• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

IE redirects to adult site entry page when URL is incorrectly entered

When I mistype a URL then I get redirected first to an address 204.177.92.207 and then to the following URL http://199.227.31.199/ssredir/gb.html

I have run spybot, ad_aware hijackthis, used the analysis site and done the red fixes. Still have the problem.

Can you tell me what action to take: Re-install IE, direct me to what IE does when an incorrect URL is entered, etc.

Generally - please assist me in resolving this problem - I subscribed specifically to fix this issue.

Thank You
0
fgeldenh
Asked:
fgeldenh
  • 3
  • 2
  • 2
  • +3
2 Solutions
 
SheharyaarSaahilCommented:
Hello fgeldenh =)

>> I have run spybot, ad_aware
Have you run them in safemode ?? and Did you run CWShredder ??
CoolWebShredder ==> http://www.softpedia.com/public/cat/10/17/10-17-150.shtml 

Also can you plzz post here the Address of the saved analysed HJT log from the analyse website ??
0
 
stevenlewisCommented:
0
 
fgeldenhAuthor Commented:
I have not run these in Safe mode, I will try.
I did run CWShredder, but not in safe mode.

Below is pasted URL

http://www.hijackthis.de/logfiles/d31ec533a822e5ded81110976834d43a.html
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
jvuzCommented:
Chack with Stinger:

http://vil.nai.com/vil/stinger/
0
 
SheharyaarSaahilCommented:
Fix these entries,

O4 - HKLM\..\Run: [LGWJTBRV] c:\windows\system32\lgwjtbrv.exe /install
O16 - DPF: ESD classes - http://www.beb.standard.co.za/esd_client.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll

And then delete these files if you can find them on your ahrd drive!

C:\windows\system32\lgwjtbrv.exe
C:\WINDOWS\System32\basfipm.exe
C:\WINDOWS\System32\WLTRYSVC.EXE

And then the tools again in safemode to make sure that they come as clean :)
0
 
stevenlewisCommented:
how upto date is the adaware that  you ran? Did you update the definitions?
0
 
flyguybobCommented:
Question:  Have you went into Tools...Options... in Internet Explorer and changed the start page?
0
 
Rich RumbleSecurity SamuraiCommented:
Turn off system restore if using Xp or winME- http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
Then use Stinger as linked above, and or your AV of choice. Ad-Aware is my recommendation for spy-ware removal.

Then move to a better browser, FireFox, Mozilla, Opera or netscape offer more protection than IE does- tabbed browsing alone is reason enough to switch. The only problem is that the other browsers I've put Fwd here, sometimes cannot "properly" display web-pages that were meant for IE only. Which is the worst practice ever, but you can view 99% of M$'s own site with any of them.
-rich
0
 
fgeldenhAuthor Commented:
Thank you to SheharyaarSaahil. His recommendations worked and I now have a clean machine again.

Great service this!
0
 
Rich RumbleSecurity SamuraiCommented:
To stay clean, you may want to give some of the browsers I listed a go, they don't have activeX which is the main reason spy-ware gets on IE user's machines.
-rich
0
 
SheharyaarSaahilCommented:
Excellent..... glad you got it solved!! ^_^
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now