Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Porn Flicks!!

Posted on 2004-10-18
11
Medium Priority
?
865 Views
Last Modified: 2008-01-09
Hi, sorry to bother you all. My computer have been hit by this bugging porn site. Whenever I hit on a wrongly typed webpage, they'll re-direct me to a search page, then a porn site.

I've tried, hijackedthis, adawareSE (hanged). No luck.

For example, www.ebay.com.uk 
- Will direct to http://199.227.31.199/ssredir/gb.html 
- Followed by a popup with site add. http://www.netvenda.com/cgi-bin/fin.pl?source=yigww 

Please Help

PS: Sorry i just signed in so i only have 325 points. ^_^
0
Comment
Question by:Groovy_Leow
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
11 Comments
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 652 total points
ID: 12338079
Check this page http://accs-net.com/hosts/how_to_use_hosts.html
to know where the HOSTS file is located in your system.

First make a backup of the file
open it using notepad
remove all entries in there except
127.0.0.1  localhost
&
the entries that you have entered manually.
Save the file.
Restart the machine
Check if the same happens ..

b) Clear all temporary internet files , cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%


c) Check for spywares and virus in the system

virus scanner:
---------------
When you scan for virus,do all the below in both Normal mode and Safe mode.

a) Update your virus definitions in your Anti-virus and run it.

b) Download Stinger from here : http://vil.nai.com/vil/stinger/  and run it.

c) Use this Online virus scanner also : http://housecall.trendmicro.com/ 

Spyware:
--------

Please donot run spyware before running Anti-virus tools and making sure there is no virus in the machine.
Run spyware both in Normal and Safe mode to be sure that the system is free of spywares,adwares and Malwares.

PLEASE GET THE SPYWARE REMOVAL TOOLS FROM THE BELOW WEBSITE. THAT PAQ IS CREATED SO THAT ALL THE TOOLS ARE NOT GUMMED UP IN THIS THREAD.

Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

Once running all the above tools and others given in that thread, download and run Hijackthis.
Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.

0
 
LVL 17

Assisted Solution

by:Lobo042399
Lobo042399 earned 648 total points
ID: 12339736
Hi Groovy Leow,

Netvenda.com not only hijacks your browser, it also attemps to install a dialer in your machine called NVdialer. Manual removal is as easy as deleting one Registry key. Here's how:

- Go to Start > Run. Type regedit and click OK. (The registry editor will open.)
- Navigate to 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Code Store Database \ Distribution Units \ {91413D86-9F27-402C-B5E3-DEBDD122C3B2}'  and DELETE this key.
 -Exit the registry editor.
-Reboot your computer.

If you are not confident about editing your Registry, you can download Bazooka. Its detection list includes Netvenda. Bazooka is Shareware and can be downloaded from:

http://www.kephyr.com/spywarescanner/index.html

Good Vibes!

Lobo
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12340430
Hi!

Sorry to post somewhat off-topic -
any interested parties - CWShredder has been updated to 1.59.0.1

RF
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Expert Comment

by:Lobo042399
ID: 12341055
kewlio!!!
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12341070
:) !
RF
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 12341091
>Lobo

Forgot to add - check your email at gatesofdelirium

Cheers...
RF
0
 
LVL 17

Expert Comment

by:Lobo042399
ID: 12341303
got it, thanks dude!!  Will update tonight. Well, tonight Toronto time, which is GMT -5  ;o)

Good Vibes!!

Lobo
0
 
LVL 17

Expert Comment

by:Lobo042399
ID: 12538139
Meeee!!!!!
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question