Browser Hijacked? Some help here.

[fgarvb1]

http://www.spywareinfo.com/articles/hijacked/


Part of the page below. Please click on the link for tools and explanations.

The Problem
Author: Mike Healan

There is a despicable trend that is becoming more and more common where the browser settings of web surfers are being forcibly hijacked by malicious web sites and software which modifies your default start and search pages.

Sometimes internet shortcuts will be added to your favorites folder without asking you. The purpose of this is force you to visit a web site of the hijacker's choice so that they can artificially inflate their web site's traffic for higher advertising revenues.

In some cases, these changes are reversible simply by going into internet options and switching them back. Not always, however. Sometimes it's necessary to edit the windows registry (gasp!) to undo the changes made. Sometimes there is even a combination of registry setting and files clandestinely placed on your hard drive that redo your settings every time you reboot the computer.

No matter how often you change your settings back, they are changed again the next time you restart. There have even been cases where internet options have been removed from the tools menu by registry hacking to prevent you from controlling your own computer!

Even AOL has become a browser hijacker by placing it's web site free.aol.com in Internet Explorer's trusted sites security zone, thereby bypassing the most frequently used security settings. This occurs after installing their AOL software, AOL Instant Messenger, Netscape 6.x, and ICQ2001b has reportedly done this. AOL then exploits this by downloading ActiveX components to your computer without your consent. The CWS trojan also does this.

 

[eastern_nc_guy]

I've had the same problem. The first few times I was able to fix it by re-writing forfunsandy registry keys. After that failed the last time, I found that Ad-Aware 6 was able to clean out the rest. Free download, hope it helps.

 

[ReadyOne]

SpywareBlaster
http://www.javacoolsoftware.com/spywareblaster.html http://www.javacoolsoftware.com/spywareblaster.html
does a good job of stopping rogue ActiveX programs sent along with web pages from running.

SpywareGuard http://www.javacoolsoftware.com/spywareguard.html http://www.javacoolsoftware.com/spywareguard.html
will do a good job of stopping hijackers from changing the start page.

Both are free (donation requested). They are great prevention.

 

[fgarvb1]

Bump to page #1

 

[eastern_nc_guy]

Horror Stories?

How many of you have had a work or family computer hijacked by these little demons? I know trying to explain why farmsex.com wasn't originally homepage was not fun.

 

[sumaz]

I used to have these sites hijacked my PC, but not right now.

I installed many softwares that against these types of attacks.

Trojan Remover, Antivirus, Pop-up blocker...., Firewall....

 

[brokencow]

You can also do it yourself, dont need fancy programs.

go to start, run.
Type in msconfig
then go to "start up"

You can tell any programs in there not to boot when your computer does by unchecking their box, ALL programs running on your pc are told to start up in there, including all the spyware and trojans on your computer.

Heres a list of good + bad processes so you can tell which ones to boot or not (WARNING: they are case sensitive, so a bad / trojan process might be iexplorer.exe but a really import one might be iexplore.exe, this is done to confuse you so look very carefully before you tell the difference)

Bad + good process, read carefully, case sensitive.
http://www.liutilities.com/products/wintaskspro/processlibrary/

Anyways i dont recommend everyone does this, just those who are in real trouble and programs arnt working for them.

I also suggest the google toolbar to block pop ups, sure its a little annoying as it ads a line to your I.E. window, but its worth it for how well it works, and now i can run google searches from my browser

 

[eastern_nc_guy]

Doesn't always work to just remove them from the startup or registry. Some of the little bastards rewrite windows source files. I had one that reworked winlogon.exe that turned out to be a keylogger.

 

[Vixandra]

Why do people even use IE? It puzzles me greatly...

Ad-aware's a great program to. I run that about every two weeks on my home puter and weekly on the puters at work (I'm my units assistant SysOp).


The reason Netscape and Mozilla are so alike is simple. The guys who made Netscape didn't want it to be a charged for browser- they got pissed off at the company and later released Mozilla. It uses similar source codes and such and is more secure then using Explorer.
Why- explorer is tied to your windows OS- every program uses some form of it to open up, whether you like it or not, and its a direct link to the OS. That's how "bad people" put viruses and data-miners on your computer- Explorer links to the OS and from there to EVERYTHING else.
Mozilla doesn't do that- its just an application that Windows OS's couldn't give a damn less about. So you can't go from it to the OS (far as I know)
And this concludes my lecture on Mozilla vs the Evil IE.
*bows*

Yeah, I'm quoting myself but I'm not typing it out again... perhaps should just make it my sig line... bit long for that though.

 

[brokencow]

Yeah, not all things can be fixed in startup, but a lot can.

Ad-aware is a good program but i prefer spybot myself (its also free)

Its not like one program is head and shoulders better then the other one, i just like spybot better, and it seems to get updated pretty frequently.