onebir Posted October 25, 2006 at 05:27 AM Report Posted October 25, 2006 at 05:27 AM i seemed to have picked some up: whenever i point firefox or explorer at www.worldnomads.com i get www.tongxunqicai.cn any idea how to get rid of it? i ran the ewido online spyware check, and it didn't pick it up... it seems to be a different problem to the one in this thread - the worldnomads URL seems to be completely hijacked, and occasionally another chinese website gets substituted for the one i point the browser at... Quote
Quest Posted October 25, 2006 at 11:41 PM Report Posted October 25, 2006 at 11:41 PM Check your add/remove program list, uninstall suspicious programs. boot in safe mode, run msconfig, delete suspicious startup items. Boot in normal mode, run adaware/norton av/windefender/hijackthis you name it, all the available free spyware scanners. Use their remove functions to remove all malware then scan again. If something keeps coming back (usually hooked to a legit dll, or even the kernel--rootkit), find out what its malware name is, search google for solutions. Quote
md1101 Posted October 26, 2006 at 09:53 AM Report Posted October 26, 2006 at 09:53 AM last resort.. format your computer. i have to do that occasionally, speaking of malware does anyone else get random chinese bots trying to add to your msn list? i get them quite often after having been to china.. they post advertisements every now and again similar to the sms advertisements you get like "你记得我吗?那个晚上我没有勇敢和你谈谈。我 觉得你很可爱!请给13195555555。。。 打‘ etc. Quote
Quest Posted October 28, 2006 at 11:09 PM Report Posted October 28, 2006 at 11:09 PM Also, I would recommend the use of McAfee SiteAdvisor: http://www.siteadvisor.com/ It promptly labels sites you visit as well as search engine result links as safe, caution, dangerous etc. They also conduct analysis on how safe it is to give your email address to a site, what downloads from the site contain spyware etc.. check it out. Quote
darkprince Posted October 29, 2006 at 08:07 AM Report Posted October 29, 2006 at 08:07 AM *sighs* Simple fix - don't use windows!!!!!! whenever i point firefox or explorer at www.worldnomads.com i get www.tongxunqicai.cn This just sounds like DNS redirection to me ... check c:windowssystem 32driversetchosts ... The only entry in this file should be (or something like it) 127.0.0.1 localhost if you see anything else, delete it Quote
onebir Posted October 30, 2006 at 01:23 AM Author Report Posted October 30, 2006 at 01:23 AM thanks for all the suggestions guys... it seems to have stopped doing it! i have no idea why. only thing i can think of is that my free symantec coverage was running out, so i installed avast! anti virus and AVG anti spyware. AVG found some things, which i deleted, but they were just tracking cookies, which i didn't think could redirect my browser... :s Quote
Quest Posted October 30, 2006 at 12:56 PM Report Posted October 30, 2006 at 12:56 PM onebir, try the software explorer that comes with Windows Defender. If that doesn't work, try hijackthis -- it gives you a comprehensive list with auto-loaded items, you can go through the list(or post it) to identify potential problems. Quote
onebir Posted October 30, 2006 at 01:14 PM Author Report Posted October 30, 2006 at 01:14 PM Quest - thanks, but i meant the problem's gone! Quote
Quest Posted October 31, 2006 at 12:46 AM Report Posted October 31, 2006 at 12:46 AM Symptoms disappearing doesn't really mean your computer's clean.... I would still run those software just to make sure. Quote
beyaz Posted November 26, 2006 at 07:58 AM Report Posted November 26, 2006 at 07:58 AM hi also my website redirected to www.tongxunqicai.cn what shall i do? Please help! Quote
Battosai Posted November 27, 2006 at 01:06 PM Report Posted November 27, 2006 at 01:06 PM DarkPrince said: sighs*Simple fix - don't use windows!!!!!! Well said! Quote
badr Posted November 27, 2006 at 01:55 PM Report Posted November 27, 2006 at 01:55 PM Try erasing your cookies and cleaning your browser cache. It helps quite a bit. For most of my serious browsing, I use Firefox 1.5 and I have it set up so that it automatically dumps all cookies when i close it. It's a bit of a pain because I have to log in to all the forums I spend time in but it's worth it. Quote
imron Posted November 27, 2006 at 10:28 PM Report Posted November 27, 2006 at 10:28 PM Speaking of Chinese malware, chinesepod just had a podcast about this in their advanced section if anyone is interested. Quote
JamesW Posted December 4, 2006 at 04:23 AM Report Posted December 4, 2006 at 04:23 AM I had a URL redirect to tongxunqicai.cn today using Firefox 1.5. I found that 'Tools->Clear Private Data...', and then clearing everything except 'Saved Passwords' removed the malicious redirect. Quote
Recommended Posts
Join the conversation
You can post now and select your username and password later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.