Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This Is Not A Virus Problem - It's An Msn Search Problem


  • Please log in to reply
28 replies to this topic

#1 Dufurt

Dufurt

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 02 February 2008 - 10:56 PM

An update from MS on Tuesday left me with the inability to use the search engine of choice. (google). I've changed the option thru search/customize, etc and nothing changes. The sidebar will allow google, but not typed in the address bar.

I've been doing a line by line search thru registry when my eyes said, enuff. Ask someone who may know how to regedit the option. I've also used google reg hack to no avail.

I performed a system restore but that also did not work.

Windows xp pro
IE6

all patched to date.
Ran spybot
hijackthis
adaware

I also use win patrol whose latest version tracks unauthorized windows updates. Nada there, either.

Hope this is enough info.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:24 PM

Posted 03 February 2008 - 08:47 AM

I love your diagnosis of what's wrong...but I suspect it's all wrong :thumbsup:. I am current in critical updates and I've not experienced the symptoms you describe, nor do I see any evidence of such when scanning the Web.

I believe...that your first tactic when something unusual occurs on a system...should be to take a look in Event Viewer for clues.

Second tactic s/b to scan for malware of all sorts. I notice that you don't enumerate the AV program that you use, if there is one, although you do carefully list the programs handling lesser forms of malware.

The fact that you have been playing in the registry...leaves all of us in the position that we have no idea what harm you may have unintentionally done by your forays, IMO.

Louis

#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:24 PM

Posted 03 February 2008 - 09:49 AM

At work we have a procedure that we follow to ensure that everything is done right.

First we do a quick scan for malware.
Then we physically clean out the PC and check the fans
Then we do hardware diagnostics
It isn't until all of this is done that we can get to diagnosing a problem fully.

There just ain't any one program that can tell you with 100% accuracy that you're not infected. Malware infections are diagnosed not only by scan results - but also by the affect that the malware has on the system.

It could be that your virus definitions didn't include the ability to detect a certain virus - either because it wasn't reported to them, or they hadn't finished working on the fix. Or, it could be that this was a new virus and that noone had identified it yet.

In the event that the system is behaving strangely, I always recommend an independent scan (online) to make sure that malware hasn't taken over the programs that are on your system. Here's 2 of them:
http://safety.live.com (requires IE)
http://housecall.trendmicro.com

Finally, attempting to fix a problem that has malware involved in it can cause the malware to morph into another form that's usually harder to locate and harder to remove. And, because it's caused by malware, the standard Windows fixes usually won't work. This is because Windows expects it's fixes to work in a certain way - and the malware doesn't follow these rules!
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#4 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 03 February 2008 - 06:33 PM

As mentioned above, I use Adaware, spybot, hijackthis.

I use sygate behind a wap router and AVG which updates and runs daily.

This is a new HP XP AMD 64 x2 using XP Pro

As far as my diagnosis of what is wrong, Yours is the only forum left to ask upon. It's listed in many as a problem (msn search supplanted google in the task bar) with no one else able to find a fix.

If I had wanted sarcasm for an answer, Hamlius, I would have gone elsewhere. I thank you all for your effort.

Am heading (again) for Trend Micro and will see what response this time.

Edited by Dufurt, 03 February 2008 - 06:34 PM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:24 PM

Posted 03 February 2008 - 07:33 PM

What you call "sarcasm"...was only intended to be one person's opinion.

I guess it is "sarcasm" if that term includes any opinion that runs contrary to what you may perceive, think.

I think it may make sense to many who do not live in same perceptual field...that you seem to inhabit.

Louis

#6 syunichi

syunichi

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Miri
  • Local time:02:24 PM

Posted 03 February 2008 - 08:09 PM

I agree with Louis, he was just giving out his ideas, that is why this is called troubleshooting. Anyway, I really think from what I understand it is a redirecting effort of some unknown application.Might be a rootkit, but most cases it's spyware or adware. And most of the case, a special add-ins installed by intension of the user without reading through the license aggreement terms, but I'm not pointing fingers. Another thing, hope that is an AVG Pro and not AVG Free because I experienced different experience using both type in terms of protection.

But back to the chase, I experienced what you've mentioned above.I've installed AIM6 and it has installed AOL Search bar for me..and even after uninstallation it always redirects me to AOL searches, which is annoying to me for I like google search bar more. What I did was a reset of IE settings in Tool>Internet Options>Advance>Reset and all back to normal, but I am using IE 7, been a while since I seen an IE6 in my office. Anyways, good luck. :thumbsup:
Posted Image

Tech Support: "Do you have any windows open right now?"
Customer: "Are you crazy woman, it's twenty below outside..."

#7 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 03 February 2008 - 08:17 PM

Thank you, Syunchi. :thumbsup: If Louis meant this isn't sarcasm, then of course I would extend my apology.

quote:
The fact that you have been playing in the registry...leaves all of us in the position that we have no idea what harm you may have unintentionally done by your forays, IMO
end quote.

I learned at my mother's knee that the least said is the soonest mended. Louis.

I didn't mean that yours is the only forum upon which to ask. Only that it was the only one I respected left to ask upon.

At any rate, it's AVG free. Trend scan was clean.

Next step, please?

ps. No messengers are installed, tho I did install FF browser.

Edited by Dufurt, 03 February 2008 - 08:18 PM.


#8 syunichi

syunichi

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Miri
  • Local time:02:24 PM

Posted 03 February 2008 - 09:00 PM

Hmm...have you tried this regedit option? Before that, do backup your registry first as always.

Google add-ons 1

Google Add-ons 2

Hope this will help. And do remember to backup registry first. :thumbsup:
Posted Image

Tech Support: "Do you have any windows open right now?"
Customer: "Are you crazy woman, it's twenty below outside..."

#9 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 03 February 2008 - 10:12 PM

My apologies on your name misspelling, Syunichi.

I did the regedit after saving, however, Live Search (search.msn.com) remains when sought from the address bar.

I THINK that this particular registry line is the problem, tho I have changed it from the customize option in search.

Customize Search=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

I also see that MS has LOCK DOWN machine written, but don't know if that is new or previous to Tuesday.

#10 syunichi

syunichi

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Miri
  • Local time:02:24 PM

Posted 03 February 2008 - 10:28 PM

Hmm..try this out if everything fails to prevail.

Google 4u

Good luck. :thumbsup:
Posted Image

Tech Support: "Do you have any windows open right now?"
Customer: "Are you crazy woman, it's twenty below outside..."

#11 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 03 February 2008 - 11:08 PM

Thank you, Syunichi. I still have msn as my search from address bar, but I appreciate the thought.

USAMA - I made E3 in early '66 and was busted back to E2 2 days later because I was in a frozen MOS 91B20. lol. Nice while it lasted, haha. WA852****

I thank you all for your help and patience. I will be checking back periodically in case someone else has a new idea.

I've appreciated the help.

#12 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:24 PM

Posted 03 February 2008 - 11:22 PM

Hello Dufurt,

I have a question for you, I understand that you prefer to use Google. What I want to know is if you prefer not using MSN search at all. If the latter, I may have a solution for you.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#13 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 03 February 2008 - 11:25 PM

Yes, OrangeBlossom. You're exactly right. That is my preference as long as it doesn't mean I am restricted to the MAC :thumbsup: haha.

#14 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:24 PM

Posted 03 February 2008 - 11:52 PM

It shouldn't restrict you to the machine unless there is something wrong that we don't know about. I personally dislike using MSN and hated it whenever the MSN screen would come up if I typed in an address incorrectly and no such site existed. So here is what I did to keep that from happening. I suspect this will solve your problem too.

Go to Control Panel --> Add Remove Programs. In the left panel you should see Add/Remove Windows Components. Click on that. A separate window will pop up. Scroll down until you see MSN Explorer. Click on the little box to remove the check mark, then click on next. It will then uninstall the MSN search engine. When it's done another little window will pop up telling you so. Click on Finish. MSN Explorer will now be uninstalled. I hope that you will now be able to type Google into the address bar the way you want. Let me know how it turns out.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#15 Dufurt

Dufurt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 04 February 2008 - 12:05 AM

That was an excellent thought, OrangeBlossom, but unfortunately it didn't work. I'd forgotten that trick. I will keep peeking in, in hopes.

If I knew how to write the registry key for Customized Search, I'd simply do that. I know my limits in the registry, tho. lol.

Thank you for the help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users