Chuck, this is malware. Nortons, despite their advertisements, gives you
little or no protection against malware. Nor, to my knowledge, will any
other antivirus programs. For that, you need Malwarebytes, as others have
already mentioned. And, if you are doing any financial transactions on your
computer, you need the paid version for full active (ie real-time)
protection--it's about $30 pa.
Before doing a Malwarebytes scan, disable your antivirus, as some will
prevent Malwarebytes from accessing the registry, which is necessary to
remove most trojans such as SweetIM. If this one is in your system, it's
highly probable that there will be many others.
After completing a Malwarebytes or similar scan and removal, you should
then open Regedit and do a manual search and delete all remaining instances
of SweetIM and any other malware. (Be very careful when using Regedit, as
deleting the wrong entries can disable Windows). If you don't do that,
these things can regenerate themselves and you are soon back to where you
started!
Malwarebytes does a fairly good job of cleaning the registry, but it's not
perfect and I often find there are a lot of undeleted malware entries in
infected computers.
Some of these homepage hijackers will place themselves in the shortcuts
from which you open the browser, so you need to delete all browser
shortcuts and create a new one. The ISearch and Webssearches family of
hijackers works this way, and I think from memory that SweetIM is one of
that family. To check this, right-click the shortcut icon, click
"properties" and look at the "target" line. If this shows a string of
letters/numbers after the name of the browser, it's bad. The "Target" is
the website that's introducing the malware.
To see if there are any clear signs of the commonest malware, just do a
Regedit search ("Find") for these commonest items: Trovigo, Mindspark,
Uniblue, Sweetim, Isearch, Webssearches (note the 2 ss's), Wajam. If any or
many of these show up, you have serious malware problems which will quickly
escalate into an unusable computer. Just hit F3 to carry on the Regedit
search.
If you're not too familiar with these procedures, it would be safer to get
your computer checked out by a reliable technician. Be wary about shops
that offer a quick scan and clean for a cheap price. If you don't do a
thorough job as I've outlined above, the malware will simply return.
Then you have to think about how these things got into your computer in the
first place. That's the subject of a whole new tutorial!
Don Penlington
On Sat, Oct 25, 2014 at 6:33 AM, <
[log in to unmask]> wrote:
>
>
>
> Hi,
>
> I'm running Window 7 and using IE 11 on a Dell Dimension E520 desk top.
> Something has taken over IE11 and won't let me change the home page. Every
> time I set it, via Internet Options it changes, but when I open then close
> IE and restart, it goes back to the home page I don't want or even know how
> it got there.
>
> This is the http that shows up:
>
> http://home.sweetim.com/?barid=141151973495834452867011054861370256664&src=10&crg=ct3317192&ppd=&did=10810&st=23&st=23&ptr=100
>
> I've run my Norton scans and nothing shows up. There is nothing in the
> StartUp folder and when I use "msconfig", I don't see anything that looks
> familiar to the http name. I've deleted all cookies, temporary internet
> files, and everything I could find but nothing is working to get rid of
> that internet address from being my home page.
>
> Does anybody have any idea what I can do to get this out of IE. Any help
> will be appreciated.
>
> Thanks,
>
> Chuck Cooley
>
>
>
>
> PCSOFT's List Owners:
> Bob Wright<[log in to unmask]>
> Mark Rode<[log in to unmask]>
>
>
PCSOFT's List Owners:
Bob Wright<[log in to unmask]>
Mark Rode<[log in to unmask]>
|
