|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Google-jacking?
> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Dave Temkin > Sent: Monday, December 01, 2003 3:08 PM > To: [email protected] > Subject: Re: Google-jacking? > > > FWIW, it's not a virus, it's something infrastructure related. All of the > systems that I've seen this on have all the latest DAT's and the proxy > servers it sits behind are virus scanning as well (for both email and web) > and use alternate vendors This is an Active-X exploit. It makes changes to your registry and DNS which is why you can't get to google. There are some other sites it munges too. If you can get to google on a working machine, search for the site that the infected machines are redirecting to and you'll find out how to fix your systems. Here's one of the URLs it returns: http://www.imilly.com/google.htm -Eric > > On Mon, 1 Dec 2003, Dave Temkin wrote: > > > Has anyone seen a situation on their internal networks where going to a > > (non-Google) page "Hijacks" them and they end up with either the Google > > front page or a broken link page? > > > > This happens on machines both with the toolbar and without, and we've > > seen it on machines on different networks/running different OS's. > > > > Just curious. > > Thanks, > > -Dave > >
|