Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: "Unusual traffic from your computer network" - Google Chrome

  1. #11
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Ok thanks for all the info.
    At a quick glance I dont see any malware that I can recognize. I will get a better look tomorrow.
    By still happening I assume you mean the ocassional message from google about automated queries. did you try the experiment i suggested in the earlier post?
    I do a see a lot of software that might have 3rd party stuff in it so lets run adwcleaner and see if that digs up anything.

    Please download Adwcleaner.exe to your desktop. then we will go from there.
    Double click on AdwCleaner.exe, select OK, then Run
    Click on the Scan button
    Once its done click on the Report button
    Copy and paste the contents of the log file in your reply
    You can also find the logfile at C:\AdwCleaner[R1].txt as well
    Exit AdwCleaner with the X (close) button. click ok at the final prompt.
    How Can I Reduce My Risk?

  2. #12
    Junior Member
    Join Date
    Jul 2014
    Posts
    15

    Default

    Thanks again shelf. Here are the results from AdwCleaner as you requested.


    # AdwCleaner v3.216 - Report created 25/07/2014 at 20:57:09
    # Updated 17/07/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : David - DAVID-HP
    # Running from : C:\Users\David\Desktop\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17207


    -\\ Mozilla Firefox v30.0 (en-US)

    [ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\u8pck2fc.default\prefs.js ]


    -\\ Google Chrome v36.0.1985.125

    [ File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [898 octets] - [25/07/2014 20:54:21]
    AdwCleaner[R1].txt - [817 octets] - [25/07/2014 20:57:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [876 octets] ##########

  3. #13
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Nothing there either.
    Have you rebooted your router and machine lately, to try and pull a new IP depending on how your ISP hands them out.
    Do you have other machines there using a router?


    Open notepad. Please copy the contents of the code box below.

    Code:
    AlternateDataStreams: C:\ProgramData\Temp:07BB519E
    AlternateDataStreams: C:\Users\David\Cookies:YzgkiNcCT4kWLFlKB96dQhE9
    AlternateDataStreams: C:\Users\David\Local Settings:v8WtyWavjBkvyJbQOIs60CspsQNl
    AlternateDataStreams: C:\Users\David\AppData\Local:v8WtyWavjBkvyJbQOIs60CspsQNl
    AlternateDataStreams: C:\Users\David\AppData\Local\Application Data:v8WtyWavjBkvyJbQOIs60CspsQNl
    Task: {19274517-30E2-4BE8-AB20-8AB1C49F1413} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
    Save it on the Desktop as fixlist.txt
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the desktop (Fixlog.txt) please post it to your reply
    How Can I Reduce My Risk?

  4. #14
    Junior Member
    Join Date
    Jul 2014
    Posts
    15

    Default

    Quote Originally Posted by shelf life View Post
    Nothing there either.
    Have you rebooted your router and machine lately, to try and pull a new IP depending on how your ISP hands them out.
    Do you have other machines there using a router?
    I have only one PC connected to a wi-fi router. I don't know how to reboot the router itself though - I might have to look at that.

    Anyway, here the results from Fixlog.txt as you requested.



    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-07-2014
    Ran by David at 2014-07-27 17:26:15 Run:1
    Running from C:\Users\David\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    AlternateDataStreams: C:\ProgramData\Temp:07BB519E
    AlternateDataStreams: C:\Users\David\Cookies:YzgkiNcCT4kWLFlKB96dQhE9
    AlternateDataStreams: C:\Users\David\Local Settings:v8WtyWavjBkvyJbQOIs60CspsQNl
    AlternateDataStreams: C:\Users\David\AppData\Local:v8WtyWavjBkvyJbQOIs60CspsQNl
    AlternateDataStreams: C:\Users\David\AppData\Local\Application Data:v8WtyWavjBkvyJbQOIs60CspsQNl
    Task: {19274517-30E2-4BE8-AB20-8AB1C49F1413} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
    *****************

    C:\ProgramData\Temp => ":07BB519E" ADS removed successfully.
    "C:\Users\David\Cookies" => ":YzgkiNcCT4kWLFlKB96dQhE9" ADS not found.
    "C:\Users\David\Local Settings" => ":v8WtyWavjBkvyJbQOIs60CspsQNl" ADS not found.
    C:\Users\David\AppData\Local => ":v8WtyWavjBkvyJbQOIs60CspsQNl" ADS removed successfully.
    "C:\Users\David\AppData\Local\Application Data" => ":v8WtyWavjBkvyJbQOIs60CspsQNl" ADS not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19274517-30E2-4BE8-AB20-8AB1C49F1413}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19274517-30E2-4BE8-AB20-8AB1C49F1413}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key not found.

    ==== End of Fixlog ====

  5. #15
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Have you gotten the google message again? Really not seeing any malware. A router may have a reset button or a power button but you can simply unplug it and wait 15 seconds or so then plug it back in.

    To try and pull a new IP you would have to reboot: your router, modem and computer. The router and modem you can unplug, the computer shut down normally. You could just power everything off and leave it off overnight then boot everything back up in the morning- modem first then router and computer. A shorter period of time might be ok also.

    It really depends on how your ISP assigns ip addresses. You might pull a new ip you might not.
    This is all based on the theory that google has banned that ip address, hence: try and get a new one. Its nothing your doing, somebody else may have had that ip recently and google black listed it for some reason. Why its only happening randomly though dont know.
    Up to you if you want to try it. It cant hurt anything. Theres some other tools we can use also as far as malware goes.
    How Can I Reduce My Risk?

  6. #16
    Junior Member
    Join Date
    Jul 2014
    Posts
    15

    Default

    I haven't gotten around to checking if I still have that Google message recently - I've been under the weather. I've noticed though that I only get it in Chrome, but not in Firefox. I haven't touched my PC for a day anyway, although I didn't unplug anything. I guess I'll try that. Unless there's anything else I need to cover, thanks shelf life. I appreciate the time you've spent giving me help.

    Off-topic - I've never realised that cnet.download.com has become a cesspool for viruses. If only I've read other people's complaints sooner, I would never have downloaded that stupid malware program that I thankfully got rid of. That's the last time I'll ever download anything from there again.

  7. #17
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Have to be careful where you download stuff from. You would think a huge portal like cnet would be cleaner than it is. Even that exploitation riddled Java presents a prompt to install the useless ask toolbar.

    If google really black listed your ip you would see the same message in fire fox also not just chrome. Are you using any chrome add-ons? At the least you should still try rebooting your router and computer. Shut down the computer normally, unplug the router, wait 30 seconds and plug the router back in and boot up your computer like you normally would.
    How Can I Reduce My Risk?

  8. #18
    Junior Member
    Join Date
    Jul 2014
    Posts
    15

    Default

    I did unplug the router for a bit and put it back on before I turned my computer on, but it didn't seem to do the trick.

    I've been using Firefox a lot, and I still don't get that message like I do on Chrome.

    WAIT - I've found this strange plug-in called keepvideo or whatever. Don't know how it got there, I disabled it. I wonder if that was causing the message?

  9. #19
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    WAIT - I've found this strange plug-in
    Could be the source, cruise around in chrome and see.
    How Can I Reduce My Risk?

  10. #20
    Junior Member
    Join Date
    Jul 2014
    Posts
    15

    Default

    Well, I blocked that plug-in, but that didn't seem to cause the message appearing. Oh joy.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •