OT. Why can't I open Paypal site?

This site contains affiliate links for which LandyZone may be compensated if you make a purchase.
W

Wolverine

Guest
Sorry about this OT question but I'm really frustrated now!
T'other day my PC was acting really weird, Wireless internet (secure WEP)
looked like it was either receiving or sending data. We'd been out for
Dinner andnoticed it when I got back home. I went to shut down the PC but it
wouldn't, so I turned off the wireless and hit reset. After a restart the
Windows Firewall had been turned off, so I put it back on again. I am
Firewalled and Antivirused I also have PeerGuardian2 'cos I do download the
odd torrent file.
It could be coincidence but I doubt it...I can't get to Paypal site, it
comes up with the 'cannot find server or DNS error' message. All other sites
are fine. I have emptied cache, cookies, temporary internet folder and
history to no avail.
I set up my laptop onto my wireless network through the same modem/router
and I get to paypal first time...so I changed my password just in case!
Is their something I am missing?
Please help me!!!
Wolverine.
Defender 110 CSW


 
Paypal is working OK for me. Try rebooting your router it may be an ISP
problem and this sometimes helps.

"Wolverine" <[email protected]> wrote in message
news:[email protected]...
> Sorry about this OT question but I'm really frustrated now!
> T'other day my PC was acting really weird, Wireless internet (secure WEP)
> looked like it was either receiving or sending data. We'd been out for
> Dinner andnoticed it when I got back home. I went to shut down the PC but
it
> wouldn't, so I turned off the wireless and hit reset. After a restart the
> Windows Firewall had been turned off, so I put it back on again. I am
> Firewalled and Antivirused I also have PeerGuardian2 'cos I do download
the
> odd torrent file.
> It could be coincidence but I doubt it...I can't get to Paypal site, it
> comes up with the 'cannot find server or DNS error' message. All other
sites
> are fine. I have emptied cache, cookies, temporary internet folder and
> history to no avail.
> I set up my laptop onto my wireless network through the same modem/router
> and I get to paypal first time...so I changed my password just in case!
> Is their something I am missing?
> Please help me!!!
> Wolverine.
> Defender 110 CSW
>
>


 
Wolverine wrote:
> Sorry about this OT question but I'm really frustrated now!
> T'other day my PC was acting really weird, Wireless internet (secure WEP)
> looked like it was either receiving or sending data. We'd been out for
> Dinner andnoticed it when I got back home. I went to shut down the PC but it
> wouldn't, so I turned off the wireless and hit reset. After a restart the
> Windows Firewall had been turned off, so I put it back on again. I am
> Firewalled and Antivirused I also have PeerGuardian2 'cos I do download the
> odd torrent file.
> It could be coincidence but I doubt it...I can't get to Paypal site, it
> comes up with the 'cannot find server or DNS error' message. All other sites
> are fine. I have emptied cache, cookies, temporary internet folder and
> history to no avail.
> I set up my laptop onto my wireless network through the same modem/router
> and I get to paypal first time...so I changed my password just in case!
> Is their something I am missing?
> Please help me!!!
> Wolverine.
> Defender 110 CSW

It's possible some piece of fscknasty software has hopped onto your PC
and tried to redirect traffic to the Paypal site. Have a look at your
hosts file for entries that shouldn't be there.


--
EMB
 
Where would I look for them please EMB?
Wolverine
Defender 110 CSW


 

"Wolverine" <[email protected]> wrote in message
news:[email protected]...
> Sorry about this OT question but I'm really frustrated now!
> T'other day my PC was acting really weird, Wireless internet (secure WEP)
> looked like it was either receiving or sending data. We'd been out for
> Dinner andnoticed it when I got back home. I went to shut down the PC but
> it wouldn't, so I turned off the wireless and hit reset. After a restart
> the Windows Firewall had been turned off, so I put it back on again. I am
> Firewalled and Antivirused I also have PeerGuardian2 'cos I do download
> the odd torrent file.
> It could be coincidence but I doubt it...I can't get to Paypal site, it
> comes up with the 'cannot find server or DNS error' message. All other
> sites are fine. I have emptied cache, cookies, temporary internet folder
> and history to no avail.
> I set up my laptop onto my wireless network through the same modem/router
> and I get to paypal first time...so I changed my password just in case!
> Is their something I am missing?
> Please help me!!!
> Wolverine.
> Defender 110 CSW
>

(assuming you're on Windows) try installing
http://www.microsoft.com/athome/security/spyware/software/default.mspx and
see what it finds.

Tom
4.6 V8 90


 
Wolverine wrote:
> Where would I look for them please EMB?
> Wolverine
> Defender 110 CSW
>
>
What Operating System?

--
EMB
 
Sorry, XP Professional, Service Pack 2.
Wolverine.
Defender 1110 CSW


 
Thanks for that, it looks so good I'll leave it on...not good enough to find
anything wrong with my PC though.
Wolverine
Defender 110 CSW


 
Hi Tom.
Actually it has helped. I was just browsing through all the options, and
went into 'Advanced Tools/System Explorers/Windows Hosts File' after
remembering what EMB suggested and lo and behold at the bottom of the list
were paypal.com and eBay.com. I deactivated these as I always use .co.uk
addresses and it works now!
I'd still like to know what should/should not be in the 'host files' and how
I got in this mess in the first place.
Thanks.
Wolverine
Defender 110 CSW


 

"Wolverine" <[email protected]> wrote in message
news:[email protected]...
> Hi Tom.
> Actually it has helped. I was just browsing through all the options, and
> went into 'Advanced Tools/System Explorers/Windows Hosts File' after
> remembering what EMB suggested and lo and behold at the bottom of the list
> were paypal.com and eBay.com. I deactivated these as I always use .co.uk
> addresses and it works now!
> I'd still like to know what should/should not be in the 'host files' and
> how I got in this mess in the first place.
> Thanks.
> Wolverine
> Defender 110 CSW
>

The hosts file can be used to re-direct requests to a domain name (e.g.
paypal.com) to another server (IP address) on the Internet.
This takes priority over the usual DNS resolution provided by your Internet
provider.

In this case it was probably used maliciously to re-direct your request to
view paypal or ebay to another imitation site being run to collect usernames
& passwords.
The fact that rogue site was unavailable is probably because it has been
shut down or has moved on to a different IP address.
Probably a good idea to change your paypal.com and ebay passwords as soon as
possible and check for any suspicious transactions.

Hope this helps,
Tom


 
Wolverine wrote:
> Hi Tom.
> Actually it has helped. I was just browsing through all the options, and
> went into 'Advanced Tools/System Explorers/Windows Hosts File' after
> remembering what EMB suggested and lo and behold at the bottom of the list
> were paypal.com and eBay.com. I deactivated these as I always use .co.uk
> addresses and it works now!
> I'd still like to know what should/should not be in the 'host files' and how
> I got in this mess in the first place.

The only entry should be:

localhost 127.0.0.1

Something mailcious has got into your PC and made this change. You
should do a comprehensive virus scan with the latest definitions
installed and also use one of the spyware scan tools like Spybot
(http://www.safer-networking.org). Let us know what, if anything, it finds.


--
EMB
 
EMB wrote:

> Wolverine wrote:
>
>> Hi Tom.
>> Actually it has helped. I was just browsing through all the options,
>> and went into 'Advanced Tools/System Explorers/Windows Hosts File'
>> after remembering what EMB suggested and lo and behold at the bottom
>> of the list were paypal.com and eBay.com. I deactivated these as I
>> always use .co.uk addresses and it works now!
>> I'd still like to know what should/should not be in the 'host files'
>> and how I got in this mess in the first place.
>
>
> The only entry should be:
>
> localhost 127.0.0.1
>
> Something mailcious has got into your PC and made this change. You
> should do a comprehensive virus scan with the latest definitions
> installed and also use one of the spyware scan tools like Spybot
> (http://www.safer-networking.org). Let us know what, if anything, it
> finds.

If you want to clean up your hosts file try this. I used the previous
version - it worked fine.

http://www.majorgeeks.com/Hoster_d4626.html
 
> > Hi Tom.
> > Actually it has helped. I was just browsing through all the options, and
> > went into 'Advanced Tools/System Explorers/Windows Hosts File' after
> > remembering what EMB suggested and lo and behold at the bottom of the
list
> > were paypal.com and eBay.com. I deactivated these as I always use .co.uk
> > addresses and it works now!
> > I'd still like to know what should/should not be in the 'host files' and
how
> > I got in this mess in the first place.
>
> The only entry should be:
>
> localhost 127.0.0.1
>
Bugger me...........

I have been having trouble connecting to various places, mostly anti-virus
sites, and I have just checked my hosts file, and they are all in there,
mcafee, trendmicro, Symantec etc, and even Microsoft.com.
I assume this explains why I can never connect to any of these sites!

Do I need to delete all these entries then?


 
SimonJ wrote:
>>>Hi Tom.
>>>Actually it has helped. I was just browsing through all the options, and
>>>went into 'Advanced Tools/System Explorers/Windows Hosts File' after
>>>remembering what EMB suggested and lo and behold at the bottom of the
>
> list
>
>>>were paypal.com and eBay.com. I deactivated these as I always use .co.uk
>>>addresses and it works now!
>>>I'd still like to know what should/should not be in the 'host files' and
>
> how
>
>>>I got in this mess in the first place.
>>
>>The only entry should be:
>>
>>localhost 127.0.0.1
>>
>
> Bugger me...........
>
> I have been having trouble connecting to various places, mostly anti-virus
> sites, and I have just checked my hosts file, and they are all in there,
> mcafee, trendmicro, Symantec etc, and even Microsoft.com.
> I assume this explains why I can never connect to any of these sites!
>
> Do I need to delete all these entries then?
>
>
Sure does. Assuming Windows XP you'll find the file in
C:\windows\system32\drivers/etc - it's called hosts without an extension.

There should also be a sample hosts file called hosts.sam that you can
just copy over the original hosts file to restore things to their
original configuration.

However something has made the change so it's well worth having a good
check of the machine for malicious programs that have no right to be there.

--
EMB
 
Tried the Spybot program EMB suggested, found a couple of Tracking Cookies -
not much to worry about but then found a lot of stuff that redirected host
files such as...
My Soft - which redirected www.microsoft.com
Smitfraud-C - which redirected www.grisoft.com and kapersky-labs.com
SurfSideKick - which redirected just about every Antivirus site I can think
of!
and finally two registry entries entitled...
Windows Security Center.AntivirusOverride - AntiVirusOveride!=dword:0
Windows Security Center.AntivirusDisableNotify -
AntiVirusDisableNotify!=dword:0
So again thanks for another good program! It found and removed 38 entries in
all. 5 Cookies and then the redirected hosts and registry entries.
Needless to say I have made sure that only the host listed is 'localhost
127.0.0.1'
Thanks all who helped!
Wolverine
Defender 110 CSW


 
Wolverine wrote:
> Tried the Spybot program EMB suggested, found a couple of Tracking Cookies -
> not much to worry about but then found a lot of stuff that redirected host
> files such as...
> My Soft - which redirected www.microsoft.com
> Smitfraud-C - which redirected www.grisoft.com and kapersky-labs.com
> SurfSideKick - which redirected just about every Antivirus site I can think
> of!
> and finally two registry entries entitled...
> Windows Security Center.AntivirusOverride - AntiVirusOveride!=dword:0
> Windows Security Center.AntivirusDisableNotify -
> AntiVirusDisableNotify!=dword:0
> So again thanks for another good program! It found and removed 38 entries in
> all. 5 Cookies and then the redirected hosts and registry entries.
> Needless to say I have made sure that only the host listed is 'localhost
> 127.0.0.1'
> Thanks all who helped!

Now.... turn off system restore, restart in safe mode and run it again
just in case there's any stuff hiding and waiting for it's moment to
reappear.

--
EMB
 
On Wed, 02 Nov 2005 18:34:11 +1300, EMB <[email protected]> wrote:

>Wolverine wrote:
>> Tried the Spybot program EMB suggested, found a couple of Tracking Cookies -
>> not much to worry about but then found a lot of stuff that redirected host
>> files such as...
>> My Soft - which redirected www.microsoft.com
>> Smitfraud-C - which redirected www.grisoft.com and kapersky-labs.com
>> SurfSideKick - which redirected just about every Antivirus site I can think
>> of!
>> and finally two registry entries entitled...
>> Windows Security Center.AntivirusOverride - AntiVirusOveride!=dword:0
>> Windows Security Center.AntivirusDisableNotify -
>> AntiVirusDisableNotify!=dword:0
>> So again thanks for another good program! It found and removed 38 entries in
>> all. 5 Cookies and then the redirected hosts and registry entries.
>> Needless to say I have made sure that only the host listed is 'localhost
>> 127.0.0.1'
>> Thanks all who helped!
>
>Now.... turn off system restore, restart in safe mode and run it again
>just in case there's any stuff hiding and waiting for it's moment to
>reappear.

You could also make your hosts file read only. It might cause
something to fart further down the line, but for a 'normal' user
there's unlikely to be anything legitimately writing to that file.


--

Tim Hobbs

'58 Series 2 88" aka "Stig"
'03 Volvo V70
 
On or around Tue, 1 Nov 2005 18:01:19 -0000, "Wolverine"
<[email protected]> enlightened us thusly:

>I set up my laptop onto my wireless network through the same modem/router
>and I get to paypal first time...so I changed my password just in case!
>Is their something I am missing?
>Please help me!!!

you're not using Windows(TM)Firewall(TM) are you?

personally, given mickeysnot's record on security, I don't use *any* of
theirs - instead I have products from people who make it their business to
produce such software.

The router here has a basic firewall which is configured to stop basic sorts
of attacks, and I have Agnitum Outpost as a soft firewall on the machine,
which is nicely configureable (there are others, such as Zone Alarm) and
lets you set not only which software is allowed to connect (or not connect)
but which sites it's allowed to connect to.

I also have F-prot anti-virus (I like their quality of service compared to
lbooyd symantec, who seem to be taking over the world or trying to - I see
they've swallowed up Partition Magic now as well, buggrem.

Recently ('cos I got a licence number for it with a renewal of Outpost) put
Agnitum Tauscan ("Bolts the back door to your computer") which found a
couple of spyware or suchlike things that Spybot SD missed. It fights with
F-prot's real-time protector when scanning though...
--
Austin Shackles. www.ddol-las.net my opinions are just that
"Brevis esse laboro, Obscurus fio" (it is when I struggle to be
brief that I become obscure) Horace (65 - 8 BC) Ars Poetica, 25
 
On or around Tue, 1 Nov 2005 22:03:57 +0000 (UTC), "SimonJ" <[email protected]>
enlightened us thusly:

>> > Hi Tom.
>> > Actually it has helped. I was just browsing through all the options, and
>> > went into 'Advanced Tools/System Explorers/Windows Hosts File' after
>> > remembering what EMB suggested and lo and behold at the bottom of the
>list
>> > were paypal.com and eBay.com. I deactivated these as I always use .co.uk
>> > addresses and it works now!
>> > I'd still like to know what should/should not be in the 'host files' and
>how
>> > I got in this mess in the first place.
>>
>> The only entry should be:
>>
>> localhost 127.0.0.1
>>
>Bugger me...........
>
>I have been having trouble connecting to various places, mostly anti-virus
>sites, and I have just checked my hosts file, and they are all in there,
>mcafee, trendmicro, Symantec etc, and even Microsoft.com.
>I assume this explains why I can never connect to any of these sites!
>
>Do I need to delete all these entries then?
>

I wouldn't connect to Symantec if they paid me. Well, if they paid me in
6-figure sums, I might :)
--
Austin Shackles. www.ddol-las.net my opinions are just that
Soon shall thy arm, unconquered steam! afar Drag the slow barge, or
drive the rapid car; Or on wide-waving wings expanded bear the
flying chariot through the field of air.- Erasmus Darwin (1731-1802)
 
On Tuesday, in article
<[email protected]>
[email protected] "SimonJ" wrote:

> > > Hi Tom.
> > > Actually it has helped. I was just browsing through all the options, and
> > > went into 'Advanced Tools/System Explorers/Windows Hosts File' after
> > > remembering what EMB suggested and lo and behold at the bottom of the
> list
> > > were paypal.com and eBay.com. I deactivated these as I always use .co.uk
> > > addresses and it works now!
> > > I'd still like to know what should/should not be in the 'host files' and
> how
> > > I got in this mess in the first place.
> >
> > The only entry should be:
> >
> > localhost 127.0.0.1
> >
> Bugger me...........
>
> I have been having trouble connecting to various places, mostly anti-virus
> sites, and I have just checked my hosts file, and they are all in there,
> mcafee, trendmicro, Symantec etc, and even Microsoft.com.
> I assume this explains why I can never connect to any of these sites!
>
> Do I need to delete all these entries then?

Very short answer: Yes.

The localhost entry isn't essential; the IP address 127.0.0.1 is your
own machine, and this would let you run a client and a server on your
machine so they could talk to you while not connected to the Internet.
All that localhost entry does it give it a name.



--
David G. Bell -- SF Fan, Filker, and Punslinger.

"I am Number Two," said Penfold. "You are Number Six."
 
You must log in or register to reply here.

Similar threads

R
OT: wireless network
Replies
6
Views
720
Dave Gibbs
D
Back
Top