| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 43528 | 2004-03-17 19:21:00 | How to remove Hot-Search - it wasn't me | robo (205) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 223400 | 2004-03-17 19:21:00 | Someone in the family has got this thing into my wife's PC. Every so often you get this useless www.hot-searches.com website as the startup page and sometimes it uses other URLS. Then, when you use google, and click links, it hijacks it and goes to something else involving a supposed search from hot-search. I've searched the registry, removed all hot-search items, they come back. I've turned off everything dodgy in startup using MSCONFIG. I've run adaware and given things a clean. It's like the sodding cat that came back. It just won't stay away. Anyone got any ideas? robo. |
robo (205) | ||
| 223401 | 2004-03-17 19:54:00 | Give Spybot a run then lock IE's homepage with Spybot. You may need to enable Advanced Mode. Have you had a look in IE Properties, General tab > File Settings > View Objects & view the properties of each file for anything with a sus, Company name, Dependencies, etc. Cheers Murray P |
Murray P (44) | ||
| 223402 | 2004-03-17 19:54:00 | Looks like something connected to AOL. | mark c (247) | ||
| 223403 | 2004-03-17 20:00:00 | Can't find out much about that hottie :) If you have ME or XP, don't forget to turn the restore function off when cleaning. My attack on it would be... Run Adawre and Spybot. Run CWShredder in case it is another variation. Go through the registry again. Run Hijackthis and see if it is listed in there. Be interesting to find out more on this sucker. You may be the lucky recipient of a new piece of "scumware" you lucky thing. :D |
Pheonix (280) | ||
| 223404 | 2004-03-17 20:11:00 | It's XP (sorry, should have said, should know better, I knew what it was, you should too). I will try spybot. It's damn frustrating when the kids go looking for things. They don't quite know what's what and a little knowledge is dangerous (no knowledge is more dangerous). robo. |
robo (205) | ||
| 223405 | 2004-03-17 20:24:00 | When you have demolished this beast, have a look at SpywareBlaster here (www.javacoolsoftware.com) as it is like an "innoculation" program against a lot of these hijacks. Oh and free too. Kids will play, and lets face it, it is the way we humans learn, by mistakes. Even though it is a nusance to us, they are learning. So I guess it is a case of grin and bear it. A fathers lot is not a happy one at times. :D |
Pheonix (280) | ||
| 223406 | 2004-03-17 22:21:00 | Set Spybot to innoculate have never got anything (touch wood) since enabling this feature. Update Spybot, Adaware, etc, before running them. Cheers Murray P |
Murray P (44) | ||
| 223407 | 2004-03-18 06:03:00 | I just spent most of the afternoon cleaning a computer of viruses & spyware, only 7 viruses/trojens & ~200 spyware, but it was a P133. I really should charge by the hour. Heres a couple of other things to check, that I've noticed adaware & spybot miss: - In system.ini, check the load= & run= and shell=explorer.exe lines haven't been messed with. - Have a look for anything dodgy in \windows\fonts, you will need to use the command prompt to check. - In IE6 under advanced options, uncheck "enable 3rd party extensions". - In IE check whats listed as a "trusted site", and on the next tab, check the publishers. - In spybot, advanded mode, check whats listed under tools->BHOs. Adaware seems to do a much better job of cleaning these automatically. - Check your hosts file for modifications. > I will try spybot. It's damn frustrating when the > kids go looking for things. They don't quite know > what's what and a little knowledge is dangerous (no > knowledge is more dangerous). Is there any reason they couldn't be using Firefox? Or atleast locking down the IE security settings so new stuff can't be installed. I have two kinds of customers when it comes to fixing computers: People I can convert to anything-but-internet-explorer(TM), and those that provide a regular income. |
bmason (508) | ||
| 223408 | 2004-03-18 19:07:00 | Been there, done that. Spybot and Adaware won't touch it. The only thing that'll get rid of that puppy is CWShredder. Do a google search, run it, and 30 seconds later you're clean. |
Allblack (4982) | ||
| 223409 | 2004-03-18 20:04:00 | Agree with Allblack - also buy the April Issue of netguide & install SpywareGuard, or get it here http://www.javacoolsoftware.com Bye |
Peter H (220) | ||
| 1 2 | |||||