Correct URL Address - But Goes to Wrong Site

Running Win XP Pro SP2 & IE 6 in Dual Boot Drives C & D

Not sure where to post this but I need help.

Have the identical URL address in both Favorites folders in disk C and D. The url in the C drive no longer takes me to the correct site but now takes me to a web hosting site (Stations51Networks -69.10.152.159). The address in IE6 indicates the correct site but the page is for the Station51 Networks site. The url in the D drive still takes me to the correct site.

As I said, duplicate url addresses taking me to different sites depending on which OS I boot into.

Tried deleting the url in C drive from hosts files, registry and favorites folder and trying to enter the url address in IE6 but that still takes me to the wrong site.

Flushed DNS and emptied IE cache. Same problem - wrong site.

Installed Firefox browser thinking it might be IE6 but same problem.


Any suggestions?

 

In the problem install, check the location of the HOSTS file as specified in the registry. The default location is %SystemRoot%\System32\drivers\etc and can be verified using regedit or REG from a cmd prompt...

Code:

C:\>REG QUERY HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters|find  "DataBasePath "
    DataBasePath        REG_EXPAND_SZ   %SystemRoot%\System32\drivers\etc

 

Angel71

Thank you. I'll check when I get home.

 

buzzmag--Seems like you may have spyware in the C drive.
Use a spyware detector. Before using these tools, be sure you have updated with the latest reference files.
AdAware
http://www.lavasoft.de/support/download/
SpybotS&D
http://www.safer-networking.org/

If that does not help suggest you download, install and scan with HiJackThis and then, if you wish, before deleting anything, post the HJT log here. Some one may be able to help interpret what to do.
HJT
http://www.spywareinfo.com/~merijn/downloads.html
P.S.

Are you saying that the Address bar indicates the "correct site's" URL but you are actually at the station51 site? Or just that the correct URL is in the Favorites properties and you are being redirected.

 

Welshjim,

Already ran AdAware, Search & Destroy and Pest Patrol and found nothing. Ran HijackThis and nothing there.

Yes, the address bar indicates the URL I always used to get to that address but I end up on the Station51Networks page.

I've done everything I could think of but nothing has worked.

Angel71

The host file is where it's supposed to be in the registry.

 

Clutching at straws a little here, but have you gone into Internet Options and under the Content/Autocomplete tab cleared and then unticked everything?

 

Just went into Internet Options and under the Content/Autocomplete tab cleared and then unticked everything. Same problem.

Thank you anyway.

 

Hello buzzmag,

If you haven't, try the following. Using the OS where it doesn't work, go to the site by clicking on the entry in the Fav's of the OS where it does work, then when you get to the site, add the the site to the Fav folder again, over writing the current one.

I dual boot as well and access sites from the other OS's Favs all the time, not because of a problem, but beause I don't have identical Fav entries.

Regards - Charles

 

charlesvar

Already tried that. It still take me to the wrong site. The url in the second boot OS is identical to the url in the first boot OS.

Thank you anyway

To all who posted. Thank you. I can't even begin to think of where else to look or what else to try

 

You have a re-direct some where and this sounds a lot like a Host file redirect, classic symptom.

There is a program that will scan for host files, you may have more than one. There is malware that will create it's own Hosts file. The program is called HostsFileReader by Explicit Software Solutions. I don't have the link.

Regards - Charles

 

Charles,

Thank you that did it. HostsFileReader corrected the problem.

 

Hi buzzmag,

Great! Thanks for posting back.

Regards - Charles

 

Same problem!

Hi - please let me know the site address for Explicit Software solutions as I have the same problem but cannot find the site

Thanks Sus

 

Hello Sus,

http://forum.gladiator-antivirus.com/index.php?showtopic=10836

It is an executable - no install, just double click. So download it to the appropriate folder where you keep software.

Regars - Charles

 

charlesvar--What does HostsFileReader do that just opening the HOSTS file up in Notepad or WordPad won't do?

 

Hi jim,

It scans for other Host files. There was a specific piece of malware that made it's rounds some time ago that would make an adulterated copy and put it somewhere else on the HD. That's how I came upon this program, which was used to combat this. This is not a conventional attack and very hard to detect if you don't know what you're looking for.

Regards - Charles

 

Welshjim,

I don't know exactly how HostsFileReader works but I spent 3 weeks trying to figure out why I was not able to get to a site I've been using for years. Used HostsFileReader and it fixed my hosts file. Problem solved.

 

Thanks to both of you.

 

Dear Charles,

SORTED!!!

Many many thanks

Kind regards Sus

 

Hi Sus,

Wonderful - thanks for posting back with the news.

Regards - Charles