Windows 10: Google redirection localhost.world

Page 12 of 12 FirstFirst ... 2101112

  1. Posts : 11,634
    W10Prox64
       10 Nov 2016 #111

    korbinperry said: View Post
    Good idea.. I'll report back anything I find in case it can help someone else! Thank you again!
    Yes, thanks. Good luck.
      My ComputerSystem Spec

  2.    10 Nov 2016 #112

    So here is an update. I wasn't really seeing anything looking through processes, so I checked out GlassWire (sweet application by the way, thanks! I'll be keeping it!) and I decided to narrow down the time to the minimum allowed (1 hour) between 3pm and 4pm today knowing that Malwarebytes reported an attempted outbound connection at 3:39pm. I didn't see our pesky proxy IP or address though, only a few which I illustrate with arrows that do seem kind of odd to me but perhaps just outside my understanding of windows services. I decided to look under Host Processes for Windows Services because it seems to be going through svchost.exe.

    Any of these look suspicious to you?


    Click image for larger version. 

Name:	glasswire.jpg 
Views:	7 
Size:	370.3 KB 
ID:	109574
      My ComputerSystem Spec

  3.    10 Nov 2016 #113

    A little offtopic. korbinperry I advise you to use PNG for screen captures. Way better than JPEG for that purpose.
      My ComputerSystem Spec


  4. Posts : 11,634
    W10Prox64
       10 Nov 2016 #114

    korbinperry said: View Post
    So here is an update. I wasn't really seeing anything looking through processes, so I checked out GlassWire (sweet application by the way, thanks! I'll be keeping it!) and I decided to narrow down the time to the minimum allowed (1 hour) between 3pm and 4pm today knowing that Malwarebytes reported an attempted outbound connection at 3:39pm. I didn't see our pesky proxy IP or address though, only a few which I illustrate with arrows that do seem kind of odd to me but perhaps just outside my understanding of windows services. I decided to look under Host Processes for Windows Services because it seems to be going through svchost.exe.

    Any of these look suspicious to you?


    Click image for larger version. 

Name:	glasswire.jpg 
Views:	7 
Size:	370.3 KB 
ID:	109574
    Well,
    The ff02::1:3 points to multicast addressing
    ‪what is ff02::c?‬‏ - ب*ث Google‏

    The e4280.g.akamaiedge.net - akamai is a CDN (Content Delivery Service). Nothing to worry about if you know what it's from. It's related to MAC (Apple), I think (with the edge in there).
    ‪what is ff02::c?‬‏ - ب*ث Google‏

    fe80:88c8:6423:5c74:ce52 looks to be an IPv6 address. Some info:
    IPv6 address - Wikipedia
    The KAME project
    How to Scan IPv6 Addresses with Qualys FreeScan Network Security Blog | Qualys, Inc.


    A VirusTotal scan of 69.197.188.122 gives 2 hits for malware:
    https://www.virustotal.com/en/url/f7...is/1478817995/

    Sorry, I don't seem to be much help at this for you.
      My ComputerSystem Spec

  5.    10 Nov 2016 #115

    eLPuSHeR said: View Post
    A little offtopic. korbinperry I advise you to use PNG for screen captures. Way better than JPEG for that purpose.
    You're right, I should have known better lol! Bad habit!
    simrick said: View Post
    Well,
    The ff02::1:3 points to multicast addressing
    €what is ff02::c?€€ - ب*ث Google€

    The e4280.g.akamaiedge.net - akamai is a CDN (Content Delivery Service). Nothing to worry about if you know what it's from. It's related to MAC (Apple), I think (with the edge in there).
    €what is ff02::c?€€ - ب*ث Google€

    fe80:88c8:6423:5c74:ce52 looks to be an IPv6 address. Some info:
    IPv6 address - Wikipedia
    The KAME project
    How to Scan IPv6 Addresses with Qualys FreeScan Network Security Blog | Qualys, Inc.


    A VirusTotal scan of 69.197.188.122 gives 2 hits for malware:
    https://www.virustotal.com/en/url/f7...is/1478817995/

    Sorry, I don't seem to be much help at this for you.
    That's okay! I appreciate your direction none the less! I am going to continue to try and investigate as I notice it, but for now I feel much more comfortable..I have the 69.197.188.122 address blocked in and out, and my browser hasn't force closed and reset my proxy or anything since I deleted the scheduled task, bad certs, and cleaned up the registry entry.
      My ComputerSystem Spec


  6. Posts : 11,634
    W10Prox64
       10 Nov 2016 #116

    korbinperry said: View Post
    You're right, I should have known better lol! Bad habit!

    That's okay! I appreciate your direction none the less! I am going to continue to try and investigate as I notice it, but for now I feel much more comfortable..I have the 69.197.188.122 address blocked in and out, and my browser hasn't force closed and reset my proxy or anything since I deleted the scheduled task, bad certs, and cleaned up the registry entry.
    Excellent. Keep us posted if you come across anything further. Cheers!
      My ComputerSystem Spec

  7.    12 Nov 2016 #117

    simrick said: View Post
    Excellent. Keep us posted if you come across anything further. Cheers!
    Hello again! So two days have passed, and I have been looking through my Malwarebytes Log and haven't seen a single incoming or outgoing connection that looks malicious. For now I feel confident it is gone! Thanks again for all the help, I'm glad this thread is showing up in google search results now with some of the key terms like the "69.197.188.22" IP address and "proxy" because no major software seems to pick this up and no one seems to have any info about it anywhere!
      My ComputerSystem Spec


  8. Posts : 11,634
    W10Prox64
       13 Nov 2016 #118

    korbinperry said: View Post
    Hello again! So two days have passed, and I have been looking through my Malwarebytes Log and haven't seen a single incoming or outgoing connection that looks malicious. For now I feel confident it is gone! Thanks again for all the help, I'm glad this thread is showing up in google search results now with some of the key terms like the "69.197.188.22" IP address and "proxy" because no major software seems to pick this up and no one seems to have any info about it anywhere!
    Good news! Thanks.
      My ComputerSystem Spec

  9.    14 Nov 2016 #119

    I started having the same problemThursday, without the pop up, it was asking for my password, entered it, & come back wrong password, not sure how to get help with Google, but always have Bing& Edge, if needed.

    Attachment 43714




    I have cleanup with kasperky, ccleaner, adwcleaner and doesn't work. How to solve it ?[/QUOTE]
      My ComputerSystem Spec


  10. Posts : 11,634
    W10Prox64
       14 Nov 2016 #120

    Graham Clark said: View Post
    I started having the same problemThursday, without the pop up, it was asking for my password, entered it, & come back wrong password, not sure how to get help with Google, but always have Bing& Edge, if needed.

    Attachment 43714




    I have cleanup with kasperky, ccleaner, adwcleaner and doesn't work. How to solve it ?

    Please see post #36 here.
      My ComputerSystem Spec


 
Page 12 of 12 FirstFirst ... 2101112

Related Threads
Hi there same problem with EDGE (the new browser) - can't access localhost type of addresses. I use several media servers with Web interface for controls etc. Get around - use loopback adapter -- but why should I -- Chrome / FF / IE all work...
Hi there Edge has been modified so you CAN set it to access local host type of sites (at least in build 10240). This was mentioned a while ago but just as a reminder -- many people have servers etc that have a web interface with a localhost or...
Hi, I've just installed windows 10 which all seems to have gone very well. The only problem I can't currently fix is that google seems to think I am in France! When I go to Edge/Settings/Advanced settings/search in the address bar with the only...
:sick: Hi, since yesterday my Hyper-V stoped work. I have no clue of whats going on. I tried to uninstall and install it again, but didn't work. Does someone knows how to purge hyper-v configuration when remove/uninstall it? Because it seems...
Loopback/localhost acces in apps in Software and Apps
This is aimed at Win 8, but should be the same for 10 As some of us have found out, modern apps such as Edge are not allowed to send network traffic to the local host, so things like media servers and routers do not work I have just been...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 15:52.
Find Us