Electronics & Computers Deals here!
Windows Me: Tried Everything! "Med Network" Possible Hijack.
Tried Everything! "Med Network" Possible Hijack.
by jolivares - 11/9/04 2:55 PMMy browser is constantly going to this "Med Network" home page. Doesn't matter what web page I try. It's an online pharmacy page.
Anyone else seen this?
I have Ad-ware, spybot, etc....
You name it I got it.
Any suggestions?
Re: Tried Everything! "Med Network" Possible Hijack.
by R. Proffitt
- 11/9/04 3:23 PM
In reply to: Tried Everything! "Med Network" Possible Hijack. by jolivares
Read http://reviews.cnet.com/5208-6127-0.html?forumID=9&threadID=40206&messageID=471205 and its response.
I'm not!
Bob
Re: Tried Everything! "Med Network" Possible Hijack.
by schatham - 11/11/04 8:03 AM In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by R. Proffitt
I've had this same problem since Friday on my ISP, and have Spybot 1.3, Ad Aware 6, McAfee 8 - all with the newest updates. All of them come back clean.
However, what I've noticed on the Med Network problem is that anything that you have to authenticate to (like Ebay's page, or Yahoo Messenger, or MSN Messenger, or a hard POP3 mail account) doesn't work whenever this "Med Network" thing is doing its thing.
I noticed it when I dialed my ISP, and tried to go to Google, or Yahoo or something, and it'd display the google.com or yahoo.com address in the address bar, but the screen would be overlaid with the "Med Network" stuff promoting cialis, viagra, etc. The links in it were javascript, and would display the URL (www.yahoo.com/whatever) when you held the mouse over them.
The above didn't address the Med Network problem, as scans with it came back clean.
Any ideas?
Plenty.
by R. Proffitt - 11/11/04 8:43 AM
In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by schatham
Most don't remove all spyware. I don't know why. Such is easy to spot with google.com research and either/both pestscan.com and hijackthis. Many are looking for programs like Adaware to just fix it.
More tools at http://forums.majorgeeks.com/showthread.php?t=35407
Bob
Re: Plenty.
by mwm - 11/18/04 8:05 AM In reply to: Plenty. by R. Proffitt
See my blog post about the Med RX (Med Network) apparent hijack
http://www.lastingmems.com/other/thetimes
In short I found some DNS resolvers cache corruption on our primary DNS server at the office. Stopped DNS, cleared chache and restarted DNS. All is well now.
-mwm
Re: Plenty.
by Yel Bou - 11/18/04 9:20 AM In reply to: Re: Plenty. by mwmI get a Forbidden error trying the link above.
Can you explain in details how you got rid of it?
Thanks
Re: Tried Everything! "Med Network" Possible Hijack.
by greglee - 11/22/04 2:15 PM In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by schathamWe had the same problem...but, got a tip from tek-tips.com forum...we had to clear our DNS server cache and reboot. This solved our problem...traffic was being redirected to Med Network site through our internal DNS server.
Re: Tried Everything! "Med Network" Possible Hijack.
by greglee - 11/22/04 2:21 PM In reply to: Tried Everything! "Med Network" Possible Hijack. by jolivaresWe had the same problem. Our fix was to clear the DNS cache on our DNS server. This fixed the problem.
Re: Tried Everything! "Med Network" Possible Hijack.
by Psillyme - 11/25/04 11:22 AM In reply to: Tried Everything! "Med Network" Possible Hijack. by jolivaresI've been fighting this "Med Network" problem for several weeks now. I use Ad-aware SE, Spybot, SpywareBlaster, HackThis, & NAV 2004. Nothing was found except a couple of DSO exploits, so I used the last resort; reformatting.
The first thing I did after reformatting was to install Spybot, Spywareblaster, Ad-awareSE, HackThis, and NAV 2004. All programs are the latest versions and updated with current definitions as appropriate. All was well for several days on my computer, but my wife continued to have the problems.
One by one I started adding my browser addons like ieSpell, FlashGet, Avant Browser,... until I got to the Google Toolbar. Upon installing it I immediately started having problems again. So I ran Ad-aware, Spybot, NAV, and HackThis. NOTHING was found AGAIN. I uninstalled the Google Toolbar, everything went back to normal. Hmmm. I went to my wife's computer and uninstalled the Google Toolbar. The problem went away! HMMMM!!
I am not happy about this. We've been using the Google Toolbar for years now. It appears that someone has somehow figured out how to feed their stupid ads through it. Try removing it on your system (in all browsers you have it installed in) and let me know if this solves the issue. Google is probably unaware they've been hacked, but I'd like to get some more data before I start in on them.
Thanks.
The simple issue is this.
by R. Proffitt - 11/25/04 11:44 AM
In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by Psillyme
Hijackthis does nothing. It's just a powertool for you to use to report to a Hijackthis forum and then follow their directions.
Did you do this?
bob
Re: The simple issue is this.
by Psillyme - 11/25/04 9:45 PM In reply to: The simple issue is this. by R. Proffitt
I have not been asked to submit one as of yet...
Re: Tried Everything! "Med Network" Possible Hijack.
by whozis - 11/25/04 7:53 PM In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by PsillymeI don't use the Google Toolbar, and never have, and still had the Med Network hijack. Using Norton Internet Security, I found an odd IP address listed by the Google address, www.google.com. It was 200.139.105.70. I entered it into the restricted network list of my Norton Personal Firewall, and was able to go to Google, but when I tried a search, it was hijacked again. I checked again, and found the IP address 200.157.21.206 by the Google entry. I entered it, and so far I am able to browse normally. This happened once before, and I had to block the addresses 218.234.22.222 and then 218.38.14.232. It seems that as soon as you block the first one, it immediately replaces it with a second one.
Re: Tried Everything! "Med Network" Possible Hijack.
by R. Proffitt - 11/25/04 8:27 PM
In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by whozis
Hijackthis might help. It's just a powertool for you to use to report to a Hijackthis forum and then follow their directions.
Did you do this?
bob
Re: Tried Everything!
by Psillyme - 11/26/04 11:21 AM In reply to: Re: Tried Everything! "Med Network" Possible Hijack. by R. Proffitt
I have not yet been asked to submit a HijackThis report. I am also posting in the MajorGeeks forum.
I HAVE manually input my ISP's DNS numbers and have set the secondary DNS to the primary. So far it appears the secondary DNS is not corrupt. I have still not yet heard from my ISP regarding rebuilding their primary DNS cache. Is that a lot of trouble? Or are they just being resistant to a request from someone who "know nothing"? 
Then everything was not tried...
by R. Proffitt - 11/26/04 11:35 AM
In reply to: Re: Tried Everything! by Psillyme
Now that you are posting a hijackthis log in a forum that supports it, then you may make progress.
If you don't get a response there, read http://reviews.cnet.com/5208-6132-0.html?forumID=32&threadID=27234&messageID=306550 about other forums that provide such service.
Bob
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
