Solved

Porn Flicks!!

Posted on 2004-10-18
11
825 Views
Last Modified: 2008-01-09
Hi, sorry to bother you all. My computer have been hit by this bugging porn site. Whenever I hit on a wrongly typed webpage, they'll re-direct me to a search page, then a porn site.

I've tried, hijackedthis, adawareSE (hanged). No luck.

For example, www.ebay.com.uk
- Will direct to http://199.227.31.199/ssredir/gb.html
- Followed by a popup with site add. http://www.netvenda.com/cgi-bin/fin.pl?source=yigww

Please Help

PS: Sorry i just signed in so i only have 325 points. ^_^
0
Comment
Question by:Groovy_Leow
  • 4
  • 3
11 Comments
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 163 total points
ID: 12338079
Check this page http://accs-net.com/hosts/how_to_use_hosts.html
to know where the HOSTS file is located in your system.

First make a backup of the file
open it using notepad
remove all entries in there except
127.0.0.1  localhost
&
the entries that you have entered manually.
Save the file.
Restart the machine
Check if the same happens ..

b) Clear all temporary internet files , cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%


c) Check for spywares and virus in the system

virus scanner:
---------------
When you scan for virus,do all the below in both Normal mode and Safe mode.

a) Update your virus definitions in your Anti-virus and run it.

b) Download Stinger from here : http://vil.nai.com/vil/stinger/  and run it.

c) Use this Online virus scanner also : http://housecall.trendmicro.com/

Spyware:
--------

Please donot run spyware before running Anti-virus tools and making sure there is no virus in the machine.
Run spyware both in Normal and Safe mode to be sure that the system is free of spywares,adwares and Malwares.

PLEASE GET THE SPYWARE REMOVAL TOOLS FROM THE BELOW WEBSITE. THAT PAQ IS CREATED SO THAT ALL THE TOOLS ARE NOT GUMMED UP IN THIS THREAD.

Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

Once running all the above tools and others given in that thread, download and run Hijackthis.
Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.

0
 
LVL 17

Assisted Solution

by:Lobo042399
Lobo042399 earned 162 total points
ID: 12339736
Hi Groovy Leow,

Netvenda.com not only hijacks your browser, it also attemps to install a dialer in your machine called NVdialer. Manual removal is as easy as deleting one Registry key. Here's how:

- Go to Start > Run. Type regedit and click OK. (The registry editor will open.)
- Navigate to 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Code Store Database \ Distribution Units \ {91413D86-9F27-402C-B5E3-DEBDD122C3B2}'  and DELETE this key.
 -Exit the registry editor.
-Reboot your computer.

If you are not confident about editing your Registry, you can download Bazooka. Its detection list includes Netvenda. Bazooka is Shareware and can be downloaded from:

http://www.kephyr.com/spywarescanner/index.html

Good Vibes!

Lobo
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12340430
Hi!

Sorry to post somewhat off-topic -
any interested parties - CWShredder has been updated to 1.59.0.1

RF
0
 
LVL 17

Expert Comment

by:Lobo042399
ID: 12341055
kewlio!!!
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 12

Expert Comment

by:rossfingal
ID: 12341070
:) !
RF
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12341091
>Lobo

Forgot to add - check your email at gatesofdelirium

Cheers...
RF
0
 
LVL 17

Expert Comment

by:Lobo042399
ID: 12341303
got it, thanks dude!!  Will update tonight. Well, tonight Toronto time, which is GMT -5  ;o)

Good Vibes!!

Lobo
0
 
LVL 17

Expert Comment

by:Lobo042399
ID: 12538139
Meeee!!!!!
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now