Chris,

Check your HOSTS file for rogue entries:

%SystemRoot%\system32\drivers\etc\HOSTS

Also check proxies in Control Panel > Internet Options | Connections
for rogue entries.

Best wishes,
Damon

On 04/01/2006, at 6:31 AM, Chris Barber wrote:

> I have a user on a home network that has an oddity I have not seen
> before while using search engines. On the PC we have tried Yahoo,
> Google, MSN, Lycos, not sure but we may have done a few other, but the
> actions are all the same. We enter a search item, say ACE, and the
> results come back of course ACE Hardware is in the list. When I mouse
> over the link the URL displayed IE Status indicates the correct URL
> for ACE Hardware. Now when I or he clicks on the link we go to some
> other ads page, we click back and click the link a second time and get
> sent to a second ad site. After clicking back a second time and then
> clicking the link for the third time we get to the ACE Hardware site.
> One note on this is that the URL we are directed to is not the same as
> the link so I know it is not a DNS Hijack, but more of a redirect
>
> This happens with any and every site we have looked for in the last
> week or so. The "Anomaly" began shortly before Christmas.
>
> The PC is currently running ZoneAlarm and no messages have indicated
> any new software trying to gain access to the network. I have also
> run AdAware SE, Spybot, and MS Anti-Spyware. Currently running on the
> PC is Symantec AV with the latest updates, I have also run McAfee from
> a boot Disk.
>
> At this point I am thinking it may be some form of Browser Helper
> Object or some registry hack, but I am out of ideas to further
> investigate, clean and protect against this in the future.
>
> Does anyone have any suggestions or ideas on what I could try next?
>
> Thanks in advance for the help.
>
> Chris.

[ reply ]