stkoontz
asked on
Computer trying to connect to redswoosh.akadns.net
We use bsecure (Www.bsecure.com) for our internet filter and AVG free version for antivirus. When I upgraded to the newest version of bsecure, I started to get a warning popup that says "Site:redswoosh.akadns.net Reason: File sharing, Dynamic." So there's something in my computer that's trying to access this website. (My guess is that it's been there awhile and the new version of bescure has a new feature to show what it's blocking.)
I ran the AVG scan, TrendMicro's online scan and fsecure's scan. Neither found anything very wrong.
Thanks for any help that can be given.
Steve
Hijack This log is below if that helps.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:29:24 AM, on 10/14/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\AVG\AVG9\avgchsvx.ex e
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.ex e
C:\WINDOWS\system32\spools v.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS ervice.exe
C:\Program Files\AVG\AVG9\avgwdsvc.ex e
C:\Program Files\Bonjour\mDNSResponde r.exe
C:\Program Files\Bsecure\InetCtrl.exe
C:\Program Files\Bsecure\BsecAV.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.ex e
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.ex e
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchos t.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.ex e
C:\WINDOWS\System32\vssvc. exe
C:\WINDOWS\system32\dllhos t.exe
C:\WINDOWS\system32\dllhos t.exe
C:\Program Files\Bsecure\BSecKLX.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd. exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVC omSX.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\PROGRA~1\AVG\AVG9\avgtr ay.exe
C:\Program Files\iTunes\iTunesHelper. exe
C:\Program Files\Bsecure\BsecTray.exe
C:\WINDOWS\system32\ctfmon .exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuaucl t.exe
C:\Program Files\Google\Chrome\Applic ation\chro me.exe
C:\Program Files\iPod\bin\iPodService .exe
C:\Program Files\Google\Chrome\Applic ation\chro me.exe
C:\Program Files\Google\Chrome\Applic ation\chro me.exe
C:\Program Files\Trend Micro\HijackThis\HijackThi s.exe
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = http://www.weather.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Sear ch_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5 347D756017 C} - C:\Program Files\AVG\AVG9\Toolbar\IET oolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Common Files\Adobe\Acrobat\Active X\AcroIEHe lper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4 E65E497C8C 0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5 347D756017 C} - C:\Program Files\AVG\AVG9\Toolbar\IET oolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-C E66B5AD205 D} - C:\Program Files\Google\GoogleToolbar Notifier\5 .2.4204.17 00\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9 C25C1C588A 9} - C:\Program Files\Java\jre6\bin\jp2ssv .dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-E ABFE594F69 C} - C:\Program Files\Java\jre6\lib\deploy \jqs\ie\jq s_plugin.d ll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9 F516DD6982 9} - C:\Program Files\AVG\AVG9\Toolbar\IET oolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtr ay.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd. exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVC omSX.exe"
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtr ay.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dump rep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe " -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper. exe"
O4 - HKLM\..\Run: [Bsecure] C:\Program Files\Bsecure\BsecTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon .exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe " /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbar Notifier\G oogleToolb arNotifier .exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08da -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\ GPhotos.sc r/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2 \Office10\ EXCEL.EXE/ 3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider '%programfiles%\bsecure\in etctrl38.d ll' missing
O16 - DPF: {1E54D648-B804-468d-BC78-4 AFFED8E262 F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {6414512B-B978-451D-A0D8-F CFDF33E833 C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1208441033453
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B 5AE0DC75AC 9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-F BDDE494F8D 1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrss tx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS ervice.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.ex e
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde r.exe
O23 - Service: CloudCare (Bsecure) - Bsecure Technologies, Inc. - C:\Program Files\Bsecure\InetCtrl.exe
O23 - Service: CloudCare AntiVirus (BsecureAV) - Bsecure Technologies, Inc. - C:\Program Files\Bsecure\BsecAV.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.ex e
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1ca24242bcd5a02) (gupdate1ca24242bcd5a02) - Google Inc. - C:\Program Files\Google\Update\Google Update.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterServi ce.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService .exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.ex e
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\Srv Lnch.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc .exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpns erv.exe
--
End of file - 8117 bytes
I ran the AVG scan, TrendMicro's online scan and fsecure's scan. Neither found anything very wrong.
Thanks for any help that can be given.
Steve
Hijack This log is below if that helps.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:29:24 AM, on 10/14/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\AVG\AVG9\avgchsvx.ex
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.ex
C:\WINDOWS\system32\spools
C:\WINDOWS\System32\svchos
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS
C:\Program Files\AVG\AVG9\avgwdsvc.ex
C:\Program Files\Bonjour\mDNSResponde
C:\Program Files\Bsecure\InetCtrl.exe
C:\Program Files\Bsecure\BsecAV.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.ex
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.ex
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchos
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.ex
C:\WINDOWS\System32\vssvc.
C:\WINDOWS\system32\dllhos
C:\WINDOWS\system32\dllhos
C:\Program Files\Bsecure\BSecKLX.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVC
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\PROGRA~1\AVG\AVG9\avgtr
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files\Bsecure\BsecTray.exe
C:\WINDOWS\system32\ctfmon
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuaucl
C:\Program Files\Google\Chrome\Applic
C:\Program Files\iPod\bin\iPodService
C:\Program Files\Google\Chrome\Applic
C:\Program Files\Google\Chrome\Applic
C:\Program Files\Trend Micro\HijackThis\HijackThi
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-C
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-E
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtr
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVC
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtr
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dump
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [Bsecure] C:\Program Files\Bsecure\BsecTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbar
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O10 - Broken Internet access because of LSP provider '%programfiles%\bsecure\in
O16 - DPF: {1E54D648-B804-468d-BC78-4
O16 - DPF: {6414512B-B978-451D-A0D8-F
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-F
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrss
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceS
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.ex
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde
O23 - Service: CloudCare (Bsecure) - Bsecure Technologies, Inc. - C:\Program Files\Bsecure\InetCtrl.exe
O23 - Service: CloudCare AntiVirus (BsecureAV) - Bsecure Technologies, Inc. - C:\Program Files\Bsecure\BsecAV.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.ex
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate1ca24242bcd5a02) (gupdate1ca24242bcd5a02) - Google Inc. - C:\Program Files\Google\Update\Google
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.ex
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\Srv
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpns
--
End of file - 8117 bytes
The server is server of Akamai Technologies which are often used for dowloading updates of software. A lot of SW vendors used this service. Also some VoIP sofwares can used it. Run in command prompt (Start CMD) command
netstat -b -a and you see what process is making this connection
netstat -b -a and you see what process is making this connection
show me the result of command please.
ASKER
Thanks for the very quick response. Here are the results of running netstat. I'll also try the malware scan.
Active Connections
Proto Local Address Foreign Address State PID
TCP owner-31ddf27ce:epmap owner-31ddf27ce:0 LISTENING 1316
C:\Program Files\Bsecure\InetCtrl38.d ll
C:\WINDOWS\system32\RPCRT4 .dll
c:\windows\system32\rpcss. dll
C:\WINDOWS\system32\svchos t.exe
-- unknown component(s) --
[svchost.exe]
TCP owner-31ddf27ce:microsoft- ds owner-31ddf27ce:0 LISTENING 4
[System]
TCP owner-31ddf27ce:843 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:8080 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:30861 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:36081 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:668 owner-31ddf27ce:0 LISTENING 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:1030 owner-31ddf27ce:0 LISTENING 3364
[alg.exe]
TCP owner-31ddf27ce:5152 owner-31ddf27ce:0 LISTENING 580
[jqs.exe]
TCP owner-31ddf27ce:5354 owner-31ddf27ce:0 LISTENING 540
[mDNSResponder.exe]
TCP owner-31ddf27ce:9421 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
TCP owner-31ddf27ce:9422 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
TCP owner-31ddf27ce:9423 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
TCP owner-31ddf27ce:10110 owner-31ddf27ce:0 LISTENING 2304
[avgemc.exe]
TCP owner-31ddf27ce:27015 owner-31ddf27ce:0 LISTENING 472
[AppleMobileDeviceService. exe]
TCP owner-31ddf27ce:62514 owner-31ddf27ce:0 LISTENING 1392
[cvpnd.exe]
TCP owner-31ddf27ce:netbios-ss n owner-31ddf27ce:0 LISTENING 4
[System]
TCP owner-31ddf27ce:1054 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
TCP owner-31ddf27ce:668 localhost:1494 ESTABLISHED 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:1494 localhost:668 ESTABLISHED 3660
[CarboniteUI.exe]
TCP owner-31ddf27ce:1510 localhost:27015 ESTABLISHED 3720
[iTunesHelper.exe]
TCP owner-31ddf27ce:27015 localhost:1510 ESTABLISHED 472
[AppleMobileDeviceService. exe]
TCP owner-31ddf27ce:4807 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4841 iw-in-f139.1e100.net:http ESTABLISHED 3016
[chrome.exe]
TCP owner-31ddf27ce:4845 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4896 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4899 38.97.75.18:https ESTABLISHED 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:4906 38.97.75.18:https ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4852 45.17.bsecure.com:http TIME_WAIT 0
TCP owner-31ddf27ce:4864 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4867 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4868 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4869 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4870 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4871 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4872 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4873 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4875 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4876 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4878 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4879 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4880 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4881 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4882 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4883 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4885 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4886 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4887 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4888 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4897 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4898 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4900 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4901 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4902 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4903 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4905 38.97.75.18:https TIME_WAIT 0
UDP owner-31ddf27ce:3082 *:* 592
[InetCtrl.exe]
UDP owner-31ddf27ce:isakmp *:* 1064
[lsass.exe]
UDP owner-31ddf27ce:4500 *:* 1064
[lsass.exe]
UDP owner-31ddf27ce:microsoft- ds *:* 4
[System]
UDP owner-31ddf27ce:1025 *:* 540
[mDNSResponder.exe]
UDP owner-31ddf27ce:1050 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:ntp *:* 1456
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\windows\system32\w32tim e.dll
ntdll.dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:62514 *:* 1392
[cvpnd.exe]
UDP owner-31ddf27ce:1045 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:1900 *:* 1680
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\windows\system32\ssdpsr v.dll
C:\WINDOWS\system32\ADVAPI 32.dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:1043 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:ntp *:* 1456
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\windows\system32\w32tim e.dll
ntdll.dll
-- unknown component(s) --
[svchost.exe]
UDP owner-31ddf27ce:netbios-ns *:* 4
[System]
UDP owner-31ddf27ce:5353 *:* 540
[mDNSResponder.exe]
UDP owner-31ddf27ce:1052 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:1051 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\program files\common files\akamai\netsession_wi n_062a651. dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:1900 *:* 1680
C:\Program Files\Bsecure\InetCtrl38.d ll
c:\windows\system32\ssdpsr v.dll
C:\WINDOWS\system32\ADVAPI 32.dll
C:\WINDOWS\system32\kernel 32.dll
[svchost.exe]
UDP owner-31ddf27ce:netbios-dg m *:* 4
[System]
Active Connections
Proto Local Address Foreign Address State PID
TCP owner-31ddf27ce:epmap owner-31ddf27ce:0 LISTENING 1316
C:\Program Files\Bsecure\InetCtrl38.d
C:\WINDOWS\system32\RPCRT4
c:\windows\system32\rpcss.
C:\WINDOWS\system32\svchos
-- unknown component(s) --
[svchost.exe]
TCP owner-31ddf27ce:microsoft-
[System]
TCP owner-31ddf27ce:843 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:8080 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:30861 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:36081 owner-31ddf27ce:0 LISTENING 592
[InetCtrl.exe]
TCP owner-31ddf27ce:668 owner-31ddf27ce:0 LISTENING 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:1030 owner-31ddf27ce:0 LISTENING 3364
[alg.exe]
TCP owner-31ddf27ce:5152 owner-31ddf27ce:0 LISTENING 580
[jqs.exe]
TCP owner-31ddf27ce:5354 owner-31ddf27ce:0 LISTENING 540
[mDNSResponder.exe]
TCP owner-31ddf27ce:9421 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
TCP owner-31ddf27ce:9422 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
TCP owner-31ddf27ce:9423 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
TCP owner-31ddf27ce:10110 owner-31ddf27ce:0 LISTENING 2304
[avgemc.exe]
TCP owner-31ddf27ce:27015 owner-31ddf27ce:0 LISTENING 472
[AppleMobileDeviceService.
TCP owner-31ddf27ce:62514 owner-31ddf27ce:0 LISTENING 1392
[cvpnd.exe]
TCP owner-31ddf27ce:netbios-ss
[System]
TCP owner-31ddf27ce:1054 owner-31ddf27ce:0 LISTENING 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
TCP owner-31ddf27ce:668 localhost:1494 ESTABLISHED 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:1494 localhost:668 ESTABLISHED 3660
[CarboniteUI.exe]
TCP owner-31ddf27ce:1510 localhost:27015 ESTABLISHED 3720
[iTunesHelper.exe]
TCP owner-31ddf27ce:27015 localhost:1510 ESTABLISHED 472
[AppleMobileDeviceService.
TCP owner-31ddf27ce:4807 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4841 iw-in-f139.1e100.net:http ESTABLISHED 3016
[chrome.exe]
TCP owner-31ddf27ce:4845 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4896 45.17.bsecure.com:http ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4899 38.97.75.18:https ESTABLISHED 1268
[carboniteservice.exe]
TCP owner-31ddf27ce:4906 38.97.75.18:https ESTABLISHED 592
[InetCtrl.exe]
TCP owner-31ddf27ce:4852 45.17.bsecure.com:http TIME_WAIT 0
TCP owner-31ddf27ce:4864 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4867 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4868 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4869 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4870 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4871 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4872 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4873 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4875 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4876 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4878 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4879 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4880 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4881 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4882 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4883 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4885 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4886 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4887 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4888 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4897 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4898 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4900 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4901 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4902 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4903 38.97.75.18:https TIME_WAIT 0
TCP owner-31ddf27ce:4905 38.97.75.18:https TIME_WAIT 0
UDP owner-31ddf27ce:3082 *:* 592
[InetCtrl.exe]
UDP owner-31ddf27ce:isakmp *:* 1064
[lsass.exe]
UDP owner-31ddf27ce:4500 *:* 1064
[lsass.exe]
UDP owner-31ddf27ce:microsoft-
[System]
UDP owner-31ddf27ce:1025 *:* 540
[mDNSResponder.exe]
UDP owner-31ddf27ce:1050 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:ntp *:* 1456
C:\Program Files\Bsecure\InetCtrl38.d
c:\windows\system32\w32tim
ntdll.dll
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:62514 *:* 1392
[cvpnd.exe]
UDP owner-31ddf27ce:1045 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:1900 *:* 1680
C:\Program Files\Bsecure\InetCtrl38.d
c:\windows\system32\ssdpsr
C:\WINDOWS\system32\ADVAPI
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:1043 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:ntp *:* 1456
C:\Program Files\Bsecure\InetCtrl38.d
c:\windows\system32\w32tim
ntdll.dll
-- unknown component(s) --
[svchost.exe]
UDP owner-31ddf27ce:netbios-ns
[System]
UDP owner-31ddf27ce:5353 *:* 540
[mDNSResponder.exe]
UDP owner-31ddf27ce:1052 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:1051 *:* 460
C:\Program Files\Bsecure\InetCtrl38.d
c:\program files\common files\akamai\netsession_wi
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:1900 *:* 1680
C:\Program Files\Bsecure\InetCtrl38.d
c:\windows\system32\ssdpsr
C:\WINDOWS\system32\ADVAPI
C:\WINDOWS\system32\kernel
[svchost.exe]
UDP owner-31ddf27ce:netbios-dg
[System]
It is netsession software at the end of the listing. It is a part of BSecure software.
Here is description waht Akamai is doing and their customers - there are also Adobe,....
http://en.wikipedia.org/wiki/Akamai_Technologies
http://en.wikipedia.org/wiki/Akamai_Technologies
ASKER
I emailed bsecure tech support. It sounds like bsecure is blocking itself from accessing its update website. Is that correct?
Steve
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I got a hold of bsecure tech support and they suggested uninstalling AKAMAI Netsession. When I did that, the problem went away.
Thanks for the help. I really appreciate it.
Steve
Thanks for the help. I really appreciate it.
Steve
I'd strongly recommend a scan with A-Squared - the free version should be fine:
http://www.emsisoft.com/en/software/antimalware/