Page 1 of 2 12 LastLast
Results 1 to 15 of 24

Thread: IE hijack

  1. #1
    Lounger
    Join Date
    Sep 2002
    Location
    Wichita, Kansas, USA
    Posts
    31
    Thanks
    0
    Thanked 0 Times in 0 Posts

    IE hijack

    Every time I try to go to Woody's lounge from one of my computers I get redirected to www..google.com/search?q=Mediapartners-Google. I've tried everything I know of, SpyBot S&D, Adaware, Spy Sweeper, BHO Demo 2.0, CWShredder, HijackThis, and Pest Patrols free scan all to no avail. Does anyone have any ideas? <img src=/S/help.gif border=0 alt=help width=23 height=15>

  2. #2
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    Do a search and look in your HOSTS file ( no extension ) Right click hosts and click open to get a look in there for any mention of google or wopr.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  3. #3
    Lounger
    Join Date
    Sep 2002
    Location
    Wichita, Kansas, USA
    Posts
    31
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: IE hijack

    There are 13 entries for google however all are redirected to 127.0.0.1, no entries for WOPR

  4. #4
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    Try editing them out by placing a # sign in front of the entries and saving the file.
    I looked in my own HOSTS file and there is no mention of google at all, even though I use Google and the Google toolbar.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  5. #5
    Lounger
    Join Date
    Sep 2002
    Location
    Wichita, Kansas, USA
    Posts
    31
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: IE hijack

    No dice, still redirected. The entries in the Hosts file were placed there by a download from http://www.accs-net.com/hosts/get_hosts.html to prevent redirection to known "malware" sites. Didn't have this problem before.

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: IE hijack

    Google sometimes changes the code behind the ads that appear on our pages. This can create some problems, and if other people are having a similar experience, we can see if there is an adjustment needed to the Lounge software.

  7. #7
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    You can also disable DNS Client in the Services area.
    Also this from Meyers site:
    --------------------------------------------
    The easiest thing to do when you have a recurring problem accessing a site is to temporarily disable the hosts file by dragging it from your c:windows folder to your desktop. You should restart your browser and may have to reboot depending on your version of Windows.

    If the site works with Hosts removed, you know that hosts was causing the problem. If not, then hosts wasn't the problem. To get hosts working again, just drag it back from your desktop to your c:windows folder (c:winntsystem32driversetc for Windows NT/2000/XP Pro or c:windowssystem32driversetc for Windows XP Home).

    To search for an offending entry in hosts, you can open hosts with a text editor and use the menu command "find" to search for words that are related to the site you are viewing (such as "yahoo" if you can't access a Yahoo! site). If you find entries like that, simply place a # symbol at the beginning of the line and save the file. Restart your browser and/or reboot your computer. If you can access the site with hosts still in your c:windows directory (c:winntsystem32driversetc for Windows NT/2000/XP Pro or c:windowssystem32driversetc for
    -----------------------------------------
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  8. #8
    Lounger
    Join Date
    Sep 2002
    Location
    Wichita, Kansas, USA
    Posts
    31
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: IE hijack

    Disabling the DNS service didn't help but thanks for the suggestion. Removing the Hosts file didn't work either.

  9. #9
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    Bellevue, Nebraska, USA
    Posts
    569
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    Assuming you are using Internet Explorer, go to Tools, Internet Options, General tab. Select Delete Cookies, and then Delete Files to delete all your temporary Internet files (Note, this also will force the manual entry of usernames and passwords for sites requiring them on your next visit, so make sure you know them). If using Mozilla Firefox, go to Tools, Options, Privacy, and Clear All. No need to scan thousands of temporary files.

    Windows Me and XP users, temporarily turn off System Restore to enable the scanner to clean any infected restore images. See here for instructions. This keeps malware hiding in restore images from coming back and reinfect your systems.

    Now scan for spyware. To ensure you have the latest scanner versions, download and install SpyBot Search and Destroy V1.3 from here. Before scanning, use the program
    Bill (AFE7Ret)
    Freedom is NOT Free!
    Heat is the bane of all electronics!

    ─────────────────────

  10. #10
    Bronze Lounger IanWilson's Avatar
    Join Date
    Dec 2000
    Location
    Bristol, United Kingdom
    Posts
    1,523
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    "You can also disable DNS Client in the Services area."

    Could you explain how to do that, for the uninitiated? - Ian

  11. #11
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    Doc, if you're still online, your two links in the above post are broken.

    Later: Doc doesn't seem to be around, so here's the THREE links I think he was trying to post -

    http://forums.thetechguys.com/archiv...hp/t-8108.html
    http://forum.aumha.org/viewtopic.php?p=43744
    http://forum.aumha.org/viewtopic.php?p=43960

  12. #12
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: IE hijack

    I think that the entry R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost in your HijackThis log is the culprit.

    I did a Google and came up with these 3 sites here, here, and here, (2 from the same thread) that indicate that this line should be "Fixed" using HijackThis. HTH

    edited to fix links (Thanks AL)
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  13. #13
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: IE hijack

    You've got quick fingers for an older guy Al !!! <img src=/S/grin.gif border=0 alt=grin width=15 height=15> I was gettin' to it, but had some trouble getting the brackets in the right places. <img src=/S/doh.gif border=0 alt=doh width=15 height=15>

    Thanks for pickin' up my slack ! <img src=/S/thankyou.gif border=0 alt=thankyou width=40 height=15>
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  14. #14
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    I was hoping you wouldn't be offended. <img src=/S/smile.gif border=0 alt=smile width=15 height=15> This forum is not one that I have Mod editing privileges in, so I had to make an additional post. I DID look in Who's Online, but I must've missed seeing you. Evidently my old fingers are in better shape than my old eyes!

  15. #15
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: IE hijack

    Ian,
    You can disable ( or enable ) DNS Client by Clicking Control Panel>Administrative Tools>Services. Scroll down and Right click DNS Client>properties. In Start Up Types, drop down menu, select your choice of "automatic, Manual or Disable. OK out.
    You can always change this back if it doesn't fix it for you.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •