Page 1 of 2 12 LastLast
Results 1 to 15 of 19
  1. #1
    Star Lounger
    Join Date
    Feb 2004
    Posts
    92
    Thanks
    2
    Thanked 6 Times in 6 Posts

    Cool Malware called Default Tab Search by Search Results, LLC

    I know how it happened, I actually did it, even though I know better, MS Security Essentials and Malicious Software Removal Tool, and MS Security Scan ALL failed to find and remove this thing. Can anybody tell me how to get rid of it? Trying MalwareBytes as I type this but I am not hopeful. Several sites say "Remove Malware, Download This" but I don't trust them either as I have never heard of any of them. So, I humbly ask assistance here, where I have trust in the answers that arrive. This is my work PC, (new job waiting for something better so I can actually get some work done) Some kind of "PowerSource" PC with Pentium i3 and just 4GB of Ram and a 750GB HDD. So, if MalwareBytes doesn't get it, what then? Ideas not just welcome, but fervently hoped for! Thanks All!

    Joel

    Edit, almost forgot! Using IE9, (have to, legacy program and all)

    Edit #2 No Joy with MalwareBytes Full Scan said it found nothing, so still searching instead of working!
    Last edited by joela44; 2013-07-06 at 14:12.

  2. #2
    2 Star Lounger
    Join Date
    Mar 2010
    Location
    Charlotte, NC
    Posts
    132
    Thanks
    1
    Thanked 19 Times in 18 Posts

  3. #3
    Star Lounger
    Join Date
    Feb 2004
    Posts
    92
    Thanks
    2
    Thanked 6 Times in 6 Posts
    Quote Originally Posted by thomasjk View Post
    Thank you Thomasjk I will take a look right now!

  4. #4
    Star Lounger
    Join Date
    Feb 2004
    Posts
    92
    Thanks
    2
    Thanked 6 Times in 6 Posts
    Thanks again Thomas! Looks like at least most of a success! I got the home page I wanted back, and my default search and addons are there, The only one I really care about is LastPass and it's still in it's accustomed spot, the search box toolbar also gone. Only thing is when I go to tools/manage addons there are NO addons or search providers to manage! I'm sure I'll sort it out sooner rather than later, but the most important thing is I got control of my browser back and intact. Strangely though it never affected Chrome or Firefox, I was able to leave IE9 and use either of those while I tried removing it from IE. Well you know what they say about a gift horse and all. Mainly I want to say THANK YOU for the link that gave me some of my sanity back!
    BE forewarned, this nasty bit came from a CNET Download of IrfanView, and there was NO dialog for custom install, no box to uncheck or opt out. Very disappointing. I won't be going there for downloads anymore.

  5. #5
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    CNet has been getting really bad recently for piggybacking these add on apps. This is the first I have heard of no opt out options. Good to know.

    It seems nothing is free anymore. With CNet and other such sites, if there is not opt out options then I will not use them. It's not worth the aggravation.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  6. #6
    Star Lounger
    Join Date
    Feb 2004
    Posts
    92
    Thanks
    2
    Thanked 6 Times in 6 Posts
    Quote Originally Posted by Medico View Post
    CNet has been getting really bad recently for piggybacking these add on apps. This is the first I have heard of no opt out options. Good to know.

    It seems nothing is free anymore. With CNet and other such sites, if there is not opt out options then I will not use them. It's not worth the aggravation.
    Could not agree more! I surely won't go there again. Actually there WAS an option to "disable" or "remove" but it was greyed out so I couldn't click it, so stupidly thinkin it would be in the next screen, I went ahead and infected myself! So count me with you as far as CNET goes. (showing the option then not allowing you to click on it is just shady and underhanded, but they DID get me with it!) Thanks for the input!
    Joel

  7. #7
    Silver Lounger Banyarola's Avatar
    Join Date
    Dec 2009
    Location
    Big Indian, New York
    Posts
    1,900
    Thanks
    19
    Thanked 65 Times in 54 Posts
    I stay away from Cnet...They really suck..

    I usually go to the publishers website to d/l a program..
    "If You Are Reading This In English, Thank A VET"

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    Australia
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Indeed, the publishers website is generally the best option for software downloads.
    I have had to start blocking various download sites on client PC's because they are causing too many issues.

  9. #9
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Hartford, WI, USA
    Posts
    370
    Thanks
    153
    Thanked 62 Times in 37 Posts

    Nasty - but not new

    Quote Originally Posted by joela44 View Post
    .... Actually there WAS an option to "disable" or "remove" but it was greyed out so I couldn't click it, so stupidly thinking it would be in the next screen, I went ahead and infected myself! ....
    Joel
    Ooops, this was meant to be a direct reply to post #6. No clue why that didn't work.

    This is not a new tactic at all; consider yourself lucky (or common sense careful) that you did not run into that earlier.

    In Sept. 2012 I wrote on my blog about a very nasty example of this tactic applied TWICE in one install!

    These windows where the option to "remove' is greyed out are made to confuse us; mostly the text is sort of ambiguously formulated on top if it.

    You avoid the foistware by clicking the Cancel or Dismiss button which in these cases cancels only installation of the foistware and not the whole install process.
    Last edited by eikelein; 2013-07-18 at 08:02.
    Eike J Heinze
    What I am about
    SE Wisconsin

  10. The Following 2 Users Say Thank You to eikelein For This Useful Post:

    bobprimak (2013-07-18),scaisson (2013-10-05)

  11. #10
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Nearly anything I can download from CNet I can also download from Filehippo, Softpedia, Tucows, or a host of other, cleaner download sites. Consider this a lesson learned, OK?
    -- Bob Primak --

  12. #11
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,794
    Thanks
    117
    Thanked 799 Times in 720 Posts
    Maybe i've just been lucky but I've never had a problem with a Cnet download. You do have to watch the check boxes during the install process but those are usually "compliments" of the application, not Cnet.

    Jerry

  13. #12
    2 Star Lounger
    Join Date
    Dec 2012
    Location
    New Hampshire
    Posts
    133
    Thanks
    11
    Thanked 16 Times in 11 Posts
    Re: those "grayed out" "decline" option squares ARE clickable! You CAN opt out of all those extras. Downloads at Cnet are getting very, very, sneaky with attempts to load extra stuff you don't want - but not the worst by any means.

  14. #13
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by rje49 View Post
    Re: those "grayed out" "decline" option squares ARE clickable! You CAN opt out of all those extras. Downloads at Cnet are getting very, very, sneaky with attempts to load extra stuff you don't want - but not the worst by any means.
    Sneaky,yes. Unavoidable or not clickable, no. So, be careful, folks, and don't always blame the host site for the sneakware tactics of the software vendors it hosts.
    -- Bob Primak --

  15. #14
    New Lounger
    Join Date
    Oct 2013
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    There are a few rule to safely complete your downloads from any site:

    First,never use the "recommended" or "typical" installations. (that's why you inadvertently allow extra software to download) Always use the "Custom" installation. That way you can uncheck everything (as well as direct which partition to download to).

    Second, as rje49 pointed out...decline everything you can. Click the grayed out decline each and every time.

    Third, open an email account that you only use to complete registrations. You can from time to time go to it to delete all mail.

    I prefer "CNET" since they do a virus scan on all programs..."Majorgeeks" is another safe download site.

  16. #15
    Silver Lounger Banyarola's Avatar
    Join Date
    Dec 2009
    Location
    Big Indian, New York
    Posts
    1,900
    Thanks
    19
    Thanked 65 Times in 54 Posts
    That's the whole point guys...

    Rather then run the gauntlet of sneaky op-out boxes, grayed out check boxes, it's easier and safer to just head over to the authors site and get the download you want.

    As far as virus scans go as Valius stated, who knows how they scanned it and if they even did.
    I prefer to scan myself before I run anything no matter where I get it from.
    "If You Are Reading This In English, Thank A VET"

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •