Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IE Redirection of Browser to Wrong Website????

Status
Not open for further replies.
jreedar

jreedar

Programmer
Jul 20, 2003
11
0
0
US
When trying to go to which I have often, I get redirected to a page that says it's but it't not. It says "Gamma Entertainment" at the top and has porn advertising. I've run Ad Aware, with the newest updates and it finds nothing, I've run Spybot-Search & Destroy and it says I'm clean. I have Norton Antivirus corporate edition with the newest updates and it finds nothing. I'm not sure what's going on and would appreciate any help. I also run Tiny personal firewall and keep my access very tight. I also ran HijackThis v1.96 and here's it's log file:

Logfile of HijackThis v1.96.0
Scan saved at 4:42:07 PM, on 8/16/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\System32\cisvc.exe
F:\Program Files\NavNT\defwatch.exe
F:\Python22\Lib\site-packages\win32\PythonService.exe
C:\WINNT\System32\svchost.exe
f:\Program Files\Intel\Intel NetStructure VPN Client\icsrv.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
F:\Program Files\NavNT\rtvscan.exe
C:\WINNT\Explorer.EXE
f:\Program Files\Tiny Personal Firewall\persfw.exe
F:\Program Files\KODAK\Kodak EasyShare software\bin\ptssvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\ScsiAccess.EXE
C:\WINNT\system32\tlntsvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
F:\Program Files\NavNT\vptray.exe
F:\Program Files\Winamp\Winampa.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\ATI Technologies\HydraVision\HydraMD.exe
C:\WINNT\system32\sstray.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
F:\Program Files\NoAds\NoAds.exe
C:\Program Files\ATI Multimedia\main\ATISched.EXE
F:\Program Files\TClock\TClock.exe
F:\PROGRA~1\MICROS~1\Office10\OUTLOOK.EXE
C:\WINNT\System32\rundll32.exe
C:\WINNT\system32\MsgSys.EXE
C:\WINNT\System32\cidaemon.exe
C:\WINNT\System32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\All Users\Start Menu\Programs\AnitVirus-Popups-SpySoftware\HijackThis.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - f:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [vptray] F:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [WinampAgent] "f:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKCU\..\Run: [NoAds] "F:\Program Files\NoAds\NoAds.exe"
O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\main\ATISched.EXE
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - Startup: Shortcut to Microsoft Outlook.lnk = ?
O4 - Global Startup: Shortcut to TClock.exe.lnk = F:\Program Files\TClock\TClock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ATI TV (HKLM)
O16 - DPF: Tarantella 3.x Combined Java Archive - O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
 
Sort by date Sort by votes
OK everything is working great now, not sure what fixed it but I'm happy!
 
Upvote 0 Downvote
Well I rebooted and I still have the problem :(
 
Upvote 0 Downvote
OK a little more info. I did some checking and my roommate ping'd and it's correct IP is: 216.52.208.182 - and if I enter this in my browser I do correctly go to Newegg's website. However if I ping from my computer I get this IP: 207.44.152.22 which takes me to the 'Gamma Entertainment' site. I checked my Hosts & LMHosts files and they are clean. I also search my hard drive for anyfiles containing the text '207.44.152.22' and searched my entire registry for the text '207.44.152.22' both searches found nothing.
 
Upvote 0 Downvote
If you look in the FAQ's section of this forum, you will find:

faq608-3196
faq608-3482
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Deniall
  • Locked
  • Question
Problem accessing Eng-Tips website 1
Replies
7
Views
548
Deniall
Deniall
moveit
  • Locked
  • Question
Firefox will not let me sign in to my Tesco account
Replies
4
Views
153
teknance
teknance
Soisoi23
  • Locked
  • Question
Where to find a secure proxy?
Replies
4
Views
77
Mike Lewis
Mike Lewis
demigod7
  • Locked
  • Question
No internet in browser even after being connected to the internet
Replies
1
Views
95
xwb
xwb
Tedwhite
  • Locked
  • Question
How To Fix Firefox Freezing Issue In Windows 10?
Replies
2
Views
96
Tedwhite
Tedwhite

Part and Inventory Search

Sponsor

Back
Top