Ok, this is going to sound a tad odd.
When accessing websites through my work computer, allmost any of the pages that i normally access are being tampered with in some way.
Example: Youtube, every single video is currently the same thing. The word Hadron, has been replaced with Hippo, on BBC.co.uk, Engadget.com and Youtube.com.
It only happens to website they know i'm on, and most of the words that have been changed, have been changed to nothern ireland slang terms, for that reason i'm pretty certian its someone in my office.
I've got a windows XP Pc controlled by a Windows Server 2007 (i'm pretty certian).
Its not the DNS settings (i've changed it to OpenDNS and its the same problem).
Its not the web browser, the problems identical across IE7 and FF.
I'm not aware of anything being ran on my computer. (done a scan/ Checked running processes.)
I'm stumped.
Any thoughts?
How would you go about modifying web pages, before they load (read my description).?
it might be something in your server
How would you go about modifying web pages, before they load (read my description).?
sounds like you've been rick rolled!
Ok its obvious someone has gotten at your Ip transport level.
This is a fairly common attack in the IT workplace. it involves altering your Ipnodes file, forwarding common website addresses to the common windows process IpPostFec, this is not detected as malware due to it being a viable windows process, that happens to have a few naughty uses! its also not on the top level of your task manager as its a very minor process.
Your web cache is then collated on another machine, where im sure hilarious co workers manually replaced the words, and forward back to your machine using the same process. the only solution is to locate the exe responsible in the system32 directory, rename it and restart your computer.this may be hard to find as it could be hidden, or moved elsewhere on your system
Fallen,
Let me ask you a question if you don't mind. Have you checked other people's computers? Make sure that it's not just yours that's showing the slang terms. If someone IS messing with our website in the office then it's important to change the passwords to the FTP and such so you are the only one with access. Or create multiple users so you can see who uploaded the page with slang terms on it.
The reason I ask if it's just your machine I have known some spyware/malware programs hijack the page and change words around to get you to click on advertisements. I am not saying that it's the case here, but I know they have done that in the past.
Take care,
Chad
