM

As far as a remember port 30606, it's the local port on which nod32 listens , and acts as a local proxy, the others are just a sign of loop-back activity between you're browser and nod32. Namely the request are in this way browser - nod32 - Internet and the responses are exactly the opposite way.
But if you are still in unsure an HiJackThis log would help .

Edited by KilJaden, 29 January 2009 - 10:47 AM.


#4 Hitman6267

Hitman6267

    Senior Member

  • Members
  • PipPipPipPip
  • 253 posts

  • Lebanon

Posted 29 January 2009 - 10:52 AM

I'm pretty sure the log is clean. I wasn't sure if I was infected because my ISP has some problems so my internet was slow any way so just wanted to know if there's something else messing with my connection.

I couldn't upload the txt file so I used the code feature to tidy up the post:
Logfile of HijackThis v1.99.1
Scan saved at 5:45:06 PM, on 1/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\BenQCam\KillAmp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Installs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url="http://anonym.to/?http://go.microsoft.com/fwlink/?LinkId=74005"]http://go.microsoft.com/fwlink/?LinkId=74005[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE BenQ Web Camera
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Kill Amcap.lnk = ?
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - [url="http://anonym.to/?https://support.microsoft.com/OAS/ActiveX/MSDcode.cab"]https://support.microsoft.com/OAS/ActiveX/MSDcode.cab[/url]
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - [url="http://anonym.to/?http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab"]http://www.creative.com/softwareupdate/su/...031/CTSUEng.cab[/url]
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [url="http://anonym.to/?http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab"]http://upload.facebook.com/controls/2008.1...toUploader5.cab[/url]
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [url="http://anonym.to/?http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab"]http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab[/url]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url="http://anonym.to/?http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211061806625"]http://www.update.microsoft.com/windowsupd...b?1211061806625[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url="http://anonym.to/?http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211070132078"]http://www.update.microsoft.com/microsoftu...b?1211070132078[/url]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url="http://anonym.to/?http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab"]http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url="http://anonym.to/?http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab[/url]
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [url="http://anonym.to/?http://www.creative.com/softwareupdate/su/ocx/15034/CTPID.cab"]http://www.creative.com/softwareupdate/su/...15034/CTPID.cab[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A1D8152-8C21-4810-B65C-1DF4550E2FEE}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hpdj.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WUSB54GCSVC - Unknown owner - C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe" "WUSB54GC.exe (file missing)

Thank you guys.

Edited by Hitman6267, 29 January 2009 - 10:53 AM.


#5 KilJaden

KilJaden

    ViP Member

  • Veteran
  • 1,179 posts
  • Gender:Male

  • Pirate

Posted 29 January 2009 - 11:05 AM

With the exception of
O4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exe
, i can't seem to find anything unknown, but as a personal statement you kinda have to many apps that start when you're computer boots .
You might have a look at The Ultimate Troubleshooter, to dissable some of them if you don't know what are you doing.

#6 KotaXor

KotaXor

    ViP Member

  • Veteran
  • 3,066 posts
  • Gender:Male
  • Location:HELL

  • Blank

Posted 29 January 2009 - 07:52 PM

With the exception of

O4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exe
, i can't seem to find anything unknown, but as a personal statement you kinda have to many apps that start when you're computer boots .
You might have a look at The Ultimate Troubleshooter, to dissable some of them if you don't know what are you doing.


yea, more than 40 process is running.
Good suggestion to use TUT, try to disable some of the unnecessary process.

ENJOY!

Everyone starts out a noob......
Some just can't get out of the trend.

There's no stupid people but only lazy people......

If the world ends today.....its OK.......cause its tomorrow where I am.

Posted Image

#7 PsychoticxBloodxLust

PsychoticxBloodxLust

    Advanced Member

  • Members
  • PipPipPip
  • 238 posts
  • Gender:Male
  • Location:The Shadow Realm

  • Pirate

Posted 29 January 2009 - 08:39 PM

i have a 109 proccesses on my laptop lol no clue about my desktop lol

"One must become a LEECHER, before one may become a Master SEEDER!" - Me

Posted Image


Manufacturer:
Custom Build - by: Myself
Processor: AMD Phenom™ 9600 Quad-Core Processor (4 CPUs), ~2.3GHz
Memory: (4x) OCZ SLI-Ready Dual Channel 2Gig PC6400 DDR2 800MHz

Hard Drive: (2x) Seagate - C:\1.5TB [Raid 1 Array]
Video Card: NVIDIA XFX GeForce 9800 GX2 XXX Edition
Monitor:
SAMSUNG P2570HD Black 24.6" 4ms HDMI Widescreen LCD Monitor 300 cd/m2 DC 50000:1(1000:1) Built in Speakers
Sound Card: Speakers (SoundMAX Integrated Digital HD Audio)
Keyboard: Logitech - EX 100 Wireless Keyboard
Mouse: Logitech - EX 100 Wireless Mouse
Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_rtm.090713-1255)
Motherboard: ASUS - ROG: Crosshair, BIOS v.1207, w/ ASUS SLIC 2.1
Computer Case: Thermaltake - Armor, Black

#8 shought

shought

    ViP Member

  • Administrator
  • 11,774 posts
  • Gender:Male
  • Location:Anywhere you can imagine

  • Netherlands

Posted 30 January 2009 - 02:19 AM

i have a 109 proccesses on my laptop lol no clue about my desktop lol

You serious?

'Viam interdum tantum deerrāntēs invenīre possunt.'
Posted Image
How to work with 'sharecodes' - Infected fix? - Forum Rules - Frontpage FAQ


#9 PsychoticxBloodxLust

PsychoticxBloodxLust

    Advanced Member

  • Members
  • PipPipPip
  • 238 posts
  • Gender:Male
  • Location:The Shadow Realm

  • Pirate

Posted 30 January 2009 - 06:19 AM

Posted Imageya one sec i'll screeny

"One must become a LEECHER, before one may become a Master SEEDER!" - Me

Posted Image


Manufacturer:
Custom Build - by: Myself
Processor: AMD Phenom™ 9600 Quad-Core Processor (4 CPUs), ~2.3GHz
Memory: (4x) OCZ SLI-Ready Dual Channel 2Gig PC6400 DDR2 800MHz

Hard Drive: (2x) Seagate - C:\1.5TB [Raid 1 Array]
Video Card: NVIDIA XFX GeForce 9800 GX2 XXX Edition
Monitor:
SAMSUNG P2570HD Black 24.6" 4ms HDMI Widescreen LCD Monitor 300 cd/m2 DC 50000:1(1000:1) Built in Speakers
Sound Card: Speakers (SoundMAX Integrated Digital HD Audio)
Keyboard: Logitech - EX 100 Wireless Keyboard
Mouse: Logitech - EX 100 Wireless Mouse
Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_rtm.090713-1255)
Motherboard: ASUS - ROG: Crosshair, BIOS v.1207, w/ ASUS SLIC 2.1
Computer Case: Thermaltake - Armor, Black

#10 manpe

manpe

    Senior Member

  • ViP
  • 724 posts
  • Gender:Male

  • Estonia

Posted 30 January 2009 - 07:12 AM

I have currently 37 processes running. Is it much? I tried running TUT, but it closed automatically after initializing and it gave some sort of error after entering the serial code.

11.gif(Spank ma monkeeh!)


#11 shought

shought

    ViP Member

  • Administrator
  • 11,774 posts
  • Gender:Male
  • Location:Anywhere you can imagine

  • Netherlands

Posted 30 January 2009 - 08:51 AM

Posted Imageya one sec i'll screeny

Well, in your system specs I do see your PC is capable of running that many, but I think it'd be faster if you got rid of some, lol. 111 processes is really too much! :coolwink:

'Viam interdum tantum deerrāntēs invenīre possunt.'
Posted Image
How to work with 'sharecodes' - Infected fix? - Forum Rules - Frontpage FAQ


#12 PsychoticxBloodxLust

PsychoticxBloodxLust

    Advanced Member

  • Members
  • PipPipPip
  • 238 posts
  • Gender:Male
  • Location:The Shadow Realm

  • Pirate

Posted 30 January 2009 - 07:18 PM

that my laptop your looking at my desktop is runing 57 lol using 12% of my total ram lol

the image is my laptop with 2 gigs of ram lol

alot of the crap is Lenovo's software

"One must become a LEECHER, before one may become a Master SEEDER!" - Me

Posted Image


Manufacturer:
Custom Build - by: Myself
Processor: AMD Phenom™ 9600 Quad-Core Processor (4 CPUs), ~2.3GHz
Memory: (4x) OCZ SLI-Ready Dual Channel 2Gig PC6400 DDR2 800MHz

Hard Drive: (2x) Seagate - C:\1.5TB [Raid 1 Array]
Video Card: NVIDIA XFX GeForce 9800 GX2 XXX Edition
Monitor:
SAMSUNG P2570HD Black 24.6" 4ms HDMI Widescreen LCD Monitor 300 cd/m2 DC 50000:1(1000:1) Built in Speakers
Sound Card: Speakers (SoundMAX Integrated Digital HD Audio)
Keyboard: Logitech - EX 100 Wireless Keyboard
Mouse: Logitech - EX 100 Wireless Mouse
Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_rtm.090713-1255)
Motherboard: ASUS - ROG: Crosshair, BIOS v.1207, w/ ASUS SLIC 2.1
Computer Case: Thermaltake - Armor, Black

#13 lal krishna

lal krishna

    Advanced Member

  • ViP
  • 186 posts

  • Blank

Posted 30 January 2009 - 09:51 PM

Posted Imageya one sec i'll screeny

Damn!!!!That is way too many even for a super computer.Why don't you set some up manually?

#14 KotaXor

KotaXor

    ViP Member

  • Veteran
  • 3,066 posts
  • Gender:Male
  • Location:HELL

  • Blank

Posted 30 January 2009 - 11:02 PM

I have currently 37 processes running. Is it much? I tried running TUT, but it closed automatically after initializing and it gave some sort of error after entering the serial code.

37 process is not too much, it all depend on what are the process running.
Some process need not run all the time, it should only run when you want it to.
In order to know whether it is too much, you need to find out what others (beside Windows) process is running.

An example is Java should not be running all the time searching for updates

C:\Program Files\Java\jre6\bin\jusched.exe

You can disable it in Control Panel> Java and at updates tab uncheck 'Check for update automatically" >Apply

Acrobat is another which like to run upon system bootup.

ENJOY!

Everyone starts out a noob......
Some just can't get out of the trend.

There's no stupid people but only lazy people......

If the world ends today.....its OK.......cause its tomorrow where I am.

Posted Image

#15 Bizarre™

Bizarre™

    ViP Member

  • Staff
  • 9,613 posts
  • Gender:Male

  • Blank

Posted 31 January 2009 - 01:22 AM

I only have 24 processes running on startup... 30, before shutdown.

#16 shought

shought

    ViP Member

  • Administrator
  • 11,774 posts
  • Gender:Male
  • Location:Anywhere you can imagine

  • Netherlands

Posted 31 January 2009 - 05:43 AM

30-36 here.

'Viam interdum tantum deerrāntēs invenīre possunt.'
Posted Image
How to work with 'sharecodes' - Infected fix? - Forum Rules - Frontpage FAQ


#17 PsychoticxBloodxLust

PsychoticxBloodxLust

    Advanced Member

  • Members
  • PipPipPip
  • 238 posts
  • Gender:Male
  • Location:The Shadow Realm

  • Pirate

Posted 01 February 2009 - 02:21 AM

I have alot of underground stuff going on in a since minus all of that i'd only have i think 24-27 running the other 20 are well steam, xfire, aim, and then my network stuff i use to monitor and such

"One must become a LEECHER, before one may become a Master SEEDER!" - Me

Posted Image


Manufacturer:
Custom Build - by: Myself
Processor: AMD Phenom™ 9600 Quad-Core Processor (4 CPUs), ~2.3GHz
Memory: (4x) OCZ SLI-Ready Dual Channel 2Gig PC6400 DDR2 800MHz

Hard Drive: (2x) Seagate - C:\1.5TB [Raid 1 Array]
Video Card: NVIDIA XFX GeForce 9800 GX2 XXX Edition
Monitor:
SAMSUNG P2570HD Black 24.6" 4ms HDMI Widescreen LCD Monitor 300 cd/m2 DC 50000:1(1000:1) Built in Speakers
Sound Card: Speakers (SoundMAX Integrated Digital HD Audio)
Keyboard: Logitech - EX 100 Wireless Keyboard
Mouse: Logitech - EX 100 Wireless Mouse
Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_rtm.090713-1255)
Motherboard: ASUS - ROG: Crosshair, BIOS v.1207, w/ ASUS SLIC 2.1
Computer Case: Thermaltake - Armor, Black