Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

HotBar is a toolbar attatched to browser, how to remove it from registry?

Created: 01 Oct 2011 | 2 comments

Using a different spyware tool, I found 3 infections labeled HotBar, which is identified as a toolbar attatched to browser. It's locaed in the registery. My copy of symantec endpoint protection does not catch it and when the other program removes it, it seems to come back right away. How do I remove it?

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SW\{03884cb6-e89a-4deb-b69e-8dc621686e6a}

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SW\{96e080c7-143c-11d1-b40f-00a0c9223196}

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SW\{b7eafdc0-a680-11d0-96d8-00aa0051e51d} 

There is subfolders in each entry, if needed I will copy them from my regestery.

Any help is appreciated.

Comments 2 CommentsJump to latest comment

Idimple's picture

Hello.

 

Try below steps,It might helps,

You can remove HotBar through Add/Remove Programs in the Control Panel, however it leaves behind some tracks that will have to be removed manually. After removing the program through the Add/Remove section, you'll want to run Regedit and remove the following keys in the registry.

HKey_Current_User\Software\Hotbar
HKey_Local_Machine\Software\Hotbar
HKey_Local_Machine\Software\Microsoft\Internet Explorer\Toolbar\B195B3B3-8A05-11D3-97A4-0004ACA6948E
HKey_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\Hotbar 3.0

You can also delete the 'HotBar 3.0' string from

HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)
fisk4151's picture

Thank you for your help. It looks like I had removed it from add/remove programs but it left registry code. I didn't find it where you pointed me, it was onlywhere I copied itto my post. I don't know enough about the registry to alter those strings without guidance. Since it seems to be inert, I'll leve it alone. Thanks again.