Re: browser redirect prob

pmj wrote:
> "BoyPete" <petcrow@xxxxxxxxxxx> wrote in message
> news:3l6bs5F119pktU1@xxxxxxxxxxxxxxxxx
>> Boo wrote:
>>> In news:3l5v0lF10iv3oU1@xxxxxxxxxxxxxx,
>>> BoyPete whispered softly in my ear...:
>>>
>>>> Sometimes........clicking on a link takes me to this blank page
>>>> http://69.50.190.131/?to=dname&from=in
>>>> Typing in the IP takes me here
>>>> http://www.megatds.com/empty.html
>>>> also blank. Removing stuff after the slash takes me here
>>>> http://www.megatds.com/
>
> Oh, oh!...
> :-(
>
> Bad news.
> Sounds like your Browser/Operating System has been Hijacked!
> :-(
>
>>>> which is a traffic redirecting company. I've run all the usual
>>>> virus/spyware stuff to no avail. I've searched my drives for files
>>>> with megatds in.....nowt. This happens no matter which browser I
>>>> use.
>>>> Any ideas?? :)

snip.......I'll come to that later

> Sounds like his Hosts File has been Hijacked?
> That IP Address may *already* be in his Hosts File, associated with
> other Sites?

snip
> Where (& what) did you "Search"?

I used windows seach for the IP and the url of the site.


> You should have a Hosts *File* (not Folder in that "etc" Folder.
> *Un*less, it's been Hijacked - something may have moved it.

his is all I have in 'etc'
hosts.ics
lmhosts.sam
networks
protocol
quotes
services

The first one syas it's for the home network......the others all bring up
the 'open with' box.


> WinXP uses a Registry Entry to find the Hosts File to use,
>
> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
>
> The Value in that Key is called "DatabasePath"

Can't find relevant entry in Parameters

> Check to see that it's correct - it should say the Full Path to the
> File, which by Default is:
>
> %SystemRoot%\System32\drivers\etc
>
> Another possibility is that the DNS Server (Name Servers) in your
> TCP/IP Properties may have been changed, to point to the dodgy site
> (or one of their Affiliates), so they can then serve up the IP
> Address of the Site that they want you to visit.
>
> You should check to see what Name Servers have been Assigned to the
> Connection.

eh..........me forgot how to find that :(


> HTH


--
ßôyþëtë


.

Relevant Pages

  • Re: Disappearing HOSTS file XP Pro SP2
    ... machines to access test servers that don't have 'public' DNS names ... and for virtual servers on the local loop so we don't have to ... whoa - ti was resolving to the public DNS entry. ... HOSTS file is one of those protected? ...
    (microsoft.public.windowsxp.network_web)
  • Re: [Full-disclosure] Re: According to Ivan, the secret ZA phone-homeserver is located at 12
    ... Your quite a piece fo work Dave. ... Do you know how windows hosts file ... destination servers to Zonelaram". ... I don't care since your email just qualified you ...
    (Full-Disclosure)
  • Re: Who Really Controls Internet?
    ... >> Those are just TLD name servers, ... You could perform something similar with your hosts file. ... > an important piece of the Internet architecture. ... a lookup site. ...
    (comp.dcom.telecom)
  • Re: Outlook 2001 on OSX - a solution
    ... to include ALL of our servers IP's and their names. ... network connectivity. ... >>application and some unix to edit the hosts file for OSX ... >>and add an entry for the mail server. ...
    (microsoft.public.outlook.mac)
  • Re: system32driversetchosts doesnt get read
    ... That is the localhost address ... Are the entries for local, or for distant, servers? ... remember to run "ipconfig /flushdns" after making changes. ... How about you provide an example of a Hosts file entry that you made, ...
    (microsoft.public.windowsxp.network_web)