PDA

View Full Version : wrong newtek



prospector
06-06-2005, 11:36 PM
When going to Newtek on my Win2000 mach I keep getting this;

But not on my Win XP Pro mach or even the Win XP one.
Have tried various scans with about 4 programs and I just keep getting this.

Anyone else get it and how did you get rid of it???

umstitch
06-07-2005, 01:55 AM
winxp pro here and i ve been getting this too, as if the route to newtek is hijacked, doesnt seem to be virus or anything like that :eek:

Surrealist.
06-07-2005, 03:02 AM
Yep got it here too on Win XP

Off and on though. Thought it was spyware but the scan kept coming up clean.

nemac4
06-07-2005, 03:53 AM
works fine here,.. running win2k with firefox

mattclary
06-07-2005, 06:44 AM
I'm no web guru, but I think this is a DNS problem. It may originate at your ISP or organization. You might try running adaware and spybot on your machine also.

Speedmonk42
06-07-2005, 06:51 AM
It does not happen all the time.

Ran everything. SpyBot, Adware, Norton

Still happens occasionally.

I thought I was going insane.

prospector
06-07-2005, 08:08 AM
ran adware, spyware,nortons, fix it 5, strange thing is thjat I can connect to site and all links work fine but the one that goes to the discussion forum, only this one does it.

dbigers
06-07-2005, 08:22 AM
It is some kind of DNS routing error. I have the forums bookmarked. When I hit that bookmark it was taking me to that site. It was happening yesterday here at work and on my home machine. Two different ISP's. Problem cleared up yesterday afternoon though.

lede
06-07-2005, 08:48 AM
This is definatly a DNS issue. There are a couple of places this could be problematical.

First like said before it could be at your Internet Service Provider's DNS server. If this is the case all you can do is wait for their server to update from the TLD servers. Now then if your other machines are fine the computer in question could of cached the resolution and until windows decides it time to expire the resolution and get an update from their primary DNS server your going to get the cahced resolution. If this is the case just reboot the machine and you should be fine.

Second place to look is on some attacks your local "hosts" file will get hammered which will effect where your browser. Usually this attack comes from hackers who want to hide Anti-Virus updates from your computer so they put in bogus resolutions to the most common virus writters web sites. Do a search for this file and open it in notepad (which btw has the best interface). Normally this file should only have the loop back for localhost defined.

Hope it clears up for every one.

-Lee

UnCommonGrafx
06-07-2005, 09:51 AM
Chuckle,
Maybe it's all those sites and forums that are trying to make way for their old friend's software.

iaef
06-07-2005, 11:54 AM
I believe that this one is an identity theft case. You see, this company is trying to get hits. Thay crawl the web in search of most popular search links, and hang around it. It is made on purpose. Also, on monday there was a problem on the main internet nodes so all DNS searches were scrambled.

mattclary
06-07-2005, 12:56 PM
I think Steve Jobs did it. :cool:

prospector
06-07-2005, 12:57 PM
OK found the little bugger.
On windows 2000
delete everything in cookies with the word searchportal,
then in the regedit do same THEN
also in regedit go;
H_KEY_CURRENTUSER;
Software;
Microsoft;
Current ver;
Zonemap;
Domains

In one of those folders for domains there was a searchportal key.

deleted it and all is good.

There should be a law that makes ANYONE who puts stuff on my computer without me physically hitting a download button, criminally liable and should spend mandatory 30 years in hard labor in some Russian gulag in Siberia with no chance of paroll or lawyers or amnisty international, Red Cross, or doctors.

That includes cookies.

**** twits.

robewil
06-07-2005, 01:08 PM
There should be a law that makes ANYONE who puts stuff on my computer without me physically hitting a download button, criminally liable and should spend mandatory 30 years in hard labor in some Russian gulag in Siberia with no chance of paroll or lawyers or amnisty international, Red Cross, or doctors.
That includes cookies.You do realize Newtek stores a cookie on your machine when you use this forum, right?

Chuck
06-07-2005, 01:21 PM
There was a DNS issue due to our ISP lapsing a domain name that used to be one of our DNS servers. We were able to make changes on our servers to account for this, so no one should encounter the difficulty from this point forward.

prospector
06-07-2005, 01:36 PM
Thanks Chuck!

You do realize Newtek stores a cookie on your machine when you use this forum, right?
Yep, but they ask if I want it and give me the option to refuse, which just makes me reinstall user name and password.

I'm referring to the ones that install them just when you go to a website and look.

robewil
06-07-2005, 01:47 PM
You do realize Newtek stores a cookie on your machine when you use this forum, right?
Yep, but they ask if I want it and give me the option to refuse, which just makes me reinstall user name and password.

I'm referring to the ones that install them just when you go to a website and look.Nope. I just erased my Newtek cookie and re-logged in with the "Remember Me" box unchecked. The cookie came back anyways.

MiniFireDragon
06-07-2005, 02:31 PM
Prospector:

You do know that YOU allowed those things on your PC. There are setting inside IE and most other web browsers to not allow Javascripts, OCX's, cookies or other things onto your PC.

And also, you might want to look for a file called "hosts" no extention to it. Inside the file you will find a bunch of remarked lines then a

127.0.0.1 localhost

anything beyond that can be safely erased. Keep in mind that programs like spybot search and destroy modify this list to keep you from actually going to bad websites. I think (but I am not 100pct sure as I write this) that a listing like:

127.0.0.1 www.some website address.com

is something added by spybot. Basically it takes the website you typed in and if it matches the name in the list, it redirects you to a file on your hard disk.

Another useful app is lspfix. It helps fix winsock redirects and hijacks (which is what happened to you it sounds like)

prospector
06-07-2005, 04:18 PM
The point is I don't want to get any programs or make special settings to anything.

It's like junk mail...I don't want them.
A law for 30 years mandatory hard labor will fix it and I have to buy nothing.

But looks like it was on this site so I guess this thread is done :)

iaef
06-07-2005, 04:39 PM
OK found the little bugger.
On windows 2000
delete everything in cookies with the word searchportal,
then in the regedit do same THEN
also in regedit go;
H_KEY_CURRENTUSER;
Software;
Microsoft;
Current ver;
Zonemap;
Domains

In one of those folders for domains there was a searchportal key.

deleted it and all is good.

There should be a law that makes ANYONE who puts stuff on my computer without me physically hitting a download button, criminally liable and should spend mandatory 30 years in hard labor in some Russian gulag in Siberia with no chance of paroll or lawyers or amnisty international, Red Cross, or doctors.

That includes cookies.

**** twits.

Sadly there is a similar initiative from intel and some security companies that are trying to make legal for someone to get into your computer (without asking for permission) and eliminate viruses and similars if your computer is attacking because it is infected.

Surrealist.
06-07-2005, 07:49 PM
I am still getting this both on the bulletin and on newtek randomly.

Just FYI to Chuck or anybody at Newtek.

prospector
06-08-2005, 07:42 AM
well last night it came back.

every link I have works correctly except Newtek. On all compys now.
Used Spydoctor, Xoftspy, NoAdware, Nortons, Trend, Fixit 5, and all say there is nothing.
It keeps sending me to searchportal.domainsponsor_com but not typed like that cuz I didn't want to create an actual link.
Daz works fine, Flay works fine, MSN workd fine, all favorites links work fine but Newtek.

mattclary
06-08-2005, 08:17 AM
Can you hit this?

http://66.28.224.91/

prospector
06-08-2005, 08:40 AM
yep and I can see all the pix on the top of the page too, whereas the other all I see is red X's

Oops not really
red X's only on Discussion forum link, main Page OK.

gjjackson
06-08-2005, 10:21 AM
There are a number of things. Check the Run key in the registry under Local Machine and Current User. In the IE settings I always leave off

Enable Install On Demand (IE)
Enable Install On Demand (Other)
Enable third pary browser extensions.

This is how many of the Ad Ware programs get into your system. I also use the Avant browser because it has (under the tools menu) simple click items for Disabling Java Scripts, Active X and Java Applets.

Some of this adware can be difficult to remove. Check in the Taskmgr if any odd named programs are running. There are some you can delete and they just propagate into another named file.

-NG-
06-08-2005, 10:37 AM
Get firefox.

Sastira
06-08-2005, 11:07 AM
I shan't reiterate all that has been said about DNS and all that. I only wish to add that perhaps it may be beneficial to force Windows to flush out your DNS cache. To do so:

Start->Run->"cmd"->Ok

In the command prompt:

"ipconfig /flushdns"
"exit"

You have now flushed the contents of your local DNS cache. From now on, every time you try to resolve a domain name, you computer will query your ISP's DNS server. Once you have queried it, what was resolved will be stored in your local cache.

If you wish to "disable" the local DNS cache, follow this article:

http://support.microsoft.com/?id=245437

Kurtis
06-08-2005, 02:19 PM
We still have some issues to work out with our ISP. Our MIS department has been working with them to get this corrected ASAP. Word is that this should be taken care of by the end of the day. Thank you for your patience.

I was going to try to come up with some more acronyms, but I thought I'd let it stand at 3. :D

Surrealist.
06-08-2005, 02:29 PM
Whatever happened to what Chuck was talking about?


There was a DNS issue due to our ISP lapsing a domain name that used to be one of our DNS servers. We were able to make changes on our servers to account for this, so no one should encounter the difficulty from this point forward.

And what does that have to do with the solutions?

I'm not IT professional but the plain english version says it is something that originated at Newtek. Before I go chassing down one of these solutions I just want to be sure we are all tracking here, is all.

Do we have this as the actual source of the problem as Chuck said?

If so what will fix it?

Kurtis
06-08-2005, 02:40 PM
What Chuck and I both posted is correct. The problem lies with our ISP's domain name server. It was a little more complicated to correct than was originally estimated. They are chasing down all the loose ends now.

prospector
06-08-2005, 03:31 PM
cool, cuz I got firefox and downloaded another 5 program trials to see if they could find what's wrong, at least now I can quit pulling out my hair, beating on wife, throwing keyboards. :D :D

Surrealist.
06-09-2005, 07:19 AM
What Chuck and I both posted is correct. The problem lies with our ISP's domain name server. It was a little more complicated to correct than was originally estimated. They are chasing down all the loose ends now.

Thanks!

Looks like we posted about the same time so I didn't get your first one.

So far so good over here. :)

prospector
06-09-2005, 09:17 AM
Yea me too....so far so good

Knock on wood

Kurtis
06-09-2005, 09:19 AM
Glad it's working for you. We believe they've gotten everything straightened out now, but please let us know if you run into any more problems.