cancel
Showing results for 
Search instead for 
Did you mean: 

Has my browser been hijacked?

N/A

Has my browser been hijacked?

I've recently enabled the content filter on my router and set it to block URLs that contain "atdmt", "doubleclick", and other known providers of "targeted advertising". However, a large slice of the Web has now become unavailable.

Typically, I'll be using a site like autotrader or ebay and a link there will bring up the page I expect, then the page seems to redirect to (usually) atdmt. For example, one eBay search should have directed to
http://search.ebay.co.uk/search/search.dll?

from=R40&_trksid=m37&satitle=sunncamp+ultima
but as soon as the page loaded, it was replaced by the "page blocked" message and the address changed to
http://view.atdmt.com/CHU/iview/nnmsxchi0050000034chu/direct/01?

click=http://ad.uk.doubleclick.net/click%3Bh=
v8/357c/3/0/%2a/h%3B107548619%3B0-0%3B0%3B16414782%3B1-
468/60%3B21298340/21316230/1%3B%3B%7Eaopt%3D2/0/78/0%3B%7Esscs%3D%3f


Is this something that eBay et al are doing? Has my browser been hijacked? Is there a way to use these sites without compromising my privacy?

TIA,

Geoff

(Edited to split the long URLs to avoid the need for sideways scrolling)
7 REPLIES
Plusnet Staff
Plusnet Staff
Posts: 12,169
Thanks: 18
Fixes: 1
Registered: 04-04-2007

Has my browser been hijacked?

Hi,

Have you tried turning the content filter off again to see if things come back to normal? The eBay link works fine for me so I wouldn't have thought it was them but it could be because of the content filter not working correctly or it could be some malware or similar. If it's the same without the content filter I'd recommend a scan with something Spybot or Adaware.
N/A

Has my browser been hijacked?

It may be one of those e-bay things. A hijacked browser would normally take you to some very obvious sites.

Do you have Spybot-S&D? You can download it from here:
http://www.spybot.info/en/index.html
Install it and run a full scan - don't forget to download the latest definitions before scanning.
Community Veteran
Posts: 1,229
Thanks: 1
Registered: 30-07-2007

Has my browser been hijacked?

I use an ad- (and porn- and spyware- and trojan-) blocking hosts file for Win XP and it works charmly* ... not a complete solution but it kills most ads and makes surfing a much less distracting experience for me.

Have a look at http://www.mvps.org/winhelp2002/hosts.htm for details.

paul

(* I got this from a person whose 1st language is not English but it's just delightful innit?)
Plusnet Staff
Plusnet Staff
Posts: 12,169
Thanks: 18
Fixes: 1
Registered: 04-04-2007

Has my browser been hijacked?

I've done something similar by creating a zonefile on my DNS server with all the ad servers in it and have to agree it does make browsing a lot better, even a little speedier as you're only loading the the actually page and not the often 3 or 4 animated ads.
carrot63
Grafter
Posts: 599
Registered: 12-07-2007

Has my browser been hijacked?

gjctech,

I do the same thing as you for blocking these ad firms, and occasionally run up against the same issue. It's not browser hijacking, but (AFAIK) the tracking of click-throughs, usually from ads or 'sponsored links', some of which may even be within page content. It happens very rarely, and if the router blocks something, I usually just copy out the last part of the URL, from the last "HTTP" onward, and paste it.

The reason the link looks different is Javascript in the page rewriting the message to the status bar. Firefox has an option to prevent sites doing this.
N/A

Has my browser been hijacked?

Thanks guys. Answering the queries:

I tried turning the filter off on my router and things returned to normal. I have both Ad-Aware and Spybot S&D, both of which uncovered tracking cookies that the other missed. FWIW, it's the list of domains related to those tracking cookies that I used to create the list of blocked domains. It's not just eBay - it's Autotrader, Streetmap, and several others as well. However, I can't remember it ever happening with a non-commercial site. It's not just atdmt either, the latest incident cited tribalfusion.

A couple of weeks ago, my router expired. That was the second Netgear DG834 to die on me, so I paid a few quid extra and got a ZyXel. With the Netgear, I used to have the content of advertising panels blocked but not the sites hosting them. I wonder whether there's a coincidence here and whether the recent update of Firefox changed the way the browser behaves.

Strangely, I ran Spybot S&D again last night and even though they're allegedly blocked, doubleclick, hitbox, and zedo all managed to create tracking cookies on my machine :shock:

I don't think that Dave's suggestion to internally hijack the unwanted domains wouldn't do much better (I used to do that) because the redirect would bring up a 4x4 error from my webserver and I still wouldn't be able to access the desired content.

However, I have a kludge that seems to work. On getting a "Page Blocked" message, clicking the Back button then clicking the Stop button retrieves the desired page then prevents the redirect.

Thanks again,

Geoff
==================

Edited to add:

I think I've found what's going on here after trying to access the same sites in IE. When I tried that, those sites tried to open popup windows for the blocked content and the "page blocked" message appeared in the popups. I've configured Firefox to block popups but the unwanted crud is opening in the parent window instead. I do hope this doesn't mean I've got to bin Firefox and go over to Microsoft's virus magnet Sad
grimme
Grafter
Posts: 241
Registered: 01-08-2007

Has my browser been hijacked?

When you're using Firefox, you could try an add-in called No-Script, most of these ad click-throughs are just called by scripts and No-Script will identify each one individually and let you allow/not allow on an individual basis.