I.E and "MySearchNow"

  Diemmess 18:13 19 Nov 2004

Son and granddaughters' computer now on BB with Wanadoo and bothered with this hijacking of the IE opening page.

I only have experience of Aol which is not troubled at all with this .........(Good for Aol)......

I talked with obliging local computer shop whiz-kid today after having returned a new installation to my son yesterday, only to have it infested again within minutes of going online, long after I had gone home.

AdAware Spybot Zone Alarm and AVG are all there, though apart from AVG and Zone alarm, may not have been running.

Whiz-kid said it IS a nuisance.... and suggested using IE tools to change to Wanadoo as home page, then Add/Remove programs to find one with "186" as part of a string. He said that this will be locked, but by going online it can be unlocked and deleted.

Does this make sense to you? I am travelling blind in unknown territory. If it does get rid of it, what next to prevent a new takeover?

Son's wife was told by colleague at work today that they had to pay (another) computer shop £60 to have it cleared off.......... I don't know if that one is still clear but would value step-by-step confirmation, or varied instructions when I visit tomorrow?

  VoG II 18:16 19 Nov 2004

Once you have got rid of it (again), install SpywareBlaster click here

  wawadave 18:22 19 Nov 2004

i would sugest doing any of these you have not allready.
Download and install the newest version (1.3) of SpyBot Search and Destroy click here - Note: If you have been using SpyBot S&D for some time, chances are you have version 1.2. For some unknown reason, the 1.2’s update feature does not alert you to the new version so you must download and install the new from the link above. Also, download and install AdAware click here - there are free versions of each. Before scanning, use each programs’ update option to get the latest signature files, then scan, using SpyBot first.

a² Free is also a good malware cleaner and can be downloaded from: click here?

and you should install spywarebaster to help block these things from infesting you.
SpywareBlaster will block bad ActiveX and malevolent cookies.

click here

SpywareGuard works in concert with SpywareBlaster to detect and prevent hijackings in progress.

click here
spyware guard will prevent your home page from being hijacked again after you clean out the infestation.

you should allso use spybots imunize function. and use advanced mode and enable Hosts function to block these garbage sites and get this. as well.

IE-SPYAD puts over 4000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

click here

  wawadave 18:23 19 Nov 2004

you might allso want to get firefox and use that instead of ie for surfing the net.
click here

  Diemmess 18:39 19 Nov 2004

Wow with that list I should find some protection.... Thank goodness for a pen drive to carry the "good news" to the site.

VoG™ - Your comment "once I have got rid of it (again)" assumes that I will be able to get rid of it at all !....Does the Comp Shop advice make reasonable sense?

  VoG II 18:52 19 Nov 2004

I'm not sure about the computer whixx kid's advice. 180 maybe (180solutions spyware), not 186 though.

I suggest that you take HijackThis with you as well. The latest version click here and Nellie2's destructions click here

If you post a HJT log here I'm sure somebody will be able to tell you what to "fix". You will need to post the log in a few chunks because of the 800 word limit on this site. Also please double-space it.

  Diemmess 19:55 19 Nov 2004

I am unfair to Whixx - I guessed at 186, but absorbed the point that it would not be the sort of thing I expected to find. Will add Hijack* and Nellie2 to the portable armory.

Intrigued by Firefox, but son is "not ready" for more changes and I would rather experiment on my own - but then with Aol -I don't need to (so far).

IE 6 is available on the Wanadoo disk. Should I install that upgrade,and if so when?

  stuntmaster 20:29 19 Nov 2004

i had this mysearchnow, after accidentally installin the messenger plus spyware, by mistake about a year ago, best bet, is to pull out the BB connection boot PC, remove the spyware using spybot S&D and all the other mentioned, install firefox or any browser other than IE, and shutdown put BB plug back in and re-boot and enjoy.

pain i kno, as i had it and done it the slow and painful way of trudging thru the registry but i got there, i think Vog mite of helped me out on that one ages ago, i think it was him who gave me a site with the registry entries.

this spyware is called C2.lop in Spybot S & D

hope any of this helps.


  Diemmess 14:20 20 Nov 2004

Spent all morning with partial success, subdued MySearchNow by choosing Internet options and setting the homepage as Wanadoo

There is still a persistant bar at the bottom which goes only when Cntrl>Alt>Del ends "Search Now."

SpywareGuard cannot leave alone and insists on pointing out that I have changed the home page address, so I have uninstalled it for the moment.

Now running a separate thread with the Hijack This Log askng for interpretation of its list of lines

  Diemmess 10:08 21 Nov 2004

Encouraging progress has been made by a parallel thread
click here
So I am closing this one.

The summary so far --- this is an infection with an LOP...... "Messenger Plus 3" is the culprit, and MySearchNow and the other persistent nuisances are part of it.

Expecting to be able to sort it today

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

HTC U12 Plus review: Hands-on

Frida Kahlo's life, art and legacy explored in Google's new giant online collection and app

Best Android emulators for Mac

Comment importer des contacts d’un iPhone à un autre iPhone ?