Re: browser redirect prob
- From: "pmj" <post@xxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 01 Aug 2005 15:05:39 GMT
"BoyPete" <petcrow@xxxxxxxxxxx> wrote in message
news:3l6bs5F119pktU1@xxxxxxxxxxxxxxxxx
> Boo wrote:
>> In news:3l5v0lF10iv3oU1@xxxxxxxxxxxxxx,
>> BoyPete whispered softly in my ear...:
>>
>>> Sometimes........clicking on a link takes me to this blank page
>>> http://69.50.190.131/?to=dname&from=in
>>> Typing in the IP takes me here
>>> http://www.megatds.com/empty.html
>>> also blank. Removing stuff after the slash takes me here
>>> http://www.megatds.com/
Oh, oh!...
:-(
Bad news.
Sounds like your Browser/Operating System has been Hijacked!
:-(
>>> which is a traffic redirecting company. I've run all the usual
>>> virus/spyware stuff to no avail. I've searched my drives for files
>>> with megatds in.....nowt. This happens no matter which browser I
>>> use.
>>> Any ideas?? :)
Try doing do a Google Search for that IP Address (in Quotes, so as
to find Web Pages that include that IP Address - Pages with other people
who have the same (or similar) probs.
& do a HiJackThis Log & look at it to see what's been Hijacked.
Post it up & we can have a look through it & give some Hints, Tips
& suggestions on how to get it sorted.
>> Can you give us a for instance of the link you clicked? Maybe the
>> problem lies on that page/pages rather than on your pc. Did you
>> search
>> for files with that IP addy in?, maybe the name has not been resolved
>> in the problem file ( if there is one). Put that IP addy in your
>> hosts
>> file.
Sounds like his Hosts File has been Hijacked?
That IP Address may *already* be in his Hosts File, associated with
other Sites?
>> ooh , Boo had a few thoughts, and it aint even 10 o clock yet!
>
> The sixtysurfers site is one.
> http://www.sixtyplusurfers.co.uk/index.html
> Yikes! Just tried it again, and it took me to a porn site!
> I can't find a hosts folder.......Looked where I thought it should
> be.windows/system32/drivers/etc. Not there.
> Searched for the IP, no luck either. :(
Where (& what) did you "Search"?
You should have a Hosts *File* (not Folder in that "etc" Folder.
*Un*less, it's been Hijacked - something may have moved it.
WinXP uses a Registry Entry to find the Hosts File to use,
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
The Value in that Key is called "DatabasePath"
Check to see that it's correct - it should say the Full Path to the
File, which by Default is:
%SystemRoot%\System32\drivers\etc
Another possibility is that the DNS Server (Name Servers) in your TCP/IP
Properties may have been changed, to point to the dodgy site (or one of
their Affiliates), so they can then serve up the IP Address of the Site
that they want you to visit.
You should check to see what Name Servers have been Assigned to the
Connection.
HTH
--
pmj
.
- Follow-Ups:
- Re: browser redirect prob
- From: BoyPete
- Re: browser redirect prob
- References:
- browser redirect prob
- From: BoyPete
- Re: browser redirect prob
- From: Boo
- Re: browser redirect prob
- From: BoyPete
- browser redirect prob
- Prev by Date: Re: GMT Monday 1st August 2005
- Next by Date: Re: GMT Monday 1st August 2005
- Previous by thread: Re: browser redirect prob
- Next by thread: Re: browser redirect prob
- Index(es):
Relevant Pages
|
