Re: Something hijacking URLs and directing browser to porno site
- From: Default NG ID <default@xxxxxxxx>
- Date: Tue, 30 Aug 2005 08:31:36 +0100
On Mon, 29 Aug 2005 23:31:26 -0400, Randy <wald6036@xxxxxxxxxxxxx>
wrote:
Hi there,
>Have you checked your Hosts file?
I don't think I had one until this problem began, but I was advised to
make one on a support forum (trying to solve this problem). I've
pasted it below. I cut and pasted the one that was recommended. I
don't know what to look for in it: if you see anything dodgy, please
let me know.
Slightly weirdly, I've just been to paste it, and now it's called
hosts.bak - I'm almost certain it didn't have any extension 2 nights
ago. It's in C:/windows/system32/drivers/etc. Could this be sinister?
Thanks again for any help,
Shirley
====
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host
name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
# AFAIR, the above was the shell file from Windows install - bts
# === Added because RR DNS server flips quads. Most won't need this.
204.127.161.11 inetnews.worldnet.att.net
# ===
# Block Google ads. Add additional servers as found.
127.0.0.1 pagead2.googlesyndication.com
# Block verisign takeover for non-existent domains
127.0.0.1 sitefinder.verisign.com
127.0.0.1 sitefinder-idn.verisign.com
#
# General: please keep alphabetical
127.0.0.1 2o7.net
127.0.0.1 a.tribalfusion.com
127.0.0.1 a88.g.akamai.net
127.0.0.1 a9.g.akamai.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.doubleclick.com
127.0.0.1 ad.uk.doubleclick.com
127.0.0.1 ad.uk.doubleclick.net
127.0.0.1 ad.iwin.com
127.0.0.1 ad.linksynergy.com
127.0.0.1 ad.network60.com
127.0.0.1 ad.trafficmp.com
127.0.0.1 adcontroller.unicast.com
127.0.0.1 adfarm.mediaplex.com
127.0.0.1 ad.abcnews.com
127.0.0.1 ad.usatoday.com
127.0.0.1 adimages.go.com
127.0.0.1 ads.abcnews.com
127.0.0.1 ads.adiscon.com
127.0.0.1 ads.democratandchronicle.com
127.0.0.1 ads.hitcents.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.msnbc.com
#127.0.0.1 ads.osdn.com
127.0.0.1 ads.real.com
127.0.0.1 ads.realmedia.com
127.0.0.1 ads.sys-con.com
127.0.0.1 ads.vnuemedia.com
127.0.0.1 ads.web.aol.com
127.0.0.1 ads.x10.com
127.0.0.1 ads2.vx2.cc
127.0.0.1 adserv.lwmn.net
127.0.0.1 adserv.bravenet.com
127.0.0.1 adserv2.bravenet.com
# AT&T Marketing - block or not
127.0.0.1 aens.net
127.0.0.1 g6589dcs.nyc2.aens.net
#
127.0.0.1 aim.aol.com
127.0.0.1 aim-charts.pf.aol.com
127.0.0.1 aimexpress.oscar.aol.com
127.0.0.1 aimtoday.aol.com
127.0.0.1 ar.atwola.com
127.0.0.1 arc3.msn.com
127.0.0.1 auto.search.msn.com
127.0.0.1 bannerfarm.ace.advertising.com
127.0.0.1 brilliantdigital.com
127.0.0.1 bs.serving-sys.com
127.0.0.1 burstnet.com
127.0.0.1 carrotink.com
127.0.0.1 c1.zedo.com
127.0.0.1 c2.zedo.com
127.0.0.1 c3.zedo.com
127.0.0.1 c4.zedo.com
127.0.0.1 click.linksynergy.com
127.0.0.1 clickthru.online.com
127.0.0.1 creative.floppybank.com
127.0.0.1 colonize.com
# 127.0.0.1 connect.247media.ads.link4ads.com
127.0.0.1 doubleclick.com
127.0.0.1 doubleclick.net
127.0.0.1 extreme-dm.com
127.0.0.1 flycast.com
127.0.0.1 fortunecity.com
127.0.0.1 gcirm.DemocratandChronicle.com
127.0.0.1 hitbox.com
127.0.0.1 ehg-attworldnet.hitbox.com
127.0.0.1 ehg-rr.hitbox.com
127.0.0.1 imgfarm.snv.mediaplex.com
127.0.0.1 imrworldwide.com
127.0.0.1 inforocket.com
127.0.0.1 jqkserv2.net # Netscape 7 wants to access this at
startup
127.0.0.1 login.oscar.aol.com
127.0.0.1 ln.doubleclick.net
127.0.0.1 lubid.lycos.com
127.0.0.1 m.doubleclick.net
127.0.0.1 m2.doubleclick.net
127.0.0.1 match.com
127.0.0.1 media.fastclick.net
#127.0.0.1 msn.com
#127.0.0.1 msnbc.com
127.0.0.1 network.realmedia.com
127.0.0.1 offers.mailpref.go.com
127.0.0.1 popup.msn.com
127.0.0.1 qksrv.net
127.0.0.1 qserv.zdnet.com
127.0.0.1 redsheriff.com
127.0.0.1 scrooge.ibsys.com
127.0.0.1 servedby.advertising.com
127.0.0.1 server-uk.imrworldwide.com
127.0.0.1 service.bfast.com
127.0.0.1 specificclick.net
127.0.0.1 speedyclick.com
127.0.0.1 statse.webtrendslive.com
127.0.0.1 t0.extreme-dm.com
127.0.0.1 t1.extreme-dm.com
127.0.0.1 timeinc.net
127.0.0.1 transfer.go.com
127.0.0.1 u0.extreme-dm.com
127.0.0.1 u1.extreme-dm.com
127.0.0.1 us.a1.yimg.com
127.0.0.1 v0.extreme-dm.com
127.0.0.1 view.atdmt.com
127.0.0.1 view.optamail.com
127.0.0.1 www.aim.com
127.0.0.1 www.consumerinfo.com
127.0.0.1 www.eshopxml.msn.com
127.0.0.1 www.freebanners.com
127.0.0.1 www.hightrafficads.com
127.0.0.1 www.kscasino.com
127.0.0.1 www.refsnesdata.no
127.0.0.1 www.qksrv.net
127.0.0.1 www.qwestdex.com
127.0.0.1 www.yourfreecamera.com
127.0.0.1 www2.consumercreditusa.com
127.0.0.1 x10.com
127.0.0.1 z1.adserver.com
# Please keep alphabetical
# Paste in Comet Cursor sites
# found this list in grc.spyware message
127.0.0.1 beta.cometsystems.com
127.0.0.1 comet.com
127.0.0.1 cometcursor.com
127.0.0.1 cometsystems.com
127.0.0.1 cometzone.com
127.0.0.1 cometzone.cometsystems.com
127.0.0.1 cometzone.qa.cometsystems.com
127.0.0.1 content.cometsystems.com
127.0.0.1 cps.yn.cometsystems.com
127.0.0.1 cursors.cometsystems.com
127.0.0.1 czfarm.cometsystems.com
127.0.0.1 czfiles.cometsystems.com
127.0.0.1 download.cometsystems.com
127.0.0.1 files.cometsystems.com
127.0.0.1 files2.cometsystems.com
127.0.0.1 hale-bopp.cometsystems.com
127.0.0.1 livecursors.dev.cometsystems.com
127.0.0.1 log.cc.cometsystems.com
127.0.0.1 mcc.cometsystems.com
127.0.0.1 md.yn.cometsystems.com
127.0.0.1 mockups.cometsystems.com
127.0.0.1 mycometcursor.com
127.0.0.1 NS1.COMETSYSTEMS.COM
127.0.0.1 NS2.COMETSYSTEMS.COM
127.0.0.1 pa.yn.cometsystems.com
127.0.0.1 pm.yn.cometsystems.com
127.0.0.1 reg.cc.cometsystems.com
127.0.0.1 sk.cc.cometsystems.com
127.0.0.1 terisias.cometsystems.com
127.0.0.1 ver.cc.cometsystems.com
127.0.0.1 www.comet.com
127.0.0.1 www.cometcursor.com
127.0.0.1 www.cometsystems.com
127.0.0.1 www.cometzone.com
127.0.0.1 www.livecursors.com
127.0.0.1 www.mycometcursor.com
127.0.0.1 yellownet.cometsystems.com
127.0.0.1 alma.dev.cometsystems.com
127.0.0.1 alma.qa.cometsystems.com
127.0.0.1 aphrodite.cometsystems.com
127.0.0.1 asimov.cometsystems.com
127.0.0.1 beta-test.dev.cometsystems.com
127.0.0.1 beta.cometsystems.com
127.0.0.1 chat.cometsystems.com
127.0.0.1 cometobuy.cj.com
127.0.0.1 csdev01.dev.cometsystems.com
127.0.0.1 csdev02.cometsystems.com
127.0.0.1 csprod01.cometsystems.com
127.0.0.1 csprod05.cometsystems.com
127.0.0.1 csprod06.cometsystems.com
127.0.0.1 csprod08.cometsystems.com
127.0.0.1 czfiles-1.cometsystems.com
127.0.0.1 czfiles-2.cometsystems.com
127.0.0.1 dhcp152.cometsystems.com
127.0.0.1 digex-gw.cometsystems.com
127.0.0.1 download.dev.cometsystems.com
127.0.0.1 download2.cometsystems.com
127.0.0.1 download3.cometsystems.com
127.0.0.1 downloadaccelerator.com
127.0.0.1 downlocometsystems.com
127.0.0.1 exodus.cometsystems.com
127.0.0.1 fgc-gw.cometsystems.com
127.0.0.1 files.dev.cometsystems.com
127.0.0.1 galileo.cometsystems.com
127.0.0.1 guys.cometsystems.com
127.0.0.1 halley.cometsystems.com
127.0.0.1 helium.cometsystems.com
127.0.0.1 hydrogen.cometsystems.com
127.0.0.1 jupiter.cometsystems.com
127.0.0.1 kepler.cometsystems.com
127.0.0.1 liko.cometsystems.com
127.0.0.1 lists.cometsystems.com
127.0.0.1 lithium.cometsystems.com
127.0.0.1 mcc.qa.cometsystems.com
127.0.0.1 minerva.cometsystems.com
127.0.0.1 neon.cometsystems.com
127.0.0.1 neptune.cometsystems.com
127.0.0.1 NS1.COMETSYSTEMS.COM
127.0.0.1 NS2.COMETSYSTEMS.COM
127.0.0.1 sagan.cometsystems.com
127.0.0.1 saturn.cometsystems.com
127.0.0.1 savvis-gw.cometsystems.com
127.0.0.1 ssn.cc.cometsystems.com
127.0.0.1 uranus.cometsystems.com
127.0.0.1 venus.cometsystems.com
127.0.0.1 voyager1.cometsystems.com
127.0.0.1 www.qa.cometsystems.com
# End paste of Comet Cursor sites
# AOL instant messenger ads
127.0.0.1 ads.aol.com
127.0.0.1 ads.web.aol.com
127.0.0.1 affiliate.aol.com
127.0.0.1 aimtoday.aol.com
127.0.0.1 free.aol.com
127.0.0.1 p.specialoffers.aol.com
127.0.0.1 specialoffers.aol.com
# End AOL instant messenger
# Red Sheriff - new tracking company
127.0.0.1 dk.imrworldwide.com
127.0.0.1 fe-au.imrworldwide.com
127.0.0.1 fe1-au.imrworldwide.com
127.0.0.1 fe1-fi.imrworldwide.com
127.0.0.1 fe1-it.imrworldwide.com
127.0.0.1 fe2-au.imrworldwide.com
127.0.0.1 fe2-gc.imrworldwide.com
127.0.0.1 fe3-au.imrworldwide.com
127.0.0.1 fe3-gc.imrworldwide.com
127.0.0.1 fe3-uk.imrworldwide.com
127.0.0.1 fe4-uk.imrworldwide.com
127.0.0.1 imrworldwide.com
127.0.0.1 lycos-eu.imrworldwide.com
127.0.0.1 ninemsn.imrworldwide.com
127.0.0.1 rc-au.imrworldwide.com
127.0.0.1 redsheriff.com
127.0.0.1 secure-au.imrworldwide.com
127.0.0.1 secure-uk.imrworldwide.com
127.0.0.1 secure-us.imrworldwide.com
127.0.0.1 secure-jp.imrworldwide.com
127.0.0.1 server-au.imrworldwide.com
127.0.0.1 server-br.imrworldwide.com
127.0.0.1 server-by.imrworldwide.com
127.0.0.1 server-ca.imrworldwide.com
127.0.0.1 server-de.imrworldwide.com
127.0.0.1 server-dk.imrworldwide.com
127.0.0.1 server-ee.imrworldwide.com
127.0.0.1 server-fi.imrworldwide.com
127.0.0.1 server-fr.imrworldwide.com
127.0.0.1 server-hk.imrworldwide.com
127.0.0.1 server-it.imrworldwide.com
127.0.0.1 server-jp.imrworldwide.com
127.0.0.1 server-lt.imrworldwide.com
127.0.0.1 server-lv.imrworldwide.com
127.0.0.1 server-no.imrworldwide.com
127.0.0.1 server-nz.imrworldwide.com
127.0.0.1 server-pl.imrworldwide.com
127.0.0.1 server-ru.imrworldwide.com
127.0.0.1 server-se.imrworldwide.com
127.0.0.1 server-sg.imrworldwide.com
127.0.0.1 server-stockh.imrworldwide.com
127.0.0.1 server-ua.imrworldwide.com
127.0.0.1 server-uk.imrworldwide.com
127.0.0.1 server-us.imrworldwide.com
127.0.0.1 telstra.imrworldwide.com
127.0.0.1 www.telstra.imrworldwide.com
127.0.0.1 www.imrworldwide.com
127.0.0.1 www.imrworldwide.com.au
127.0.0.1 www.redsheriff.com
# End Red Sheriff
#
# Add disabler for Opra
#
127.0.0.1 cdn1.adsdk.com
127.0.0.1 opera1-servedby.advertising.com
127.0.0.1 ins1.opera.com
127.0.0.1 ins2.opera.com
127.0.0.1 tribalfusion.com
127.0.0.1 a.tribalfusion.com
127.0.0.1 pagead-us.googlesyndication.com
127.0.0.1 bn.bfast.com # Opera ad server
.
- Follow-Ups:
- Re: Something hijacking URLs and directing browser to porno site
- From: Beauregard T. Shagnasty
- Re: Something hijacking URLs and directing browser to porno site
- From: Alt Beer
- Re: Something hijacking URLs and directing browser to porno site
- From: Beauregard T. Shagnasty
- Re: Something hijacking URLs and directing browser to porno site
- References:
- Re: Something hijacking URLs and directing browser to porno site
- From: David H. Lipman
- Re: Something hijacking URLs and directing browser to porno site
- From: Default NG ID
- Re: Something hijacking URLs and directing browser to porno site
- From: Beauregard T. Shagnasty
- Re: Something hijacking URLs and directing browser to porno site
- From: Default NG ID
- Re: Something hijacking URLs and directing browser to porno site
- From: Beauregard T. Shagnasty
- Re: Something hijacking URLs and directing browser to porno site
- From: Default NG ID
- Re: Something hijacking URLs and directing browser to porno site
- From: Default NG ID
- Re: Something hijacking URLs and directing browser to porno site
- From: David H. Lipman
- Re: Something hijacking URLs and directing browser to porno site
- Prev by Date: Re: Something hijacking URLs and directing browser to porno site
- Next by Date: Agnitum Outpost blocking everything
- Previous by thread: Re: Something hijacking URLs and directing browser to porno site
- Next by thread: Re: Something hijacking URLs and directing browser to porno site
- Index(es):
Relevant Pages
|
Loading
