 |
|
 |
|
|
 |
Adware or something is taking over my borwser--pls help. |
 |
 |
|
|
02-02-04 08:35 AM
First, if this is not an appropritate group for posing this question,
please refer me to the correct one.
Now, on the the issue. I use google as my search engine and have it set as
my home page. Though I am very careful about letting unknown software get
on my computer, I seem to have something going on that is taking over my
browser. First, my home page keeps getting changed to SearchCentral.cc
(actually, in the set home page field it is listed by IP, 81.211.105.43).
Even worse than that, when I am using Google, some portion of the links in
a google search results page are actually redirected to this same Search
Central with my original Google search parameters filled in on
SearchCentral search box. When this happens, the only way I can actually
get to the url shown in the Google search results is to cut and paste the
real url.
Can someone please help me figure out how to find the pervasive code that
is taking over my browser and eradicate it.
Thank you.
James
[ Post a follow-up to this message ]
|
|
|
 |
|
 |
|
 |
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-02-04 08:35 AM
On Mon, 02 Feb 2004 16:12:27 GMT, James Bond
<jbond@universalexports.com> wrote:
quote:
>First, if this is not an appropritate group for posing this question,
>please refer me to the correct one.
>
>Now, on the the issue. I use google as my search engine and have it set as
>my home page. Though I am very careful about letting unknown software get
>on my computer, I seem to have something going on that is taking over my
>browser. First, my home page keeps getting changed to SearchCentral.cc
>(actually, in the set home page field it is listed by IP, 81.211.105.43).
>
>Even worse than that, when I am using Google, some portion of the links in
>a google search results page are actually redirected to this same Search
>Central with my original Google search parameters filled in on
>SearchCentral search box. When this happens, the only way I can actually
>get to the url shown in the Google search results is to cut and paste the
>real url.
>
>Can someone please help me figure out how to find the pervasive code that
>is taking over my browser and eradicate it.
Google is your friend :-)
http://groups.google.com/groups?num...G=Google+Search
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-02-04 09:34 AM
James Bond <jbond@universalexports.com> wrote in
news:Xns94837212ECB95jbonduniversalexpor
t@140.99.99.130:
quote:
> First, if this is not an appropritate group for posing this question,
> please refer me to the correct one.
>
> Now, on the the issue. I use google as my search engine and have it
> set as my home page. Though I am very careful about letting unknown
> software get on my computer, I seem to have something going on that is
> taking over my browser. First, my home page keeps getting changed to
> SearchCentral.cc (actually, in the set home page field it is listed by
> IP, 81.211.105.43).
>
> Even worse than that, when I am using Google, some portion of the
> links in a google search results page are actually redirected to this
> same Search Central with my original Google search parameters filled
> in on SearchCentral search box. When this happens, the only way I can
> actually get to the url shown in the Google search results is to cut
> and paste the real url.
>
> Can someone please help me figure out how to find the pervasive code
> that is taking over my browser and eradicate it.
>
> Thank you.
>
> James
Use the Host it can help.
http://mvps.org/winhelp2002/hosts.htm
http://accs-net.com/hosts/HostsToggle/
One example is to edit the Host.fle and make the following entry.
127.0.0.1 www.microsoft.com
And then go to your browser and enter www.microsoft.com and you'll see that
the browser will not go to the site.
That's one way you can stop the redirects. Maybe the site you're being sent
to is already in the Host.fle or you can edit the file yourself and create
the entry.
There are various Host files out there on Google you can use or combine
into one Host file.
Duane 
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-02-04 09:34 AM
In article < Xns948377146B3C8darnold92insightbbco@216
.148.227.77>,
notme@notme.com says...quote:
> James Bond <jbond@universalexports.com> wrote in
> news:Xns94837212ECB95jbonduniversalexpor
t@140.99.99.130:
>
>
> Use the Host it can help.
[snip host info]
Using a host file to block some redirects is bad in this persons case.
Their machine has been compromised by one of the search tools - most of
these can be uninstalled with ADD/REMOVE Software from the control panel
and then running Spy Bot....
Using the host file will only mask part of the problem, not fix it in
any way.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-02-04 09:34 AM
Leythos <void@nowhere.com> wrote in news:MPG.1a88577060461a5e98a12f@news-
server.columbus.rr.com:
quote:
> In article < Xns948377146B3C8darnold92insightbbco@216
.148.227.77>,
> notme@notme.com says...
question,[QUOTE]
is[QUOTE]
to[QUOTE]
by[QUOTE]
this[QUOTE]
can[QUOTE]
> [snip host info]
>
> Using a host file to block some redirects is bad in this persons case.
> Their machine has been compromised by one of the search tools - most of
> these can be uninstalled with ADD/REMOVE Software from the control
panelquote:
> and then running Spy Bot....
>
> Using the host file will only mask part of the problem, not fix it in
> any way.
>
I'll agree that one must find the real problem as to the compromise. But
I also think that using the Host as a prevention tool is a viable
solution for the overall protection of the machine. To me, this Host is
more than just about doing some add blocking.
Duane
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-02-04 10:33 PM
Duane Arnold <notme@notme.com> wrote in message news:<Xns948379F1D28F6darnol
d92insightbbco@216.148.227.77>...
<snip>
quote:
>
> I'll agree that one must find the real problem as to the compromise. But
> I also think that using the Host as a prevention tool is a viable
> solution for the overall protection of the machine. To me, this Host is
> more than just about doing some add blocking.
>
> Duane
Should I do that as a preventive measure?
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-03-04 03:33 AM
heyimjustcurious@yahoo.com (curious) wrote in
news:ca3e516b.0402022232.75ae5e01@posting.google.com:
quote:
> Duane Arnold <notme@notme.com> wrote in message
> news:< Xns948379F1D28F6darnold92insightbbco@216
.148.227.77>...
>
> <snip>
>
>
> Should I do that as a preventive measure?
It's not a stop all solution but it does help. There are some
applications written for WEB usage that have the IP of a WEBsite hard
coded in the application. But most applications are going to use a DNS
for the site hard coded in the application. By using a DNS in the code,
the IP for the DNS must be resolved by the computer. Usually, the DNS is
at the ISP, on a Domain in a closed MS network, or the computer itself
can resolve the DNS to IP if there is a Host file. If the HOST file does
have a DNS in it and it's set to the Loopback IP, then the access to the
site will be blocked as the requests is returned back to the machine. It
doesn't matter if you have some WEB application or some batch
application/program running that's doing a lookup by DNS to reslove the
IP to access a WEbsite it will be blocked from accessing the site.
Also, configuring a browser such as IE's security settings properly and
not leaving them in their default out of the box state helps as well,
along with using one's common sense and not having the happy fingers that
click unknowingly.
Duane
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-03-04 10:35 AM
On 2 Feb 2004 22:32:45 -0800, heyimjustcurious@yahoo.com (curious) wrote:
quote:
>Duane Arnold <notme@notme.com> wrote in message news:<Xns948379F1D28F6darno
ld92insightbbco@216.148.227.77>...
>
><snip>
>
>
> Should I do that as a preventive measure?
A HOSTS file isn't a bad security measure, but IP's for adware can always
change and keeping up the HOSTS file can become a chore.
An easier solution is to use something like PopUpCop
(http://www.popupcop.com/) to prevent malicious activity and warn you when
web sites are trying to hose your system (via Java Script, ActiveX, etc.)
---
When under the pretext of fraternity, the legal code imposes mutual sacrific
es
on the citizens, human nature is not thereby abrogated. Everyone will then
direct his efforts toward contributing little to, and taking much from, the
common fund of sacrifices. Now, is it the most unfortunate who gains from th
is
struggle? Certainly not, but rather the most influential and calculating.
- Fredric Bastiat
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Re: Adware or something is taking over my borwser--pls help. |
|
|
|
|
02-03-04 03:34 PM
CyberDroog <CyberDroog@anon.com> wrote in
news:q9rv10p9v0o446p8bsiklt0pmsjqhho5fn@
4ax.com:
quote:
> On 2 Feb 2004 22:32:45 -0800, heyimjustcurious@yahoo.com (curious)
> wrote:
>
>
> A HOSTS file isn't a bad security measure, but IP's for adware can
> always change and keeping up the HOSTS file can become a chore.
>
> An easier solution is to use something like PopUpCop
> (http://www.popupcop.com/) to prevent malicious activity and warn you
> when web sites are trying to hose your system (via Java Script,
> ActiveX, etc.)
>
> ---
> When under the pretext of fraternity, the legal code imposes mutual
> sacrifices on the citizens, human nature is not thereby abrogated.
> Everyone will then direct his efforts toward contributing little to,
> and taking much from, the common fund of sacrifices. Now, is it the
> most unfortunate who gains from this struggle? Certainly not, but
> rather the most influential and calculating.
>
> - Fredric Bastiat
>
Thanks, I may take a look at POPUpCop, since I am using POPUP Stopper
(free). The only third party tool I'll use is BlackIce's Application
Control that has step in a couple of times behind the browser on the
protection. I do like to go to the O/S when it comes to security
configuration, like IE. I have gone to IE and configured it such that it
just won't start downloading ActiveX controls and executing Java Scripts
on its own.
Use I understand that the data of the Host file will change from time to
time due to websites coming and going. I also hear that you can obtain
update Host files as well.
To me, it's just part of the mix of trying to keep the crap at bay.
Duane
[ Post a follow-up to this message ]
|
|
|
|
|
|
|
|
|
|
|
Sponsored Links |
|
|
|
|
 |
All times are GMT. The time now is 10:21 PM. |
 |
|
|
 |
|
 |
|
|
 |
|
Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
|
|
|
|
|
 |
|
 |
|
