Anyway, has anyone else seen such a phenomenon, and are there any
remedies?
DS
you might want to check your C:\WINDOWS\system32\drivers\etc\hosts file.
Other than comments, it should have just one line 127.0.0.1 .......
(normally).
Does this happen in safe mode, or under a new profile? Wondering if
an add-on might be responsible. There was a recent post where the
person asked about Mozilla's position on putting ads in add-ons. Does
it happen in another browser suggesting that it's something outside of
your browser that is doing this.
JB
1. There was a huge hosts file, apparently created by Spybot Search &
Destroy. I deleted it and made a new one with the single line entry.
2. Haven't tried safe mode, but if IE is running, Firefox came up
separately, trying to reach the unwanted pages. Am running Opera now,
with no problems, but no problems since I renamed firefox.exe anywa.
DS
> On 04.12.2008 19:33, CET - what odd quirk of fate caused Devon
> Sedlydins to generate the following:? :
>> I am running AVG anti-virus software, which cannot find any problems,
>> but my browser apparently keeps getting hijacked by some sort of
>> adware/malware. A new window keeps popping up, sending me to some
>> pages such as "2quickfind", "yellowpages", or just sites with numbers
>> such as
>
>> "85.12.43.70"
> look here: http://www.coolwhois.com/d/85.12.43.70
>> or "38.103.37.243".
> look here: http://www.coolwhois.com/d/38.103.37.243
>
>> None of these numbered pages
>> actually loads, just the attempt is made. I assume something nefarious
>> is happening in the meanwhile. It even happens before Firefox has been
>> opened by me, automatically starting the program, that is. I renamed
>> the firefox.exe application, and am using IE right now, and it has
>> stopped happening for the moment.
>>
>> Anyway, has anyone else seen such a phenomenon, and are there any
>> remedies?
>>
>> DS
>>
>
> this wouldn't be an AV problem but rather a Firewall one. The IPs you
> are getting are probably Malware or Adware - and not viruses or trojans
> (you get those via eMail attachments)
>
> Run BOTH AdAware and SpyBot - they will put obtrusive IPs into the HOSTS
> file so that they can't be contacted via FF, but to STOP them getting
> onto your system, you will have to edit the IPs in your Firewall manager
>
> reg
Actually AdAware has fallen of the recommended list (don't know what
that list IS exactly, but I hardly see it recommended by anyone). Now
it's Malwarebytes:
http://www.malwarebytes.org/
That and SB do an excellent job of removing almost anything.
--
Terry R.
Anti-spam measures are included in my email address.
Delete NOSPAM from the email address after clicking Reply.
> On Dec 4, 2:17 pm, Fox on the run <jjrbouc...@gmail.com> wrote:
Hi Devon,
The entries by Spybot isn't a bad thing. It's blocking certain sites by
those entries. But you can have SB enter them any time by Immunizing.
Regarding Adaware, may be it's because it has a *huge* memory leak. I
will have to try Malwarebytes.
--
John Doue
It sounds as if you have malware installed. Have you tried scanning
with Superantispyware? It is very thorough. If you did a full scan
with that, it might find something.
While there is always an exception to a suggestion, for most people,
they are better off using SB and Immunize than doing nothing at all.
For those that have their own hosts entries and other blocking add-ons,
it probably isn't necessary.
> > I default to blocking cookies and blocking popups, the permission to
> > install add-ons was left as the default, and I am not too concerned
> > about images, since I have Proxomitron to block the ads and other
> > annoyances.
>
> While there is always an exception to a suggestion, for most people,
> they are better off using SB and Immunize than doing nothing at all.
> For those that have their own hosts entries and other blocking add-ons,
> it probably isn't necessary.
>
>
>
Good grief - somebody still using Proxomitron? Sheesh - I gave that
away years ago. I guess if it still works though... I just found that
Firefox, with Adblock Plus just doesn't need it.
Also, the best Hosts file is the one from:
http://www.mvps.org/winhelp2002/hosts.htm
It gets updated regularly, and you simply download it and copy it into
the appropriate folder - for WinXP that is C:\Windows\system32\Drivers
\etc\
Any customized entries added by yourself can be placed right at the top
of the file, which makes it easy to copy and paste in a text editor into
the new hosts file each time you update it. I tend to update mine every
few months - I don't see much point in doing it every update.
And I haven't had any malware or unwanted popups with that combination
for years (fingers tightly crossed...)
--
NightStalker
--
________
Brian M. Kochera
mailto:bria...@earthlink.net
--
Ron Hunter rphu...@charter.net
>
> I beg to interrupt here - I have yet to find (let alone *see*) such a
> Linux version.
> "User friendly" ?? huh!
>
look at linux mint.
f/u not needed
--
Ron Hunter rphu...@charter.net
> On Sat, 06 Dec 2008 12:42:04 -0500, Brian Kochera <bria...@earthlink.net>
> wrote:
>
>>> Also, the best Hosts file is the one from:
>>>
>>> http://www.mvps.org/winhelp2002/hosts.htm
>>>
>>> It gets updated regularly, and you simply download it and copy it into
>>> the appropriate folder - for WinXP that is C:\Windows\system32\Drivers
>>> \etc\
>
> Although I agree to some degree, since it probably has the hosts file monopoly
> cornered. You still may need to scan the file for errors or links that you
> DON'T want blocked. I went round & round with a website that I had a link to
> from my web site suddenly went offline. It was the HOSTS file single line entry
> screwing things up.
>
> Anyone can add to that hosts file. Not all [if any] of the links are actually
> verified as anything more than an annoyance to one person.
>
Set it to RO.