MSIE / Spyware(New.Net) **UPDATED**

[nmcglennon]

Guys,
Can anyone help me? When I type anything in the MSIE Address bar it now goes to some spyware search engine called search.findsall.com which is really annoying. Any way to disable it or even go back to my default (was google).

I have tried reconfiguring MSIE, and it did nothing.
I have tried looking through the registry, and found nothing.
I have tried running SpyBot and AdAware, which did nothing.

Next step? I really do not want to reformat, but I might have to...

 

[Bug]

This is how I configure my machine's IE to use Google by default instead of MSN as the search engine.
1) Click on the <Search> button
2) If you're using XP, change the search behavior back to the Classic method
3) On the left side, click on the <Customize> button
4) Click on <Autosearch> settings
5) Make sure the 1st box says [Google Sites]

This is quite useful as I only have to type in my search criteria into the Address Bar and hit <Enter>. Don't have to go to Google first, or use the Google toolbar add-in (still waiting for the release of the Elmer Fudd version).

Hope this fixes your prob.

 

[nmcglennon]

Originally posted by: Bug
This is how I configure my machine's IE to use Google by default instead of MSN as the search engine.
1) Click on the <Search> button
2) If you're using XP, change the search behavior back to the Classic method
3) On the left side, click on the <Customize> button
4) Click on <Autosearch> settings
5) Make sure the 1st box says [Google Sites]

This is quite useful as I only have to type in my search criteria into the Address Bar and hit <Enter>. Don't have to go to Google first, or use the Google toolbar add-in (still waiting for the release of the Elmer Fudd version).

Hope this fixes your prob.

Thanks, but it didn't work... back to beating my head against the wall. :Q

 

[nmcglennon]

Turns out it is something installed by a domain called new.net.

http://www.doxdesk.com/parasite/NewDotNet.html

Unfortunately I cannot delete their DLL.... it apparently is being used by Windows.

 

[mechBgon]

Did you try running the antispyware scans in Safe Mode? If not, try that next. It'll probably be necessary to disable System Restore as well.

Bigger picture: if you want to prevent that, see Schadenfroh's spyware/virus removal &amp; prevention thread in Software, and maybe click the top link in my signature and look at my Ongoing prevention suggestions. They may not be everyone's idea of fun (people aren't used to using Limited-class accounts on their own computers, for example), but they could reduce the risk a great deal. If your computer's used by others, not just yourself, then definitely give that some thought.

 

[The J]

If you know where the DLL is, follow these steps:

1. Reboot into Safe Mode.

2. Click Start, then Run..., type in cmd and hit Enter.

3. type in: cd\[directory location] and hit Enter.

ex. If you need to get to C:\windows\system32, then type in cd\windows\system32.

4. Open the Task Manager and close the process Explorer.exe. Your taskbar will go away.

5. Type in: del [filename including extension] and hit Enter. You'll know it worked if you are returned to the prompt without a message.

ex. If the file is called spy.dll, then type del spy.dll.

6. Go back into the Task Manager, click File, click New Task..., type in explorer.exe. The taskbar will return. Restart and you should be good to go.

 

[imported_thomash]

Try downloading and running these.

CW Shredder.
http://www.soft32.com/download-CWShredder-19014-5.html

This should get rid of the override in your IE.



Also try HiJackThis.
http://www.spychecker.com/program/hijackthis.html

Be careful with this tho because you don't want to delete the wrong registry keys.

Let Me know if these work.

 

[VirtualLarry]

New.Net is pretty insideous. It's not new, and it used to be the worst one out there, before CWS entered the picture. Normally, New.Net installs a system-level LSP provider into the WinSock2 stack, to support their "new" domains. At one point, I thought that they had supposedly cleaned up their act, and allow clean un-installation via the Add-Remove Programs control panel. Check there first, before resorting to anti-spyware tools. They used to have an un-installer available on their site too, but I'm not 100% sure that I would trust something like that.

http://www.new.net/help_faq.tp#p5

 

[imported_Phil]

Originally posted by: VirtualLarry
New.Net is pretty insideous. It's not new, and it used to be the worst one out there, before CWS entered the picture. Normally, New.Net installs a system-level LSP provider into the WinSock2 stack, to support their "new" domains. At one point, I thought that they had supposedly cleaned up their act, and allow clean un-installation via the Add-Remove Programs control panel. Check there first, before resorting to anti-spyware tools. They used to have an un-installer available on their site too, but I'm not 100% sure that I would trust something like that.

http://www.new.net/help_faq.tp#p5

Yep, failing that, Google for LSPFix (nmcglennon) and repair the Winsock stack; that takes care of it for me.

 

[nmcglennon]

I finally found the installer and ran that; it seems to have just deleted the DLL...
To be sure, I ran HiJack this, Norton, and Ad-Aware afterwards.
I think everything is ok now since I can't detect anything. Thanks again to all you who helped me out!

Thanks again!