Sign in to follow this  
slearwig

Possible Browser Hijacking

Recommended Posts

Hi,

 

My IE6 browser is suddenly being redirected to http://jumps.tunes4tones.co m

Remove the space between the co m to activate.

DO NOT CLICK THIS LINK UNLESS YOU ARE FULLY PROTECTED!

It usually occurs when the system is idle, maybe once every 5 or 10 minutes and appears to be a hijacking of my NetZero Free software (with adbars) and not the IE6 browser directly. I could be mistaken though.

 

I haven't noticed it yet with another non-commercial ISP in spite of using the same browser.

I've ran AdAware and AVG and am unable to detect the source.

I also ran Regedit and searched for "tunes4tones" to no avail.

Part of the problem is that the page is redirected through a fast intermediate redirect page with a different URL, something like "synth....com" but happens too fast to catch it. It then redirects to the tunes4tones site.

McCaffee Site Advisor has the "tunes4tones" site marked as unsafe in Red.

 

Any suggestions? I hope this can be detected by AdAware soon.

Share this post


Link to post
Share on other sites

I looked at both those URLs using a browsing tool that displays code instead of rendering the page(s). The intermediate appears to be a rather normal "This page has moved" message with a redirection address. The second appears to be a subscription ring tones site. Neither appeared to have any embedded malware/adware although I can certainly not vouch for any ring tones that you might install.

 

Given that this only occurs on your free NetZero account and that NetZero (Juno too) is known for both banner ads and pop-ups, I have to wonder if this is really adware or the normal functioning of NetZero free.

Share this post


Link to post
Share on other sites
Sign in to follow this