need help: possible browser "hijack"?

[Flesh]

ok.. weird thing. I run the proxomitron web filter, sort of like an ad blocker etc.. and when i go to a website like blahg923898.com (something i know has NEVER been registered or anything), it shows the correct 404 message through the proxomitron.

however, when i try to go to a site that HAS been registered and is now suspended/whatever, like goatse, i get this bullshit LOP search page that I do not want. screenshot here:



if anyone can help.. please thanks

[tritium]

Man, if you were using MSIE, I would tell you to goto Tools>Internet Options>Programs and then click on "reset web settings" ...

Not sure if Mozilla uses the MSIE registry settings for search pages or not. Give my suggestion above a shot in Internet Explorer and see if that doesn't alleviate your search page woes in Mozilla. If not, we can edit the registry...

[tritium]

Have you run HijackThis? http://www.spychecker.com/program/hijackthis.html

How about the CWShredder?
http://www.spywareinfo.com/~merijn/c...tml#cwshredder

Got XP service pack 1a? This will help knock out the ByteVerify exploit on the Java VM (how the search pages keep getting hijacked)
http://www.microsoft.com/WindowsXP/p...p1/default.asp

[JohnnyRoyale]

There is a hack that can be done with DNS servers to return an address if they can't find one. Many ISP's will use this to promote their own web services. If I remember, even NetworkSolutions, who run the base level DNS servers, were talking about using this to promote their sitefinder service, however, since too any people could use a positive return to generate spam, I think the program was shelved.

You might want to check the page out, see where it's coming from (right click, properties), then call your ISP to see if they do this DNS hack. Although, if you're not getting it with not founds, then maybe their not.