WPKG.org
As of the 26th of April 2015, residents of China have been redirected from unrelated websites to WPKG.org, a domain promoting a general software installer, updater, and uninstaller for Windows. Regardless of whether this is a traffic-flooding attempt or a configuration error, this redirect may prevent Chinese Web surfers from accessing a variety of popular sites, including Facebook. However, solutions to this problem are available to any PC user willing to dive into their Internet connectivity settings.
Unlike most browser redirects that malware experts have examined, Chinese WPKG.org redirects aren't caused by threatening software or browser hijacking add-ons. Instead, the responsible party is the Great Firewall of China. Nor is this incident necessarily the first time China's national firewall has delivered unintentional, and even self-defeating results (you can read about a similar, censorship-based incident from early January).
Steps for disabling these redirects WPKG.org are straightforward, although they also may block the WPKG.org site, which poses no threat to your computer. The same steps also apply to ptraveler.com, which some PC users claim has supplanted WPKG.org as a browser redirect destination. Virtual Private Networks (VPNs), if in use, should be disabled until all steps have been completed.
- Enter the line 'C:\Windows\System32\drivers\etc\hosts' into your Windows search field and press enter. Doing so will open the Windows Hosts file, which provides your system with general network and website accessibility settings.
- Select Notepad (or any other text editor you're comfortable with using) from the 'Open with' menu. Your Hosts file, which is plain text, will open in the program of choice. Warning: inappropriate configurations of the Hosts file may harm your PC's Internet connectivity.
- Below the comments section, add the following line: '127.0.0.1 wpkg.org'. A second line, swapping wpkg.org for Ptraveler's URL, also works for the second domain. This setting will block your browser from loading the website address. You can identify the Hosts file's comments section by its use of the pound sign or hashtag symbol (#). Any lines prefixed by comment symbols have no effect on your Hosts file's configuration.
- As an additional safety step, you also may set your browser's advertisement or script blocker add-on, to block the JavaScript content associated with either of these websites. The relevant files for blocking are 'wpkg.org/my.js' and 'ptraveler.com/pt.js'.
As an alternative, you also can replace your Hosts file with one from a trusted source that includes these modifications. However, an unsafe Hosts file may redirect your browser to threatening content.
Once the above changes are complete, you can refresh your browser's cache, which prevents it from 'remembering' the old Hosts file settings. Most browsers may allow you to delete the cache selectively so that your auto-complete passwords aren't removed.
Theories on the actual purpose behind the WPKG.org redirect and the related redirects to ptraveler.com JavaScript files are, as of yet, insubstantial and wide-ranging. However, malware researchers can verify that a broad segment of China has been affected by this browser redirecting problem, which strikes independently of the device or platform being used.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.