?
Solved

Malicious Website www.privacyoutpost.com !!!!!!!! Help!

Posted on 2004-04-08
4
Medium Priority
?
233 Views
Last Modified: 2013-12-04
HI, All
A maclicous website
IE tools menu were added 3 items( www.poker.scom, debt.com,xxxx) my IE was redirected to www.privacyoutpost.com. The desktop were added for 4 html websites.
One is How www.privacyoutpost.com, it says "u entered a pedo website, ur IP is XXXXX, please go download privacyoutpost..... and then added 4 html website to my desktop.

I tried to deleted them. but it comes again soon.

I followed the www.privacyoutpost.com 's instruction to remove,but failed, I E-mailed them,but no reply.

 I tried all way to remove, delete Temp and history file, remmove registry ent, startup, host and pop and AD dectector software,but problem remain the same.

I guess I have to reinstall

0
Comment
Question by:davidlam8888
  • 3
4 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 10786040
Hi davidlam8888,

Check for ad/spyware:
Ad-aware :                          http://www.spychecker.com/download/download_adaware.html
Spybot Search and Destroy : http://www.spychecker.com/download/download_spybot.html
CoolWebShredder :              http://209.133.47.200/~merijn/files/CWShredder.exe
make sure to update before running.

If you're still having problems, use this tool and post the logfile:
Hijackthis :                           http://209.133.47.200/~merijn/files/HijackThis.exe

Greetings,

LucF
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10787540
Protecting your computer can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected the last 4 years.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 2000 total points
ID: 10787611
You've been infected with a trojan called Regldr-a

"Troj/Regldr-A will also set the registry entries listed below to point to the page secure.html located in the default Windows folder. This HTML page claims that the system has been compromised by spyware and prompts the user to visit the URL http://www.privacyoutpost.com/enter.html?wm=dkvage."

This is how to remove it:
http://www.sophos.com/virusinfo/analyses/trojregldra.html
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10800366
:o) Glad I could help you - thank you for the points
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses
Course of the Month17 days, left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question