Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Finderactive.com?


  • Please log in to reply
4 replies to this topic

#1 bizzle

bizzle

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 03 February 2007 - 03:44 PM

Hi, I use mozilla firefox and its a great program. I used to be able to just type a word or phrase into the address bar and it will google it, now it brings me to a site called finderactive.com. Theres barely any information about this site on the web so i want to make sure its not being caused by spyware. I was infected with rbot recently but I thought i got rid of its remains, not sure if this is linked to it.

Edited by bizzle, 03 February 2007 - 03:45 PM.


BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:05:13 AM

Posted 03 February 2007 - 04:23 PM

Try this:

Double click the blank space, in the Tab Bar, or right click a tab and select New Tab.
This will open a new, blank Tab.
In the Address Bar, type; about:config
Click Enter.
Scroll down to, and double click, keyword.URL.
In the box that opens, enter what's in the Code box below: (you can copy and paste it)
http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
Click OK.
This will restore the Google "I feel lucky" search.

Alternatively, you can set it to
http://www.google.com/search?&q=
This is the general Google search string.
Now any time you enter a word in the address bar and press Enter it will take you to a Google page showing you the results of the search for that term.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Ophiicus

Ophiicus

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:13 PM

Posted 10 May 2007 - 11:49 AM

Thanks for that - had the same problem myself - any ideas what caused it?

#4 Chicken Bum

Chicken Bum

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:13 PM

Posted 08 February 2008 - 05:36 AM

Hey, any idea how to remove it from IE6? HJT and other spyware removers just don't seem to do the job. Got it out of Mozilla fine, but my Uni page only works with IE. Bit of a pain, but what can I do??

Thanks! Serene

#5 BlackedOut271

BlackedOut271

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 17 February 2012 - 07:43 AM

I had this lovely infection as well. FinderActive.com, FlueBlue.com and the IP address 66.98.148.65 are the culprits... I believe people are getting the infection via P2P. I could be wrong but anyways...

Check your host file (C:/windows/system32/drivers/etc/hosts) for the two lines:
Hosts: 66.98.148.65 auto.search.msn.com
Hosts: 66.98.148.65 auto.search.msn.es

If you don't know how to do this, please go here to read on this infection and directions to fix your hosts file.

These also come with the "infection". No anti-virus programs show any infection. Seems that just the address bar search and hosts files are modified.

View this page for more info (It's safe, I promise lol):
MixingOnTheBoat.com Topic on FinderActive.com

They diagnosed the issue... And multiple people have filed complaints at 1&1.com (Registrar) and the Public Domain Registry, reporting abuse by this domain as advise all people who come across this do as well...

Let me know if I can help!

And another tip. Granted I got infected, but it was from P2P... To secure your browsing- download SandBoxie. It is an outstanding tool that adds a whole new dimension to protection, for FREE! Similar to avast!'s sandbox. But free lol.

Die malware! Posted Image

P.S. follow tg1911's instruction on the about:config as well in addition to mine and you should be fine. I will continue to review the infection and will post if any other files were modified by this.

IE users, I'd tell you how to fix to issue, but I hate the insecurity of IE (Not an accepted Internet Browser by definition - and a web designer's worst nightmare...) So please download FireFox or Chrome to save yourself!

Edited by BlackedOut271, 17 February 2012 - 07:50 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users