|02-19-2011, 02:30 PM||#1 (permalink)|
Join Date: Feb 2009
Facebook url hijacked
On my other computer, my facebook URL has been hijacked. If I type www. facebook . com, then it gets redirected to something called socialsurveycenter . com and there is no way out of it.
I think it probably occurred a few weeks ago when I was getting problems getting on to facebook - what I have found is that if I am already signed on to FB, then it hangs for ever and never finishes loading the page. However, I deleted the stored passwords today from Firefox browser and found this hijack. Btw it wasn't loading from Opera or IE8 either so the hijack is buried somewhere!
If I typed the direct 66.??? etc number in, then it does load ok initially, but if I close the tab and attempt to reopen using the same, it hangs again.
My anti-virus/spyware hasn't picked it up and I have also looked at all 'hosts' files and they haven't been modified since 2008 and appear to be blank.
I did download hijack this but it wasnt very informative.
I guess what I want to know is the most likely location for a file that tells www. facebook . com to redirect to this other url and how do I fix it?
|02-19-2011, 05:00 PM||#3 (permalink)|
Join Date: Oct 2010
Yeah, uninstall and reinstall firefox to a different directory.
Doesn't take long and it's worth a try.
Or does it happen on IE also?
Either way get
Sandboxie - Sandbox software for application isolation and secure Web browsing
and always run your browser in it.
If you get infected you just delete and recreate the sandbox.
No real system files get infected.
Best prog Microsoft hasn't stolen yet.
Last edited by sorter; 02-19-2011 at 05:11 PM.
|02-19-2011, 05:29 PM||#4 (permalink)|
Join Date: Nov 2006
Location: Berlin, Germany
Is this the same computer who had beforehand trouble to connect to facebook?
If it is it seems that you have some malware on the computer. As you live in Egypt it might be political.
If you have an internet connection that allows you to download big files I would recommend to download a life linux CD. At best a CD that also has Tor installed
Then run that CD and reset all your passwords. You don't need Tor for the resetting of your passwords but having a CD with Tor handy could help in future if you try to sent messages anonymously.
After you are done go back to the malware problem.
I think you should go to superuser.com and describe all the issues with being in Egypt and connecting with facebook. Say with AntiVirus/AntiSpyware products you have run.
I could imaging that there are a bunch of Western hackers who have an interest in the kind of malware that someone uses to prevent people in Egypt from accessing facebook.
If you have wrote up your problem for superuser.com you might also write EMail to the provider of your AntiVirus/AntiSpyware program.
Those people might be interested in malware that their program can't identify.
|02-19-2011, 09:43 PM||#5 (permalink)|
Join Date: Feb 2009
Ok thanks- a few good things to try there!
It's happening with all browsers on one computer, but using the same USB dongle internet connection, not happening on the other computer.
I did just have an idea to log on to the 'puter as a different user and see if happens then so I would have an idea whether it is in the documents and settings path somewhere.
|02-19-2011, 10:46 PM||#6 (permalink)|
Join Date: Nov 2010
Location: West Coast USA
I've seen many faux facebook sites when I've accidentally mistyped the url. They use the same colors and typefaces (fonts) as facebook and probably hijack the browser in some way. Once I've loaded the impostor page Firefox saves the url, which makes it easy to accidentally enter that url the next time unless it's deleted.
|02-20-2011, 09:32 PM||#9 (permalink)|
Join Date: Nov 2006
Since it's happening in other browsers, re-installing Firefox probably won't make any difference. It's basically malware that is messing with the DNS on your machine. A DNS server is something that converts a domainname, like facebook.com, into a IP number (e.g. 188.8.131.52).
You can check this by opening the command prompt on Windows (Terminal on Mac and Linux), and enter 'ping facebook.com'. Facebook actually has three IP numbers, because they're huge, but it should be one of the following.
You could also use something that traces what jumps are made. On windows you can try mturoute.exe - check the mtu values between you and a host It should start with your machine IP, your router/modem, your service provider and then some server out in the world.
That said, try installing and running Malwarebytes It often finds nasty software, that other virus killers have missed.
The AVG Rescue CD might also be worth a shot. It's a live CD, that includes AVG's virus scanner. The advantage about scanning this way, is that you're not running Windows when doing the scan, so that any system parts that may be corrupt and prevent other anti-virus from finding it, are not running, so can be found.
|02-22-2011, 02:50 PM||#13 (permalink)|
Join Date: Jan 2009
This sounds like a problem with your hosts file. This is a local file on your computer that maps human-readable names to numeric addresses. Some malware has probably added an entry to your host file to direct facebook.com requests elsewhere.
More info: http://en.wikipedia.org/wiki/Hosts_(file)
|02-23-2011, 04:28 PM||#14 (permalink)|
Join Date: Feb 2011
Sounds like a "fake-redirect" virus.
Try running malwarebytes - I've had success curing these types of problems with it.
Also, in my opinion you should be running a good security suite such as Norton Internet Security or Kaspersky, Make sure you get the suite and not just the anti-virus version - I've found it well worth it, no problems in two years using Norton...(knock on wood).
Last edited by Bradman; 02-23-2011 at 04:35 PM.
|03-03-2011, 06:34 AM||#15 (permalink)|
Join Date: Feb 2009
Ho hum.... faceboook. com was one issue .... took me forever to spot it! I blame wonky eyesight and a small screen..
I don't know how, but I ran the malwarebytes and it found 2 apparently unrelated problems, but seems to have speeded everything up!
Anyway, thanks for your advices chaps! Just glad to have a normally functioning FB again on this 'puter!
|Thread||Thread Starter||Forum||Replies||Last Post|
|moonrambler||Social & Relationships||37||06-21-2010 02:25 PM|
|IE8 has hijacked my computer||CoolBee||Technology & Technical Skills||8||11-17-2009 09:08 AM|
|Footballman||Social & Relationships||11||06-11-2009 04:50 PM|
|I don't have a facebook||blaerG||Social & Relationships||14||02-09-2009 08:55 PM|
|Nutrition science has hijacked our meals||Erki||Health & Fitness||4||04-16-2008 01:32 PM|
All times are GMT. The time now is 05:56 PM.