I am trying to fix a friends PC. She was ready to trash it because it was so screwed up. It had Win98, so I installed XP Pro. She is running an oudated McAfee Virus program that I can't even uninstall. The main problem I am having now is this: Every time I go to McAfee.com or Microsoft.com/updates, after a few screens in, I get redirected to an URL named dickmagazine.com. I am on a dialup, so while it is spinning to get there, I close the Window, so I never know where it finally ends up. The McAfee program is about 18 months out of date. I tried to download a trial version, but I can't even do that, because I get redirected. Ona seperate issue, is there a way to get updates from Microsoft, by downloading the files and saving them, so they can be transferred to another computer? Right now, they download and immediately start updating.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Redirect to dickmagazine.com????
- Thread starter Odis
- Start date
I think that the first thing you need to do is reformat the machine and do a clean install of XP. There's some type of spyware or malware that appears to have been installed before the XP update you did. Reformatting will clean up everything and you won't have to track it down. It's an inconvenience if your friend has a lot of files they want to keep, but this appears to be a necessity.
After that, you can go into the control panel and manage the automatic updates.
HTH!
After that, you can go into the control panel and manage the automatic updates.
HTH!
cmeagan656
Technical User
Reformatting is way too drastic and totally unnecessary.
Follow the instructions in this FAQ FAQ608-4650 and if you still have problems post your Hijack This log in forum 608 - Browser issues for IT Professionals. Someone there will be happy to help you.
Cheers.
Follow the instructions in this FAQ FAQ608-4650 and if you still have problems post your Hijack This log in forum 608 - Browser issues for IT Professionals. Someone there will be happy to help you.
Cheers.
The faq which cmeagan656 posted is right on.
However, if I might interject a point of clarification...it's best to keep log postings in this forum.
Site management developed this forum (forum760) in part as a way to keep hijack log posting OUT of the Browser Issues forum.
Tired of waiting for an answer? Try asking better questions. See: faq222-2244
However, if I might interject a point of clarification...it's best to keep log postings in this forum.
Site management developed this forum (forum760) in part as a way to keep hijack log posting OUT of the Browser Issues forum.
Tired of waiting for an answer? Try asking better questions. See: faq222-2244
I don't think reformatting is unnecessary on a machine still running Win98 and one step away from the trash heap. The HD is probably FAT32. Reformatting (to NTFS) and reinstalling XP seems easier than installing HJT and trying to figure out what the logs are telling you once you learn the software and go through at least a half dozen steps to *try* to fix the problem.
The faq posted is good, but when you're starting all over, why not just go for it and actually start all over??
The faq posted is good, but when you're starting all over, why not just go for it and actually start all over??
Sounds like a classic ‘HOSTS file hijack’. An easy way to verify such an attack is to run ‘HiJackThis’ and look for O1 entries such as the following:
O1 - Hosts: 216.177.73.139 auto.search.msn.com
O1 - Hosts: 216.177.73.139 search.netscape.com
O1 - Hosts: 216.177.73.139 ieautosearch
If a repeating IP number pattern is found, any of the listed website names are all likely being undesirably hijacked since multiple entries are all being redirected to the same IP address.
You can always have HijackThis fix these, unless you knowingly put those lines in your Hosts file. (Know what you are doing here or ask for assistance in these forums before proceeding.) Many anti-spyware tools allow you to 'lock down' your HOSTS files to help avoid such occurrences.
While formatting and a clean install may solve the ‘immediate’ problem, the pattern of behavior shown by this user will likely ensure a succession of continuing problems (and your involvement) unless they are shown and are prepared to observe basic survival steps.
They need to start with or upgrade to a current and up-to-date anti-virus tool as one of their most basic security steps. In addition, insist that the virus checker really needs to have (and remains enabled) auto update capabilities and is renewed yearly. Unfortunately, dialup is not generally conducive to sustainable consistently executed security steps.
The next most important basic step is a firewall prior to beginning any ongoing interaction with the Internet.
See the following link as a good starting point and to help convince a user of easily addressed perils:
Basic PC Protection Steps – Starting Off Right to Help Keep It Right
Users always need to observe the following Simple Precautions:
A computer has no business being on the Internet (nor any reasonable expectations for continuing health prospects), if it doesn’t have all of the following – reliable and up-to-date virus checking, a firewall(s), up-to-date ‘critical updates’, and antispyware tools.
Vince
O1 - Hosts: 216.177.73.139 auto.search.msn.com
O1 - Hosts: 216.177.73.139 search.netscape.com
O1 - Hosts: 216.177.73.139 ieautosearch
If a repeating IP number pattern is found, any of the listed website names are all likely being undesirably hijacked since multiple entries are all being redirected to the same IP address.
You can always have HijackThis fix these, unless you knowingly put those lines in your Hosts file. (Know what you are doing here or ask for assistance in these forums before proceeding.) Many anti-spyware tools allow you to 'lock down' your HOSTS files to help avoid such occurrences.
While formatting and a clean install may solve the ‘immediate’ problem, the pattern of behavior shown by this user will likely ensure a succession of continuing problems (and your involvement) unless they are shown and are prepared to observe basic survival steps.
They need to start with or upgrade to a current and up-to-date anti-virus tool as one of their most basic security steps. In addition, insist that the virus checker really needs to have (and remains enabled) auto update capabilities and is renewed yearly. Unfortunately, dialup is not generally conducive to sustainable consistently executed security steps.
The next most important basic step is a firewall prior to beginning any ongoing interaction with the Internet.
See the following link as a good starting point and to help convince a user of easily addressed perils:
Basic PC Protection Steps – Starting Off Right to Help Keep It Right
Users always need to observe the following Simple Precautions:
A computer has no business being on the Internet (nor any reasonable expectations for continuing health prospects), if it doesn’t have all of the following – reliable and up-to-date virus checking, a firewall(s), up-to-date ‘critical updates’, and antispyware tools.
Vince
cmeagan656
Technical User
Carr:
Thanks for the clarification. I've seen posts of HJT logs in two or three places and was never sure which forum was the correct one to post to.
Dollie:
If Odis follows the FAQ he'll likely resolve the issues without having to run HJT. Also, Odis has already upgraded the machine to XP Pro.
Cheers.
Thanks for the clarification. I've seen posts of HJT logs in two or three places and was never sure which forum was the correct one to post to.
Dollie:
If Odis follows the FAQ he'll likely resolve the issues without having to run HJT. Also, Odis has already upgraded the machine to XP Pro.
Cheers.
- Thread starter
- #8
- Status
Similar threads
- Locked
- Question