Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Ted Simmons (tedsimmonsqwest.net)
Date: Tue Feb 26 2002 - 12:50:11 CST
I have run in to a simular problem,
I found that there was an extra Program that had modifyed the home page variable for
internet explorer - I found the culperate program in the start up items and in win.ini file.
The program would sense if the start page had changed and change it to its own page.
I would check the startup items - see what is loaded via the task manager ( compare
against no infected machine) and check the win.ini and other loading files for windows.
It was a harmless thing - and easy to remove.
------- Original Copy -------
>Subject: browser redirection to forward.domainname.at
>Date: 02/26/2002 11:03 AM
>A strange problem is surfacing on our network. Users will type in a website
>they have been to before, and they will be forwarded to
>and then to
>Have we been hit by a virus? Or is there some name resolution hack on the
>Typing in the ip address of a site
>http://184.108.40.206 for http://www.verisign.com for example
>goes to the correct site. nslookup prompts from the command line yeild the
>correct IP address.
>Workstations are Windows 2000 Professional SP2 with IE 6.
>Matthew van Eerde