Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Page 3 of 5 FirstFirst 12345 LastLast
    Results 21 to 30 of 46

    Odd router logs

    This is a discussion on Odd router logs within the Sky Broadband help forums, part of the Sky Broadband help and support category; TCP 192.168.0.2:51587 02:http ESTABLISHED [firefox.exe] TCP 192.168.0.2:51695 02:http ESTABLISHED [firefox.exe] I have no idea what these connections are, maybe someone ...

    1. #21
      Isitme's Avatar
      Isitme is offline Sky User Moderator
      Exchange: Bannockburn
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky+ HD
      Join Date
      Dec 2006
      Location
      Central Scotland
      Posts
      34,131
      Thanks
      64
      Thanked 1,641 Times in 1,602 Posts

      Re: Odd router logs

      TCP 192.168.0.2:51587 02:http ESTABLISHED
      [firefox.exe]
      TCP 192.168.0.2:51695 02:http ESTABLISHED
      [firefox.exe]
      I have no idea what these connections are, maybe someone else can help.

      TCP 192.168.0.2:51699 lhr14s02-in-f104:http TIME_WAIT
      TCP 192.168.0.2:51700 lhr14s02-in-f104:http TIME_WAIT
      I am pretty sure these are Google connections.

      TCP 192.168.0.2:51751 www:http TIME_WAIT
      TCP 192.168.0.2:51752 www:http TIME_WAIT
      The only thing I can find out about these is this -
      Bypass Firewalls - Preserve your online Anonymity, Privacy & Security - HTTP Tunnel Corp
      I don't know if you have any kind of software installed that would use this.

      I am afraid I am not being much help in this. All I can suggest now is that you download HiJackThis from here - HijackThis - Trend Micro USA I don't have the skills to read a Log but if you go here - HijackThis Logfileauswertung and paste in your log, it will show you what is a possible risk and how to remove it.

      TomD


      Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.


      Useful Utilites

      http://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket

      Note - When downloading always select the Custom install or you will end up with stuff you don't want.






    2. Advertisement
    3. #22
      Digger's Avatar
      Digger is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Base
      Router: Netgear V2 DG934G
      Sky TV: Sky Basic
      Join Date
      Sep 2010
      Posts
      23
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Odd router logs

      The first ones I just presumed were the initial connection to the net as I turn my router off and then back on if I don't use the PC, and Firewall thing I have no idea about! but I have checked it and its fine as far as I can tell.

      Thanks, I am posting on a help forum now.
      Last edited by Digger; 11-09-10 at 02:50 AM.

    4. #23
      Isitme's Avatar
      Isitme is offline Sky User Moderator
      Exchange: Bannockburn
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky+ HD
      Join Date
      Dec 2006
      Location
      Central Scotland
      Posts
      34,131
      Thanks
      64
      Thanked 1,641 Times in 1,602 Posts

      Re: Odd router logs

      Let us know if you find out anything useful.

      TomD


      Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.


      Useful Utilites

      http://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket

      Note - When downloading always select the Custom install or you will end up with stuff you don't want.





    5. #24
      Digger's Avatar
      Digger is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Base
      Router: Netgear V2 DG934G
      Sky TV: Sky Basic
      Join Date
      Sep 2010
      Posts
      23
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Odd router logs

      It is still happening but I can confirm my PC is clean so I am still at a loss.

    6. #25
      Isitme's Avatar
      Isitme is offline Sky User Moderator
      Exchange: Bannockburn
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky+ HD
      Join Date
      Dec 2006
      Location
      Central Scotland
      Posts
      34,131
      Thanks
      64
      Thanked 1,641 Times in 1,602 Posts

      Re: Odd router logs

      There is another thing I have thought of and that is your time synchroniser. It may be trying to up date and keeps failing, so keeps trying. Try changing the Time server Windows is using. Its probably not this, but it is worth a look.

      TomD


      Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.


      Useful Utilites

      http://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket

      Note - When downloading always select the Custom install or you will end up with stuff you don't want.





    7. #26
      Digger's Avatar
      Digger is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Base
      Router: Netgear V2 DG934G
      Sky TV: Sky Basic
      Join Date
      Sep 2010
      Posts
      23
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Odd router logs

      I have checked that but it made no difference.

    8. #27
      moleman's Avatar
      moleman is offline Sky User Member
      Exchange: Hadleigh EAHAE
      Broadband ISP: Sky Broadband Unlimited
      Router: DG834GT + TL-WR702N
      Sky TV: Sky+HD box
      Join Date
      Sep 2006
      Posts
      825
      Thanks
      10
      Thanked 31 Times in 29 Posts

      Re: Odd router logs

      Whatever is trying to log into the router may not be malicious. Some download managers log in and reboot the router to get a new IP for instance.

      Did you get a hijackthis log? Like Isitme I'm no expert but if you post it here maybe we could see something..

      It's quite intriguing.

    9. #28
      Digger's Avatar
      Digger is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Base
      Router: Netgear V2 DG934G
      Sky TV: Sky Basic
      Join Date
      Sep 2010
      Posts
      23
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Odd router logs

      Yep this is my HJT log.
      Thanks for taking alook.

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:18:53, on 07/09/2010
      Platform: Windows Vista SP2 (WinNT 6.00.1906)
      MSIE: Internet Explorer v8.00 (8.00.6001.18943)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskeng.exe
      C:\Windows\RtHDVCpl.exe
      C:\Windows\WindowsMobile\wmdc.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
      C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
      C:\Windows\vsnp2uvc.exe
      C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
      C:\Program Files\AVG\AVG9\avgtray.exe
      C:\Program Files\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Sandboxie\SbieCtrl.exe
      C:\Program Files\FinePixViewerS\QuickDCF2.exe
      C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
      C:\Program Files\Sandboxie\SandboxieRpcSs.exe
      C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Windows\Explorer.exe
      C:\Windows\system32\Dwm.exe
      C:\Program Files\Mozilla Firefox\plugin-container.exe
      C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sky.com - your home for the latest news, sport and entertainment
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Free Online News, Sport, Music, Movies, Money, Cars and Windows Live from MSN UK
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Free Online News, Sport, Music, Movies, Money, Cars and Windows Live from MSN UK
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O1 - Hosts: ::1 localhost # IPv6
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
      O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
      O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
      O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
      O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
      O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
      O4 - HKCU\..\Run: [HostsServer] "C:\Program Files\HostsMan\hostssrv.exe" --start
      O4 - HKCU\..\RunOnce: [FPVInstaller] C:\Users\amanda\AppData\Local\Temp\FUJIFILM\Instal lRestart.exe
      O4 - HKCU\..\RunOnce: [EZVInstaller] C:\Program Files\FinePixViewerS\INSTALLGUIDE\FPVSGuide.exe
      O4 - HKUS\S-1-5-21-2069415660-1087055719-4139926696-1001\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'panda')
      O4 - HKUS\S-1-5-21-2069415660-1087055719-4139926696-1001\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User 'panda')
      O4 - HKUS\S-1-5-21-2069415660-1087055719-4139926696-1001\..\Run: [Google Update] "C:\Users\panda\AppData\Local\Google\Update\Google Update.exe" /c (User 'panda')
      O4 - Global Startup: Exif Launcher S.lnk = ?
      O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - Sky.com - your home for the latest news, sport and entertainment (file missing)
      O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      O13 - Gopher Prefix:
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/reso...an8/oscan8.cab
      O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
      O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: avgrsstx.dll
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
      O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
      O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
      O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
      O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
      O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

    10. #29
      Isitme's Avatar
      Isitme is offline Sky User Moderator
      Exchange: Bannockburn
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky+ HD
      Join Date
      Dec 2006
      Location
      Central Scotland
      Posts
      34,131
      Thanks
      64
      Thanked 1,641 Times in 1,602 Posts

      Re: Odd router logs

      The only thing I can see that looks suspicious is -
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

      Questionable is -
      O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - Sky.com - your home for the latest news, sport and entertainment (file missing)

      Anything with no file or file missing is a bit suspicious I think, but as I say I am no expert. You could try one of the online analysers - hijackthis log analyzer - Google Search

      What you could also do is download and run Ccleaner, use it to clean up Windows and the Registry. CCleaner - Free software downloads and software reviews - CNET Download.com

      I have been wondering if the problem is connected to UPnP. Try turning this off in the router and see if it helps.

      TomD


      Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.


      Useful Utilites

      http://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket

      Note - When downloading always select the Custom install or you will end up with stuff you don't want.





    11. #30
      Digger's Avatar
      Digger is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Base
      Router: Netgear V2 DG934G
      Sky TV: Sky Basic
      Join Date
      Sep 2010
      Posts
      23
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Odd router logs

      That no name one I have has for a while, SystemLookup - 5C255C8A-E604-49b4-9D64-90988571CECB Says something about messenger. The sky missing button is just a missing button on the IE sky homepage, I have had this for a while too so nothing to do with the router. (Checked my HJT logs on a forum I use and I have had these both since March 09)
      I use CCleaner every week.
      What is UPnP and where would I see it?

      Thanks for trying to help

     

     
    Page 3 of 5 FirstFirst 12345 LastLast

    LinkBacks (?)


    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION