Page 12 of 12 FirstFirst ... 2101112

  1. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       4 Weeks Ago #111

    korbinperry said: View Post
    Good idea.. I'll report back anything I find in case it can help someone else! Thank you again!
    Yes, thanks. Good luck.
      My System SpecsSystem Spec


  2. Joined : Nov 2016
    Posts : 6
    Windows 10
       4 Weeks Ago #112

    So here is an update. I wasn't really seeing anything looking through processes, so I checked out GlassWire (sweet application by the way, thanks! I'll be keeping it!) and I decided to narrow down the time to the minimum allowed (1 hour) between 3pm and 4pm today knowing that Malwarebytes reported an attempted outbound connection at 3:39pm. I didn't see our pesky proxy IP or address though, only a few which I illustrate with arrows that do seem kind of odd to me but perhaps just outside my understanding of windows services. I decided to look under Host Processes for Windows Services because it seems to be going through svchost.exe.

    Any of these look suspicious to you?


    Click image for larger version. 

Name:	glasswire.jpg 
Views:	7 
Size:	370.3 KB 
ID:	109574
      My System SpecsSystem Spec


  3. Joined : Jul 2015
    Posts : 713
    Windows 10 Home x64
       4 Weeks Ago #113

    A little offtopic. korbinperry I advise you to use PNG for screen captures. Way better than JPEG for that purpose.
      My System SpecsSystem Spec


  4. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       4 Weeks Ago #114

    korbinperry said: View Post
    So here is an update. I wasn't really seeing anything looking through processes, so I checked out GlassWire (sweet application by the way, thanks! I'll be keeping it!) and I decided to narrow down the time to the minimum allowed (1 hour) between 3pm and 4pm today knowing that Malwarebytes reported an attempted outbound connection at 3:39pm. I didn't see our pesky proxy IP or address though, only a few which I illustrate with arrows that do seem kind of odd to me but perhaps just outside my understanding of windows services. I decided to look under Host Processes for Windows Services because it seems to be going through svchost.exe.

    Any of these look suspicious to you?


    Click image for larger version. 

Name:	glasswire.jpg 
Views:	7 
Size:	370.3 KB 
ID:	109574
    Well,
    The ff02::1:3 points to multicast addressing
    ‪what is ff02::c?‬‏ - ب*ث Google‏

    The e4280.g.akamaiedge.net - akamai is a CDN (Content Delivery Service). Nothing to worry about if you know what it's from. It's related to MAC (Apple), I think (with the edge in there).
    ‪what is ff02::c?‬‏ - ب*ث Google‏

    fe80:88c8:6423:5c74:ce52 looks to be an IPv6 address. Some info:
    IPv6 address - Wikipedia
    The KAME project
    How to Scan IPv6 Addresses with Qualys FreeScan Network Security Blog | Qualys, Inc.


    A VirusTotal scan of 69.197.188.122 gives 2 hits for malware:
    https://www.virustotal.com/en/url/f7...is/1478817995/

    Sorry, I don't seem to be much help at this for you.
      My System SpecsSystem Spec


  5. Joined : Nov 2016
    Posts : 6
    Windows 10
       4 Weeks Ago #115

    eLPuSHeR said: View Post
    A little offtopic. korbinperry I advise you to use PNG for screen captures. Way better than JPEG for that purpose.
    You're right, I should have known better lol! Bad habit!
    simrick said: View Post
    Well,
    The ff02::1:3 points to multicast addressing
    €what is ff02::c?€€ - ب*ث Google€

    The e4280.g.akamaiedge.net - akamai is a CDN (Content Delivery Service). Nothing to worry about if you know what it's from. It's related to MAC (Apple), I think (with the edge in there).
    €what is ff02::c?€€ - ب*ث Google€

    fe80:88c8:6423:5c74:ce52 looks to be an IPv6 address. Some info:
    IPv6 address - Wikipedia
    The KAME project
    How to Scan IPv6 Addresses with Qualys FreeScan Network Security Blog | Qualys, Inc.


    A VirusTotal scan of 69.197.188.122 gives 2 hits for malware:
    https://www.virustotal.com/en/url/f7...is/1478817995/

    Sorry, I don't seem to be much help at this for you.
    That's okay! I appreciate your direction none the less! I am going to continue to try and investigate as I notice it, but for now I feel much more comfortable..I have the 69.197.188.122 address blocked in and out, and my browser hasn't force closed and reset my proxy or anything since I deleted the scheduled task, bad certs, and cleaned up the registry entry.
      My System SpecsSystem Spec


  6. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       4 Weeks Ago #116

    korbinperry said: View Post
    You're right, I should have known better lol! Bad habit!

    That's okay! I appreciate your direction none the less! I am going to continue to try and investigate as I notice it, but for now I feel much more comfortable..I have the 69.197.188.122 address blocked in and out, and my browser hasn't force closed and reset my proxy or anything since I deleted the scheduled task, bad certs, and cleaned up the registry entry.
    Excellent. Keep us posted if you come across anything further. Cheers!
      My System SpecsSystem Spec


  7. Joined : Nov 2016
    Posts : 6
    Windows 10
       3 Weeks Ago #117

    simrick said: View Post
    Excellent. Keep us posted if you come across anything further. Cheers!
    Hello again! So two days have passed, and I have been looking through my Malwarebytes Log and haven't seen a single incoming or outgoing connection that looks malicious. For now I feel confident it is gone! Thanks again for all the help, I'm glad this thread is showing up in google search results now with some of the key terms like the "69.197.188.22" IP address and "proxy" because no major software seems to pick this up and no one seems to have any info about it anywhere!
      My System SpecsSystem Spec


  8. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       3 Weeks Ago #118

    korbinperry said: View Post
    Hello again! So two days have passed, and I have been looking through my Malwarebytes Log and haven't seen a single incoming or outgoing connection that looks malicious. For now I feel confident it is gone! Thanks again for all the help, I'm glad this thread is showing up in google search results now with some of the key terms like the "69.197.188.22" IP address and "proxy" because no major software seems to pick this up and no one seems to have any info about it anywhere!
    Good news! Thanks.
      My System SpecsSystem Spec


  9. Joined : Feb 2016
    Posts : 2
    Win 10-64 bit
       3 Weeks Ago #119

    I started having the same problemThursday, without the pop up, it was asking for my password, entered it, & come back wrong password, not sure how to get help with Google, but always have Bing& Edge, if needed.

    Attachment 43714




    I have cleanup with kasperky, ccleaner, adwcleaner and doesn't work. How to solve it ?[/QUOTE]
      My System SpecsSystem Spec


  10. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       3 Weeks Ago #120

    Graham Clark said: View Post
    I started having the same problemThursday, without the pop up, it was asking for my password, entered it, & come back wrong password, not sure how to get help with Google, but always have Bing& Edge, if needed.

    Attachment 43714




    I have cleanup with kasperky, ccleaner, adwcleaner and doesn't work. How to solve it ?

    Please see post #36 here.
      My System SpecsSystem Spec


 
Page 12 of 12 FirstFirst ... 2101112


Similar Threads
Thread Forum
Solved Edge browser can't access LOCALHOST type of IP addresses (build 10122
Hi there same problem with EDGE (the new browser) - can't access localhost type of addresses. I use several media servers with Web interface for controls etc. Get around - use loopback adapter -- but why should I -- Chrome / FF / IE all work...
Browsers and Email
Solved Dont forget EDGE CAN access Localhost type IP addresses now
Hi there Edge has been modified so you CAN set it to access local host type of sites (at least in build 10240). This was mentioned a while ago but just as a reminder -- many people have servers etc that have a web interface with a localhost or...
Installation and Setup
Why is Edge only offering google.fr as an option, not google.co.uk?
Hi, I've just installed windows 10 which all seems to have gone very well. The only problem I can't currently fix is that google seems to think I am in France! When I go to Edge/Settings/Advanced settings/search in the address bar with the only...
Browsers and Email
Windows 10 Hyper-V stop work | fail to connect do localhost
:sick: Hi, since yesterday my Hyper-V stoped work. I have no clue of whats going on. I tried to uninstall and install it again, but didn't work. Does someone knows how to purge hyper-v configuration when remove/uninstall it? Because it seems...
Virtualization
Loopback/localhost acces in apps
This is aimed at Win 8, but should be the same for 10 As some of us have found out, modern apps such as Edge are not allowed to send network traffic to the local host, so things like media servers and routers do not work I have just been...
Software and Apps
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:18.
Find Us
Twitter Facebook Google+



Windows 10 Forums