• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 873
  • Last Modified:

Porn Flicks!!

Hi, sorry to bother you all. My computer have been hit by this bugging porn site. Whenever I hit on a wrongly typed webpage, they'll re-direct me to a search page, then a porn site.

I've tried, hijackedthis, adawareSE (hanged). No luck.

For example, www.ebay.com.uk 
- Will direct to http://199.227.31.199/ssredir/gb.html 
- Followed by a popup with site add. http://www.netvenda.com/cgi-bin/fin.pl?source=yigww 

Please Help

PS: Sorry i just signed in so i only have 325 points. ^_^
0
Groovy_Leow
Asked:
Groovy_Leow
  • 4
  • 3
2 Solutions
 
sunray_2003Commented:
Check this page http://accs-net.com/hosts/how_to_use_hosts.html
to know where the HOSTS file is located in your system.

First make a backup of the file
open it using notepad
remove all entries in there except
127.0.0.1  localhost
&
the entries that you have entered manually.
Save the file.
Restart the machine
Check if the same happens ..

b) Clear all temporary internet files , cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%


c) Check for spywares and virus in the system

virus scanner:
---------------
When you scan for virus,do all the below in both Normal mode and Safe mode.

a) Update your virus definitions in your Anti-virus and run it.

b) Download Stinger from here : http://vil.nai.com/vil/stinger/  and run it.

c) Use this Online virus scanner also : http://housecall.trendmicro.com/ 

Spyware:
--------

Please donot run spyware before running Anti-virus tools and making sure there is no virus in the machine.
Run spyware both in Normal and Safe mode to be sure that the system is free of spywares,adwares and Malwares.

PLEASE GET THE SPYWARE REMOVAL TOOLS FROM THE BELOW WEBSITE. THAT PAQ IS CREATED SO THAT ALL THE TOOLS ARE NOT GUMMED UP IN THIS THREAD.

Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

Once running all the above tools and others given in that thread, download and run Hijackthis.
Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.

0
 
Lobo042399Commented:
Hi Groovy Leow,

Netvenda.com not only hijacks your browser, it also attemps to install a dialer in your machine called NVdialer. Manual removal is as easy as deleting one Registry key. Here's how:

- Go to Start > Run. Type regedit and click OK. (The registry editor will open.)
- Navigate to 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Code Store Database \ Distribution Units \ {91413D86-9F27-402C-B5E3-DEBDD122C3B2}'  and DELETE this key.
 -Exit the registry editor.
-Reboot your computer.

If you are not confident about editing your Registry, you can download Bazooka. Its detection list includes Netvenda. Bazooka is Shareware and can be downloaded from:

http://www.kephyr.com/spywarescanner/index.html

Good Vibes!

Lobo
0
 
rossfingalCommented:
Hi!

Sorry to post somewhat off-topic -
any interested parties - CWShredder has been updated to 1.59.0.1

RF
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Lobo042399Commented:
kewlio!!!
0
 
rossfingalCommented:
:) !
RF
0
 
rossfingalCommented:
>Lobo

Forgot to add - check your email at gatesofdelirium

Cheers...
RF
0
 
Lobo042399Commented:
got it, thanks dude!!  Will update tonight. Well, tonight Toronto time, which is GMT -5  ;o)

Good Vibes!!

Lobo
0
 
Lobo042399Commented:
Meeee!!!!!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now