How to remove Adware.Win.32 Hotbar

Hotbar is an adware dropper which drops adware component on the system and generates extra pop-up ads while browsing Internet. This installs itself as a tool bar and it will develop into a vector to download many malware that will do activate the routines in background. While browsing it downloads different viruses when used to search using its search bar.

Locating Hotbar on System:

• It installs its components in program files folder with name Hbtools, shopper reports, Hb tools. and adds dll files with same names.
• It will run processes in back ground with the names "Hotbar," "SBHost," "Toolbar" or "HostOE" these are aliases for Adware.Win.32 Hotbar in processes. 

In Registry it will install the following things: 
Classes root folder is where it affects, anything that starts with Hb file is a result of Hotbar Adware.

• HKEY_CLASSES_ROOT\HbtCoreSrv.LfgAx
• HKEY_CLASSES_ROOT\HbtHostIE.Bho
• HKEY_CLASSES_ROOT\HbtHostIE.Bho.1
• HKEY_CLASSES_ROOT\HbtHostOL.HbtMailAnim
• HKEY_CLASSES_ROOT\HbtHostOL.HbtMailAnim.1
• HKEY_CLASSES_ROOT\HbtHostOL.HbtWebmailSend
• HKEY_CLASSES_ROOT\HbtHostOL.HbtWebmailSend.1 
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\
  Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}
• HKEY_CURRENT_USER\Software\ShopperReports
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\
  Addins\HbtHostOL.HbtMailAnim
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\
  Toolbar "{74CC49F7-EB32-4A08-B204-948962A6E3DB}"
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Run "HbTools"
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Run "qfrxdkbq"
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Run "WeatherOnTray"
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Explorer\Browser Helper Objects\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Explorer\Browser Helper Objects\{74CC49F7-EB32-4A08-B204-
  948962A6E3DB}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Uninstall\HbToolsOutlookTools
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
  Uninstall\HbToolsWebTools 
• HKEY_CLASSES_ROOT\ShprRprts.IEButton
• HKEY_CLASSES_ROOT\ShprRprts.IEButton.1
• HKEY_CLASSES_ROOT\ShprRprts.IEButtonA
• HKEY_CLASSES_ROOT\ShprRprts.IEButtonA.1
• HKEY_CLASSES_ROOT\ShprRprts.SmrtShprCtl
• It creates entries in Interface folder, RptsPSClient, ShprRprts, Typelib.
• We need to go to Run folder in HKLM\Software\Microsoft\windows\Current Version\Run and delete the files Hotbar folder and weather on tray in which hot bar folder. 
• We need to delete all the folders that starts with Hb from the registry.

This is best way how you can erase hotbar toolbar from your computer, completely .

Read More

Online File Scanner

If you are connected to internet on the go and you want to check if a file on your system disk is infected or infection free, though your anti-virus gives it a clean chit and you want to check its security, this is a very good option. This comes from one of the best anti-virus companies that is AVAST.

Read More

Stop Conficker from spreading by using Group Policy

 This procedure does not remove the Conficker malware from the system. This procedure only stops the spread of the malware.

Create a new policy that applies to all computers in a specific organizational unit (OU), site, or domain, as required in your environment.

Read More

Browser Hijack

A browser hijacker is a form of malware or spyware that replaces the existing internet browser home page, error page, or search page with its own. These are generally used to force hits to a particular website to increase popularity or with which it will generate some revenue for that particular site. More virulent versions often: add bookmarks for pornographic Web sites to the users' own bookmark collection; generate pornographic pop-up windows faster than the user can click them shut; and redirect users to pornographic sites when they inadvertently mistype a URL or enter a URL without the www. preface. Poorly coded browser hijackers -- which, unsurprisingly, are common -- may also slow your computer down and cause browser crashes. 

Message displayed when Hijacked

Read More

Norton Power Eraser

Is your computer infected with Scareware or rogueware or Scamware which tricks users to buy their anti-virus or security products by showing false warnings and these products makes your system unstable and shows scary warnings which user may never dreamt of, Norton Power Eraser portable tool from Symantec identifies and removes these Scareware from your Computer.

Read More

Online Scanners

When we find things going out of control on our computer even when we have a good anti-virus then we can go for online scanners. They are alot better in scanning a computer than purchasing products with many dollars an year and doing a quick scan on our computer. so an online scanner helps you a lot in many ways. Easy but safe and quick scanning is possible. Most of the viruses comes from very silly mistakes like, not having a firewall turned on, going online without an anti-virus protection, not updating it. We can use an online scanner to protect our computer to some extent.

Read More