| Author | Thread |
|
|
06/24/2013 10:46:34 PM · #1 |
Help! I have this problem getting rid of malware - isearch fantastigames.com/465
I cannot get rid of fantastigames.com/465 which is showing up on both IE and Firefox whenever I open these browsers.
Have tried spybot, MicrosoftSecurityEssentials, McAfee. I restarted my computer after each update and scan.
I've also been to the 'tools' in both Firefox and IE but could not find this program. Other junk that I got rid of, yes, but not this.
When I tried to uninstall the program through the Control Panel, there was no listing for this name.
The name shows up in the 'search' box every time I open Firefox (or IE)
I tried the Microsoft forums without any response.
If anyone is interested in solving this silly problem, I've got Windows 7 Home edition, 64 bit.
Anybody have an idea as to what to do next?
Here's a screen shot of Firefox:
 |
|
|
|
06/24/2013 10:50:50 PM · #2 |
| Check your default web page in Firefox and IE ... make sure it isn't set to this URL. Low probability solution, but you never know. |
|
|
|
06/24/2013 10:54:19 PM · #3 |
//windowsproblemshelpcenter.blogspot.com/2013/05/how-to-get-rid-of-isearchfantastigamesc.html
Google "how to uninstall isearch fantastigames.com/465" and see many, many hits. I had a similar problem just the other day. I downloaded what Brennan's link to the Comedians in Cars Getting Coffee videos told me was a required media player and all hell broke loose. |
|
|
|
06/24/2013 10:54:33 PM · #4 |
Ok - here's my secret recipe for fighting tricky malware that's actively running
These instructions increase in 'intensity' as you go down through them. The difficulty and risk increase with each step - but each step is a more 'powerful' approach.
in your browser, type in about:config
there you can go through some settings and try to reset the parameters that are botched.
next,
right click the task bar, and choose "Task Manager"
Under processes, kill anything that is suspect (this is something of an art, but just google anything that looks odd, random strings of characters, or names that seem similar to your malware)
then, after you've killed whatever you can,
start>run>msconfig
if that doesn't do it.
start>run>regedit>hkey_localmachine>software>microsoft>windows>current version>Run (and >runonce)
start>run>regedit>hkey_currentuser>software>microsoft>windows>current version>Run (and >runonce)
delete the keys for anything that's loading the piece of shit.. (this is irreversible, don't screw it up - or make a backup of the keys before you delete them)
Then, hardboot. Don't shutdown - just pull the cord (that prevents anything from being able to write on shutdown.)
Do all of this at your own risk. It may or may not work, and could (theoretically) cause even bigger problems, especially if done wrong. |
|
|
|
06/24/2013 10:59:46 PM · #5 |
| I usually go with MBAM in safe mode before anything else... |
|
|
|
06/24/2013 11:10:58 PM · #6 |
Yes, Bear, I saw all those hits, (one of which came from fantastigames - "we're sorry you don't like our product") and I could not be induced to click on something that might make the problem even more permanent. I like the link you provided and will look at it more closely.
Cory, that solution of yours sounds elegant, but way above my pay grade. Every one of those strings of letters and numbers look delete-able to me.
:(
IAMKatz, I looked up MBAM and that may be my answer. Why, please, should it be run in Safe mode? |
|
|
|
06/24/2013 11:20:43 PM · #7 |
Originally posted by sfalice:
Yes, Bear, I saw all those hits, (one of which came from fantastigames - "we're sorry you don't like our product") and I could not be induced to click on something that might make the problem even more permanent. I like the link you provided and will look at it more closely. |
It worked for me, and my problem was isearch and a changed home page, just like yours. I had to remove it from ie and chrome and firefox, all 3 separately. Persistent little bugger. Seems to be all gone now. |
|
|
|
06/24/2013 11:23:11 PM · #8 |
Originally posted by Bear_Music:
Originally posted by sfalice:
Yes, Bear, I saw all those hits, (one of which came from fantastigames - "we're sorry you don't like our product") and I could not be induced to click on something that might make the problem even more permanent. I like the link you provided and will look at it more closely. |
It worked for me, and my problem was isearch and a changed home page, just like yours. I had to remove it from ie and chrome and firefox, all 3 separately. Persistent little bugger. Seems to be all gone now. |
Note that that particular one can also download additional payloads that include some pretty nasty additional malware.
I'd say that at the very least a through scan is in order. |
|
|
|
06/24/2013 11:24:22 PM · #9 |
Originally posted by sfalice:
Yes, Bear, I saw all those hits, (one of which came from fantastigames - "we're sorry you don't like our product") and I could not be induced to click on something that might make the problem even more permanent. I like the link you provided and will look at it more closely.
Cory, that solution of yours sounds elegant, but way above my pay grade. Every one of those strings of letters and numbers look delete-able to me.
:(
IAMKatz, I looked up MBAM and that may be my answer. Why, please, should it be run in Safe mode? |
Safe mode loads minimal drivers and programs - basically it's a bare-bones boot - which decreases the likelihood of the darn thing starting up. |
|
|
|
06/24/2013 11:40:30 PM · #10 |
Thanks for that link, Bear. If it worked for you, it'll work for me.
It worked for me, and my problem was isearch and a changed home page, just like yours. I had to remove it from ie and chrome and firefox, all 3 separately. Persistent little bugger. Seems to be all gone now.
 Cory: Note that that particular one can also download additional payloads that include some pretty nasty additional malware. I'd say that at the very least a through scan is in orde
Yes, I found some nasty stuff and got rid of it (I hope).
Interesting: I tried the McAfee scan first and he must have been out to lunch, as there were no problems as far as that program was concerned.
Spybot was next and discovered 9 of the little buggers.
the MSE scan was last and discovered nothing new. Except that the fantastigames was still there, serenely ensconced.
IAMEliKatz, I might just grab that MBAM program for insurance.
Meanwhile, looks as if tomorrow will be another search and destroy at my house to get rid of that nasty.
Dr.Confuser, yes, that program had changed the default page on IE. (Fortunately I never use that browser)
Thanks to everyone for your help. I'll let you know tomorrow the results of this. Glad to know Bear worked through it okay.
Message edited by author 2013-06-24 23:44:40. |
|
|
|
06/25/2013 02:43:02 PM · #11 |
Well, folks, some success. Being a coward about the innards of my computer, I bought the MBAM and ran it this morning. Two hours and 17 minutes later it declared my computer clean of nasties, but I still had the original problem.
So, turning to Bear's suggestion, I ran through as much of the information
//windowsproblemshelpcenter.blogspot.com/2013/05/how-to-get-rid-of-isearchfantastigamesc.html
on his link that I understood and with that help found the ISearch.fantastigames.com lodged in the 'search' boxes of both IE and FF and some other places that I had missed earlier. And I unchecked the boxes in the Tools that they suggested. This did rid all references on the browser home pages.
When it came to deeper investigations, like in Windows Task Manager, Unchecking the "Hide protected operating system files" box I chickened out.
this message made me cancel the attempt: You have chosen to display protected Operating system Files in Windows Explorer. These files are required to start and run Windows. Deleting or editing them can make your computer inoperable. Are you sure you want to display these files?
So, it may be that I've done enough to get rid of this pest. If more of the crap shows up I'll be back!
Oh, yes, McAfee is now complaining that I have too much protection and it can't do its job. Yeah, it did it so well before.
THANKS, ever so much, guys!
Alice |
|
|
|
06/25/2013 03:36:25 PM · #12 |
Yeah Im currently fighting some malware on my home PC. I will have to try some of these options that I havent tried yet.
|
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 08/13/2025 03:00:13 PM EDT.
