Pages: [1]   Go Down

Author Topic: Google Redirecting Links  (Read 761 times)

0 Members and 1 Guest are viewing this topic.

coldflame

  • Mega Kill
  • ***
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 388
  • Bush is Listening, Use Big Words.
    • View Profile
Google Redirecting Links
« on: June 08, 2010, 04:21:06 PM »
I keep getting links redirected, thoughts?
HJT Logfile

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:55 PM, on 6/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\V0500Mon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\AIM7\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Street-Ads Browser Enhancer ieuvwofm - {28DDEA98-141E-459A-9285-8DE6258001D4} - C:\WINDOWS\system32\ieuvwofm.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ooVoo Toolbar - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\oovoodx.dll
O2 - BHO: voguecash browser enhancer - {E4F3CDE7-925B-0B4D-7F05-D5F95FA29443} - C:\WINDOWS\system32\ntuthcsryi.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ooVoo Toolbar - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files\oovootb\oovoodx.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [V0500Mon.exe] C:\WINDOWS\V0500Mon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [skb] rundll32 "hnmcdypd.dll",,Run
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [Creative Software Update] "C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.2 (.NET CLR 3.5.30729)" -"http://www.shockwave.com/contentPlay/shockwave.jsp?id=redline_rumble&refCode=&brand=ag"
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CD1C42C-3467-493A-A4C0-B2FCAA3E5840}: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{74ED7397-DE39-4C1D-8E73-F11450C91C11}: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\0047.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10535 bytes
Logged

GenTsoChiken

  • Guest
Re: Google Redirecting Links
« Reply #1 on: June 08, 2010, 05:37:42 PM »
hahaha, yea, that's been happening to me too. for the life of me i couldn't figure it out. i tried multiple virus scans, root scans, the whole nine yards. everything came up negative. i forget exactly what i did to fix it but i do remember doing a factory restore on my router as one of the things i did and changing the access passwords.
Logged

GenTsoChiken

  • Guest
Re: Google Redirecting Links
« Reply #2 on: June 08, 2010, 05:43:19 PM »
oh btw, get rid of the following:
O2 - BHO: Street-Ads Browser Enhancer ieuvwofm - {28DDEA98-141E-459A-9285-8DE6258001D4} - C:\WINDOWS\system32\ieuvwofm.dll (file missing)
O2 - BHO: voguecash browser enhancer - {E4F3CDE7-925B-0B4D-7F05-D5F95FA29443} - C:\WINDOWS\system32\ntuthcsryi.dll (file missing)

look into:
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

idk if you're hosting something or what ever the case maybe but check out:
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CD1C42C-3467-493A-A4C0-B2FCAA3E5840}: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{74ED7397-DE39-4C1D-8E73-F11450C91C11}: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.163.15,93.188.161.198
Logged

Popsikle

  • CoalitionLAN Staff
  • Ultra Kill
  • *****
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 891
    • View Profile
    • WWW
Re: Google Redirecting Links
« Reply #3 on: June 08, 2010, 05:46:10 PM »
run `netstat -aon` and past the output please.

You have a proxy service running on port 5555 which does not match the profile of your av software:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
Logged
Manufacturer:     Popsikle Inc. * Processor:    AMD Athlon(tm) 64 X2 DCP 3800+, MMX, 3DNow (2 CPUs), ~2.0GHz * Memory:    1024MB RAM * Hard Drive:    74.3 GB x 2 10K rpm Raptros (Mirrored)  * Video Card:    GeForce 7800 GT SLI 512 MB  * Monitor:    1x Flatron L1720P LG, 1 17in CRT * Sound Card:    SB Audigy Audio [DF00]  * Speakers/Headphones:    Logitec 5.1 Surround Speaker Set * Mouse:    Logitec Mx 700

coldflame

  • Mega Kill
  • ***
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 388
  • Bush is Listening, Use Big Words.
    • View Profile
Re: Google Redirecting Links
« Reply #4 on: June 08, 2010, 07:28:49 PM »
I'm running RealVNC server on my comp. the NVLSP is nVidia and here's the netstat thing.

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Samuel Bloch>netstat -aon

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       1136
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:5800           0.0.0.0:0              LISTENING       2164
  TCP    0.0.0.0:5900           0.0.0.0:0              LISTENING       2164
  TCP    5.142.127.129:139      0.0.0.0:0              LISTENING       4
  TCP    127.0.0.1:1033         127.0.0.1:27015        ESTABLISHED     2728
  TCP    127.0.0.1:4484         127.0.0.1:4485         ESTABLISHED     1316
  TCP    127.0.0.1:4485         127.0.0.1:4484         ESTABLISHED     1316
  TCP    127.0.0.1:4486         127.0.0.1:4487         ESTABLISHED     1316
  TCP    127.0.0.1:4487         127.0.0.1:4486         ESTABLISHED     1316
  TCP    127.0.0.1:5152         0.0.0.0:0              LISTENING       776
  TCP    127.0.0.1:5152         127.0.0.1:1138         CLOSE_WAIT      776
  TCP    127.0.0.1:5354         0.0.0.0:0              LISTENING       1484
  TCP    127.0.0.1:27015        0.0.0.0:0              LISTENING       1436
  TCP    127.0.0.1:27015        127.0.0.1:1033         ESTABLISHED     1436
  TCP    192.168.1.100:139      0.0.0.0:0              LISTENING       4
  TCP    192.168.1.100:1028     64.94.18.65:12975      ESTABLISHED     664
  TCP    192.168.1.100:1087     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1092     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1093     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1094     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1095     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1096     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1103     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1104     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1105     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1106     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1107     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1108     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1116     67.202.217.94:80       TIME_WAIT       0
  TCP    192.168.1.100:1117     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1118     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1119     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1120     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1127     67.202.217.94:80       TIME_WAIT       0
  TCP    192.168.1.100:1129     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1130     67.202.217.78:80       TIME_WAIT       0
  TCP    192.168.1.100:1131     67.202.217.94:80       ESTABLISHED     1316
  TCP    192.168.1.100:1132     67.202.217.94:80       TIME_WAIT       0
  TCP    192.168.1.100:1133     67.202.217.94:80       TIME_WAIT       0
  TCP    192.168.1.100:1134     67.202.217.94:80       TIME_WAIT       0
  TCP    192.168.1.100:1145     208.109.110.183:80     TIME_WAIT       0
  TCP    192.168.1.100:1148     208.109.110.183:80     TIME_WAIT       0
  TCP    192.168.1.100:1152     208.109.110.183:80     TIME_WAIT       0
  TCP    192.168.1.100:1153     72.21.207.5:80         TIME_WAIT       0
  TCP    192.168.1.100:1156     207.123.55.126:80      TIME_WAIT       0
  TCP    192.168.1.100:1157     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1158     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1159     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1160     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1161     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1162     174.143.161.204:80     TIME_WAIT       0
  TCP    192.168.1.100:1168     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1170     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1173     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1174     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1175     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1176     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1177     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1190     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1191     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1193     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1194     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1196     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1203     72.247.238.187:80      TIME_WAIT       0
  TCP    192.168.1.100:1205     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1206     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1207     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1208     65.98.1.142:80         TIME_WAIT       0
  TCP    192.168.1.100:1212     72.247.238.187:80      ESTABLISHED     1316
  TCP    192.168.1.100:1213     72.247.238.187:80      ESTABLISHED     1316
  TCP    192.168.1.100:1214     72.247.238.187:80      ESTABLISHED     1316
  TCP    192.168.1.100:1222     204.12.208.131:80      TIME_WAIT       0
  TCP    192.168.1.100:1223     74.125.77.149:80       ESTABLISHED     3396
  TCP    192.168.1.100:1224     213.163.89.104:80      TIME_WAIT       0
  TCP    192.168.1.100:1999     205.188.7.51:443       ESTABLISHED     3396
  TCP    192.168.1.100:2001     205.188.248.154:443    ESTABLISHED     3396
  TCP    192.168.1.100:4483     64.12.30.76:443        ESTABLISHED     3396
  TCP    192.168.1.100:4861     69.63.180.43:80        ESTABLISHED     1316
  UDP    0.0.0.0:445            *:*                                    4
  UDP    0.0.0.0:500            *:*                                    856
  UDP    0.0.0.0:623            *:*                                    3536
  UDP    0.0.0.0:664            *:*                                    3536
  UDP    0.0.0.0:1025           *:*                                    1484
  UDP    0.0.0.0:4500           *:*                                    856
  UDP    5.142.127.129:123      *:*                                    1492
  UDP    5.142.127.129:137      *:*                                    4
  UDP    5.142.127.129:138      *:*                                    4
  UDP    5.142.127.129:1900     *:*                                    1824
  UDP    5.142.127.129:5353     *:*                                    1484
  UDP    127.0.0.1:123          *:*                                    1492
  UDP    127.0.0.1:1182         *:*                                    1492
  UDP    127.0.0.1:1900         *:*                                    1824
  UDP    127.0.0.1:2012         *:*                                    3396
  UDP    127.0.0.1:4755         *:*                                    1316
  UDP    127.0.0.1:44301        *:*                                    1668
  UDP    127.0.0.1:45301        *:*                                    1328
  UDP    192.168.1.100:123      *:*                                    1492
  UDP    192.168.1.100:137      *:*                                    4
  UDP    192.168.1.100:138      *:*                                    4
  UDP    192.168.1.100:1029     *:*                                    664
  UDP    192.168.1.100:1900     *:*                                    1824
  UDP    192.168.1.100:5353     *:*                                    1484

C:\Documents and Settings\Samuel Bloch>
Logged

PsiFire

  • CoalitionLAN Staff
  • Ultra Kill
  • *****
  • Kudos: +0/-0
  • Offline Offline
  • Posts: 773
    • View Profile
Re: Google Redirecting Links
« Reply #5 on: June 08, 2010, 07:39:35 PM »
Those nameserver entries are VERY suspect. Leads to an entry in Amsterdam. I'd copy and cut those out to see what the results are. Also, make sure you aren't running that crappy nvidia firewall. It's beyond awful.
Logged

Popsikle

  • CoalitionLAN Staff
  • Ultra Kill
  • *****
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 891
    • View Profile
    • WWW
Re: Google Redirecting Links
« Reply #6 on: June 08, 2010, 08:54:32 PM »
wierd, i dont see anything listening on 5555. change your name servers to:
4.2.2.1
4.2.2.2  see if it goes away.
Logged
Manufacturer:     Popsikle Inc. * Processor:    AMD Athlon(tm) 64 X2 DCP 3800+, MMX, 3DNow (2 CPUs), ~2.0GHz * Memory:    1024MB RAM * Hard Drive:    74.3 GB x 2 10K rpm Raptros (Mirrored)  * Video Card:    GeForce 7800 GT SLI 512 MB  * Monitor:    1x Flatron L1720P LG, 1 17in CRT * Sound Card:    SB Audigy Audio [DF00]  * Speakers/Headphones:    Logitec 5.1 Surround Speaker Set * Mouse:    Logitec Mx 700

coldflame

  • Mega Kill
  • ***
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 388
  • Bush is Listening, Use Big Words.
    • View Profile
Re: Google Redirecting Links
« Reply #7 on: June 09, 2010, 03:17:00 PM »
I'm not running any firewall right now...except through my router, not sure how to delete those entries...help?
Logged

PsiFire

  • CoalitionLAN Staff
  • Ultra Kill
  • *****
  • Kudos: +0/-0
  • Offline Offline
  • Posts: 773
    • View Profile
Re: Google Redirecting Links
« Reply #8 on: June 12, 2010, 11:38:44 AM »
Your router firewall shouldn't be the issue. Did you fix the above?
Logged

coldflame

  • Mega Kill
  • ***
  • Kudos: +0/-0
  • Offline Offline
  • Gender: Male
  • Posts: 388
  • Bush is Listening, Use Big Words.
    • View Profile
Re: Google Redirecting Links
« Reply #9 on: June 12, 2010, 08:36:31 PM »
How?
Logged

GenTsoChiken

  • Guest
Re: Google Redirecting Links
« Reply #10 on: June 13, 2010, 09:35:57 AM »
Quote from: PsiFire on June 12, 2010, 11:38:44 AM
Your router firewall shouldn't be the issue. Did you fix the above?
it can be if he's running the default U/P.

when i had that problem and googled it, a bunch of hits came up saying it could be a problem with the router if the computer itself is clean.
Logged

PsiFire

  • CoalitionLAN Staff
  • Ultra Kill
  • *****
  • Kudos: +0/-0
  • Offline Offline
  • Posts: 773
    • View Profile
Re: Google Redirecting Links
« Reply #11 on: June 20, 2010, 09:25:46 PM »
I HOPE to hell he's not using the default U/P.

What router is it?

Quote
How?

   With HJT.
Logged
Pages: [1]   Go Up
« previous next »