A friend has just created a new subdomain of his existing site. If I go to http://www.newsubdomain.existingsite.com
, I see the host's generic "new site will be available soon" message. BUT if I go to http://newsubdomain.existingsite.com
(that is, the same address, but without the leading "www."), I wind up on the site for some perfectly innocent-looking automotive specialty parts distribution company.
(It looks like they mostly sell to retailers, not the public, so it makes no sense at all for them to be complicit in this apparent hijacking, although someone could have put something malicious on their site, I guess.)
My computer is a laptop running WinXP Pro. AVG, spybot and Ad-aware scans find nothing amiss. The machine has no other symptoms of any kind of infection, afaict.
The problem shows up regardless of whether I use Firefox or IE, but another machine on my home-network does NOT have this problem, so I know it's not a case of my ISP's DNS cache having been poisoned. I did run ipconfig /flushdns from a command prompt; that didn't fix it.
Could this just be some simple corrupted record somewhere, or must we conclude a malware infection?