.com.org

  • Thread starter Thread starter Raiderole
  • Start date Start date
R

Raiderole

Has anyone had any trouble with this website coming up
when trying to access other legit websites? (example:
www.www.microsoft.com.org) I have tried cleaning this out
of every place I can think of. Any one have a fix for this

Thanks
Mike Olson
 
In
Raiderole said:
Has anyone had any trouble with this website coming up
when trying to access other legit websites? (example:
www.www.microsoft.com.org) I have tried cleaning this out
of every place I can think of. Any one have a fix for this

Thanks
Mike Olson
Click to expand...


You can find who owns the domain name "com.org" by doing a 'whois' at
netsol.com.

Also, not exactly sure what you mean. Are you saying you type in"
www.microsoft.com
and it turns into:
www.www.microsoft.com.org ?

If this is the case, I would look into possible adware, BHOs and trojans. I
don't think this is a DNS issue, with the info you provided. Run Adaware 60
to insure at least that they are removed.

Here's some info on adware stuff from the IE newsgroups:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mmmh, yes.
This http://www.microsoft.com/italy/technet/support/mvp/spy.asp is similar
:-D
But many, many users have the problem in this days, also in your IE NG and
seems not solve.
Click to expand...

Just like anti-virus applications, users of anti-spyware applications such
as Ad-Aware, Spybot, SpywareBlaster, CWShredder, and HijackThis must always
seek updates before each and every use, even the first time the app is run:

Ad-Aware: new update today
Spybot: new update today
CWShredder: v1.53.0 is the current version
SpywareBlaster: database 29 Feb-04
HijackThis: v1.97.7 is current version
~~~~~~~~~~~~~~~~~~~~~~~~~

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
in message
: In : Raiderole <[email protected]> posted their thoughts,
then
: I offered mine
: > Has anyone had any trouble with this website coming up
: > when trying to access other legit websites? (example:
: > www.www.microsoft.com.org) I have tried cleaning this out
: > of every place I can think of. Any one have a fix for this
: >
: > Thanks
: > Mike Olson
:
:
: You can find who owns the domain name "com.org" by doing a 'whois' at
: netsol.com.
:
: Also, not exactly sure what you mean. Are you saying you type in"
: www.microsoft.com
: and it turns into:
: www.www.microsoft.com.org ?
:
: If this is the case, I would look into possible adware, BHOs and trojans.
I
: don't think this is a DNS issue, with the info you provided. Run Adaware
60
: to insure at least that they are removed.
:
: Here's some info on adware stuff from the IE newsgroups:
: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: >> The most frequent advise in those cases are:
: >> How to Disable Third-Party Tool Bands and Browser Helper Objects
: >> http://support.microsoft.com/?kbid=298931
: >> Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
: >> http://mvps.org/winhelp2002/unwanted.htm
: >
: > Mmmh, yes.
: > This http://www.microsoft.com/italy/technet/support/mvp/spy.asp is
similar
: > :-D
: > But many, many users have the problem in this days, also in your IE NG
and
: > seems not solve.
:
: Just like anti-virus applications, users of anti-spyware applications such
: as Ad-Aware, Spybot, SpywareBlaster, CWShredder, and HijackThis must
always
: seek updates before each and every use, even the first time the app is
run:
:
: Ad-Aware: new update today
: Spybot: new update today
: CWShredder: v1.53.0 is the current version
: SpywareBlaster: database 29 Feb-04
: HijackThis: v1.97.7 is current version
: ~~~~~~~~~~~~~~~~~~~~~~~~~

Only 2 things come from Oklahoma...

Domain ID:D8295-LROR
Domain Name:COM.ORG
Created On:17-Aug-1995 04:00:00 UTC
Last Updated On:25-Feb-2004 20:13:36 UTC
Expiration Date:16-Aug-2011 04:00:00 UTC
Sponsoring Registrar:R11-LROR
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:tuOw3q6d3eyCPCnX
Registrant Name:Scott Day
Registrant Organization:DigiMedia.com, L.P.
Registrant Street1:P.O. Box 279
Registrant City:Duncan
Registrant State/Province:OK
Registrant Postal Code:73534
Registrant Country:US
Registrant Phone:+1.5804759000
Registrant FAX:+1.5804759003
Registrant Email:[email protected]
Admin ID:tuOw3q6d3eyCPCnX
Admin Name:Scott Day
Admin Organization:DigiMedia.com, L.P.
Admin Street1:P.O. Box 279
Admin City:Duncan
Admin State/Province:OK
Admin Postal Code:73534
Admin Country:US
Admin Phone:+1.5804759000
Admin Email:[email protected]
Tech ID:tuOw3q6d3eyCPCnX
Tech Name:Scott Day
Tech Organization:DigiMedia.com, L.P.
Tech Street1:P.O. Box 279
Tech City:Duncan
Tech State/Province:OK
Tech Postal Code:73534
Tech Country:US
Tech Phone:+1.5804759000
Tech Email:[email protected]
Name Server:NS.OKDIRECT.COM
Name Server:NS2.OKDIRECT.COM

http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=digimedia.com+spyware

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;291382
 
R> Has anyone had any trouble with this website coming up
R> when trying to access other legit websites?

Only those people who have either (a) badly configured the search paths of
their DNS Client libraries, to bring back the problem that RFC 1535 noted ten
years ago, or (b) badly configured the (separate and additional) search path
behaviour of their web browsers, will have. Given the addition of the extra
"www" label at the front of the domain name (in contrast to most DNS Client
libraries only appending labels), I suspect the latter in your case.
 
-----Original Message-----
in message
: In : Raiderole <[email protected]> posted their thoughts,
then
: I offered mine
: > Has anyone had any trouble with this website coming up
: > when trying to access other legit websites? (example:
: > www.www.microsoft.com.org) I have tried cleaning this out
: > of every place I can think of. Any one have a fix for this
: >
: > Thanks
: > Mike Olson
:
:
: You can find who owns the domain name "com.org" by doing a 'whois' at
: netsol.com.
:
: Also, not exactly sure what you mean. Are you saying you type in"
: www.microsoft.com
: and it turns into:
: www.www.microsoft.com.org ?
:
: If this is the case, I would look into possible adware, BHOs and trojans.
I
: don't think this is a DNS issue, with the info you provided. Run Adaware
60
: to insure at least that they are removed.
:
: Here's some info on adware stuff from the IE newsgroups:
: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: >> The most frequent advise in those cases are:
: >> How to Disable Third-Party Tool Bands and Browser Helper Objects
: >> http://support.microsoft.com/?kbid=298931
: >> Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
: >> http://mvps.org/winhelp2002/unwanted.htm
: >
: > Mmmh, yes.
: > This http://www.microsoft.com/italy/technet/support/mvp/spy.asp
is
similar
: > :-D
: > But many, many users have the problem in this days, also in your IE NG
and
: > seems not solve.
:
: Just like anti-virus applications, users of anti- spyware applications such
: as Ad-Aware, Spybot, SpywareBlaster, CWShredder, and HijackThis must
always
: seek updates before each and every use, even the first time the app is
run:
:
: Ad-Aware: new update today
: Spybot: new update today
: CWShredder: v1.53.0 is the current version
: SpywareBlaster: database 29 Feb-04
: HijackThis: v1.97.7 is current version
: ~~~~~~~~~~~~~~~~~~~~~~~~~

Only 2 things come from Oklahoma...

Domain ID:D8295-LROR
Domain Name:COM.ORG
Created On:17-Aug-1995 04:00:00 UTC
Last Updated On:25-Feb-2004 20:13:36 UTC
Expiration Date:16-Aug-2011 04:00:00 UTC
Sponsoring Registrar:R11-LROR
Status:CLIENT DELETE PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:tuOw3q6d3eyCPCnX
Registrant Name:Scott Day
Registrant Organization:DigiMedia.com, L.P.
Registrant Street1:P.O. Box 279
Registrant City:Duncan
Registrant State/Province:OK
Registrant Postal Code:73534
Registrant Country:US
Registrant Phone:+1.5804759000
Registrant FAX:+1.5804759003
Registrant Email:[email protected]
Admin ID:tuOw3q6d3eyCPCnX
Admin Name:Scott Day
Admin Organization:DigiMedia.com, L.P.
Admin Street1:P.O. Box 279
Admin City:Duncan
Admin State/Province:OK
Admin Postal Code:73534
Admin Country:US
Admin Phone:+1.5804759000
Admin Email:[email protected]
Tech ID:tuOw3q6d3eyCPCnX
Tech Name:Scott Day
Tech Organization:DigiMedia.com, L.P.
Tech Street1:P.O. Box 279
Tech City:Duncan
Tech State/Province:OK
Tech Postal Code:73534
Tech Country:US
Tech Phone:+1.5804759000
Tech Email:[email protected]
Name Server:NS.OKDIRECT.COM
Name Server:NS2.OKDIRECT.COM

http://www.google.com/search?sourceid=navclient&ie=UTF- 8&oe=UTF-8&q=digimedia%2Ecom+spyware

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Online Support for IT Professionals -
http://support.microsoft.com/servicedesks/technet/default. asp?fr=0&sd=tech
How-to: Windows 2000 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN- US;308201
FAQ W2K/2K3 DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN- US;291382
Click to expand...
Fellas, you are correct..when I type www.microsoft.com it
will come up as www.www.microsoft.com.org. I have run ad-
aware. It comes up with nothing. I did do a whois and know
who is the culprit. I also read somewhere if you limit
your search on your url settings in IE this helps. Still
it is wierd.

Mike
 
In
Fellas, you are correct..when I type www.microsoft.com it
will come up as www.www.microsoft.com.org. I have run ad-
aware. It comes up with nothing. I did do a whois and know
who is the culprit. I also read somewhere if you limit
your search on your url settings in IE this helps. Still
it is wierd.

Mike
Click to expand...

You shouldn't need to limit anything in IE to stop this. Apparently there's
something installed doing it. Did you update Adaware before running it? You
should do this even if you just downloaded it. Run Spybot as well. You can
also run Hijack this and post the logs to their forum and those guys will
analyze it for you.

~~~~~~~~~~~~~
"HijackThis.exe" and Press "Scan". When the scan is finished, the "Scan"
button will change into a "Save Log" button.
Click: "Save Log" (generates: "hijackthis.log") HijackThis Tutorial
(recommended read)
Next, go to: http://www.spywareinfo.com/forums/ andpost the log.
~~~~~~~~~~~~~~~~~~

More info and specific instructions at that link I provided earlier:
http://mvps.org/winhelp2002/unwanted.htm

Also check your HOSTS file. Run an ipconfig /displaydns. You should only get
these results if you haven't ever altered it:

c:\>ipconfig /displaydns

Windows 2000 IP Configuration

localhost.
------------------------------------------------------
Record Name . . . . . : localhost
Record Type . . . . . : 1
Time To Live . . . . : 31484920
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . :
127.0.0.1


1.0.0.127.in-addr.arpa.
------------------------------------------------------
Record Name . . . . . : 1.0.0.127.in-addr.arpa
Record Type . . . . . : 12
Time To Live . . . . : 31484919
Data Length . . . . . : 4
Section . . . . . . . : Answer
PTR Record . . . . . :
localhost

If youg get results that are so many that it causes the screen to scroll,
then you got your HOSTS file hijacked and adaware or Spybot will not catch
it. One virus that causes this is the QHOST virus, but there are many
ActiveX BHOs and such that will alter your HOSTS file as well causing you
grief and getting results as you're seeing.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
MF> You shouldn't need to limit anything in IE to stop this.

It's almost certainly Microsoft Internet Explorer, or a plug-in added to it,
that is doing this.

MF> Also check your HOSTS file.

That won't be the cause. The domain names used in URLs that he is typing in
are being transformed using the pattern "www.%s.org" before their IP addresses
are looked up. This is the type of internal
web-browser's-own-search-path-mechanism transformation that generally occurs
_before_ DNS becomes at all involved in the procedure.

Hint: Look at Microsoft Internet Explorer's "AutoComplete" function. Does
anything seem familiar ? (-:
 
RH> Domain Name:COM.ORG

That is almost certainly irrelevant. DigiMedia almost certainly has nothing
to do with this at all.

Try instead laying the blame at whoever instructed his web browser to
transform the domain names, in the URLs that he types in, using the pattern
"www.%s.org".
 
Back
Top