Welcome to MSFN

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.


Sign in to follow this  
Followers 0
rickytheanuj

unwanted porn site popup automatically

13 posts in this topic

in my office network 2-3 computer had a problem, it automatically popup some unwanted porn site.

Nod32 antivirus is installed in that computer and i checked my computer with mcafee stringer virus remover but nothing is there.. there is nothing like that in startup and even schedule so what's the problem.. i also cleaned my web browsers' history and cookies too.. but nothing is gonna work..

help me.. or i have only way to solve is format

0

Share this post


Link to post
Share on other sites

Sounds like malware. Post a hijackthis log or something.

0

Share this post


Link to post
Share on other sites
Sounds like malware. Post a hijackthis log or something.
Uhhh...
0

Share this post


Link to post
Share on other sites

The solution is gonna involve some investigative work by you to help us, because the MSFN crystal ball is in the shop currently. Please start by running hijackthis on the affected machine and attach the log to your next post here, for starters.

We're really bad even with the crystal ball at guessing, but pretty good once we have data ;).

0

Share this post


Link to post
Share on other sites

Hijack this and instructions regarding its use are available here.

0

Share this post


Link to post
Share on other sites

To be honest, any corporate problem that takes longer to solve than the time it takes to provision a new machine, does not need to be solved.

You have to weigh how many hours you have worked this problem against how long it would have taken you to reformat/reinstall.

0

Share this post


Link to post
Share on other sites

...until it happens twice. Then, might as well fix it and find root cause, otherwise it'll just keep re-appearing.

0

Share this post


Link to post
Share on other sites

If it turns out to be an employee surfing for pr0n, the HR reps will have a lunch of him. We have fired many employees for violating that little policy, very embarrassing way to go.

Another way to go might be to configure that website (pr0n address) into the "Restricted Zone" via group policy, or better yet configure the DNS/gateway/router to bar access to that site. That would help prevent a future infection.

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

At a place of employment, office and workstation computers should only get internet access if it's necessary for them to perform their jobs.

Reformatting might be the fastest way to fix the problem (assuming your office has all the data on these PCs backed up, but finding and fixing the actual problem could show who is the source of this problem.

0

Share this post


Link to post
Share on other sites

Has the OP already ruled out a browser helper object. These would be beyond all the measures the OP employed (not found in start up, clear cookies, history).

Dig around in the Manage Add-on console (IE Options) and see if there are any randomly named, unsigned, unknown BHO's and react accordingly. Disable them one by one until the pop-up stops.

Am_addon_manager.png

Then after you are 100% sure you know which add-on is causing trouble, create a group policy setting that prevents usage/installation of that particular add-on.

The settings are controlled from here, via group policy.

Windows Components\Internet Explorer\Security Features\Add-on Management

Edited by MrJinje
0

Share this post


Link to post
Share on other sites

Try Malwarebytes' Anti-Malware which can remove trojans, worms, adware, malware from the computer it's really a good antivirus software that has a high detection rate, consumes low system resources and is fast.

0

Share this post


Link to post
Share on other sites

Mr Jingie has the right idea its either a BHO or Could be Hosts file.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.