I'm gonna plead ignorance on what a "G" is...but...

If your university is anything like mine, you will have to provide some validation before you are allowed to browse beyond their network.

For example, if I sit down with a laptop in lab, and try and access some offsite link, I will be redirected to a validation page asking for my campus userID and password.

Perhaps something similar is happening to you?

edit-- Also, if you are a windows machine, check your hosts file and see if it has been modified:
c:\windows\system32\drivers\etc\hosts ... if I recall correctly

[edited by: evinrude at 12:18 am (utc) on Nov. 25, 2004]

If I remember correctly it is a benign virus that redirects you to a non existant URL or page. Doesn't do any destructive damage other than mess up with your browsing. Can't remember the name though, someone else might.

Onya
Woz

> benign virus

that's what I thought too, but I updated Norton, scanned and it found nothing.

> check your hosts file

that was the first thing I did, and it looks fine.

> G

Yes, G=Google. Sorry for not being clear I just didn't want to get premoderated on this since I was hoping for a quick fix and I'm certainly not saying anything bad about G.

not sure what to do now, but man is it annoying to not be able to reach Google.

scumware maybe?

do a some scans with two different spyware programs, i use adaware and spybot

or have you done that too

I agree. It sounds more like scumware than a virus.

Craig, if it is the virus I am thinking of, then Norton etc don't pick it up for some reason. I wish I could remember the name of it ...

As to scumware, I am not so confident about this proposal, as scumware would send you to somewhere for financial gain, whereas there is no financial gain in sending user to a Uni sign-in page.

Onya
Woz

sounds a lot like coolwebsearch, which is scumware, not a virus.

If it is, then neither Spybot Search and Destroy nor adaware will kill it, (at least, it wouldn't this spring when I was dealing with it a lot - they might have updated since then to kill it.) Both will detect, but neither will kill it.

Best bet:

Head over to Castle Cops [computercops.biz], pick up Hijack This, run a scan, and post the log in the HJT forums, one of the mods will post a message within an hour or so with a walkthrough on how to remove. (it involves booting in safe mode, among other things).

The possible reason your getting re-directed to the University's validation/sign-in page/whatever... A lot of U's have strict firewalls, so if you're surfing from behind it, and something on your machine is trying to redirect you to something the U's firewall has identified as a scumware site, the U's firewall will just re-direct you to something benign on their own system.

Maybe it is poorly written scumware. A rookie attempt that has gone oh so wrong.

Try this thread - [webmasterworld.com...]