1.track4.com - what is it? And how do I get rid of it?
Thanks.
Full Version: 1.track4.com - what is it?
It looks like a parked domain. Had it been set as your homepage? What browser do you use?
QUOTE (capples @ Oct 18 2008, 06:15 PM) 
1.track4.com - what is it? And how do I get rid of it?
Thanks.
Thanks.
It has not been a home page. I always use blank. The symptom appears from the command line when I execute netstat.
It looks like some other malware may be lurking as well.
Thanks.
Here is a paste of netstat:
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\cj>netstat
Active Connections
Proto Local Address Foreign Address State
TCP pXL9cj1:1041 1.track4.com:27015 ESTABLISHED
TCP pXL9cj1:27015 1.track4.com:1041 ESTABLISHED
TCP pXL9cj1:1714 204.15.240.75:80 CLOSE_WAIT
TCP pXL9cj1:1715 yo-in-f99.google.com:80 CLOSE_WAIT
TCP pXL9cj1:1716 he-in-f101.google.com:80 CLOSE_WAIT
C:\Documents and Settings\cj>
QUOTE (capples @ Oct 19 2008, 11:59 AM)
It has not been a home page. I always use blank. The symptom appears from the command line when I execute netstat.
It looks like some other malware may be lurking as well.
Thanks.
Here is a paste of netstat:
I use IE7
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\cj>netstat
Active Connections
Proto Local Address Foreign Address State
TCP pXL9cj1:1041 1.track4.com:27015 ESTABLISHED
TCP pXL9cj1:27015 1.track4.com:1041 ESTABLISHED
TCP pXL9cj1:1714 204.15.240.75:80 CLOSE_WAIT
TCP pXL9cj1:1715 yo-in-f99.google.com:80 CLOSE_WAIT
TCP pXL9cj1:1716 he-in-f101.google.com:80 CLOSE_WAIT
C:\Documents and Settings\cj>
It looks like some other malware may be lurking as well.
Thanks.
Here is a paste of netstat:
I use IE7
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\cj>netstat
Active Connections
Proto Local Address Foreign Address State
TCP pXL9cj1:1041 1.track4.com:27015 ESTABLISHED
TCP pXL9cj1:27015 1.track4.com:1041 ESTABLISHED
TCP pXL9cj1:1714 204.15.240.75:80 CLOSE_WAIT
TCP pXL9cj1:1715 yo-in-f99.google.com:80 CLOSE_WAIT
TCP pXL9cj1:1716 he-in-f101.google.com:80 CLOSE_WAIT
C:\Documents and Settings\cj>
CurrPorts will tell you what application is keeping the ESTABLISHED connection open:
http://www.nirsoft.net/utils/cports.html
http://www.nirsoft.net/utils/cports.html
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.