Arrghh!! Homepage Hijacked again...

pjdami · April 2004

This happened to me a couple of months ago and now looks like it has happened again. My IE homepage has been hijacked to www.isearch.com. Even though I change it in the options under home page, the bugger comes up not the next time I reboot but the next time I reboot and click on home page.

I already ran Sypbot and Adware which was no help. Last time it took me a few days but had to go diggin in the windows registry and delete some suspicious BHO links or whatever they are. I guess I lucked out and deleted the correct one.

What a pain in the neck and an invasion of one's privacy!

If anybody has any tips I'm all ears on what to do here.

disneyjoe7 · April 2004

Look in Control Panel on Install/Remove Programs, look for any programs that sound fishy & try to remove them.

PhantomOG · April 2004

yuck... got any antivirus software?

maybe change your security setting higher in IE...

i'm sure someone will chime in with better suggestions

RuSsMaN · April 2004

What OS?

Run regedit, see what value is the following key:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Start Page = ?

Cheers,
Russ

dylan · April 2004

Those browser helper objects/ spyware/ adware/ etc can get tricky. Take a look at
this page.

Uninstall

I usually don't trust the company's own uninstall routines, but it seems to have worked for others. Also for the future make sure to update Spybot and Ad-Aware so they can keep up.

pjdami · April 2004

Thanks for the help guys.

Yeah, I'm running a paid subscription of Norton Antivirus. Now live update isn't working.

What Russ said to do worked in removing the isearch homepage under start after running regedit. Good tip here. I've run regedit before but not too savy on its features.

I'm running Windows XP.

Then I realized that my IE tool bar was locked and that isearch had added a toolbar underneath the main ones and I couldn't turn it off.

I ran a program called Hijack This to look at the registry and delete anything with isearch in it.

Looks like so far so good. Thanks for the help again.

Now I need to figure out why Norton won't update.

pjdami · April 2004

p.s.

It's a damn shame that our country has come down to this type of chicanery. With all the knowhow these effers have on these spyware / adware crap and installing it unknowingly upon users you think they could spend there time more productively.

I hate those effers that do this crap! What a pain in the arse!

I firmly believe in having antivirus software. The amount of viruses Norton detects everyday in emails and such is unbelievable. Again these effers should be doing something productive.

pjdami · April 2004

dylan,

thanks for those links as well. I would have resorted to those had everything else failed. Holy crap though look at all the stuff one needs to delete!

nadams · April 2004

www.lavasoft.de

Download ad-aware and then run the updater for it. It works like a virus scanner. When it gets done scanning, right-click in one of the empty boxes and click on "select all". Hit next, and you're all cleaned up!

shack · April 2004

Originally posted by nadams
www.lavasoft.de

Download ad-aware and then run the updater for it. It works like a virus scanner. When it gets done scanning, right-click in one of the empty boxes and click on "select all". Hit next, and you're all cleaned up!

I think he has already done that.(I believe he just left out an "a" in the name).

Originally posted by pjdami
I already ran Sypbot and Adware which was no help.

I use Zone Alarm as a firewall and haven't had this happen in quite some time. If you don't have a good firewall installed...get one.

pjdami · April 2004

Yes, I did mispell Adaware. I ran it but didn't have it updated. Just did that.

I also have a firewall. Its the Netgear wireless router that I bought with the built in firewall. I also had a subscription to Norton Personal firewall but didn't renew it when I got the netgear.

Frieky thing is I don't ever remember clicking on "yes" to install this isearch crap. I'm very careful with popups.

Well. Everythings cool now though. Thanks again for the advice. Hopefully this will be a warning to others about Isearch and prevent any headaches and two hours of wasted time trying to get rid of it.

Strong Bad · April 2004

I also use Zone Alarm Pro at home. Works very well! I just purchased a new broadband router for home. The Linksys WRT54G. Has some good firewall items built in like NAT and SPI (Stateful Packet Inspection). Pretty much all home routers have NAT, but alot don't use SPI.

We use Zone Alarm at work for all our remote dialup and broadband users. I highly recommend it! We also use Pest Patrol to clean up all the nasty spyware. PP works much better than Adaware. Catches the spyware that Adaware didn't get.

As a sidenote, my boss showed me our email spam filter. 2/3 of our inbound email is spam. Last week we had about 40,000 inbound emails. About 28,000 were spam!

Spyware and Spam mail are WAY out of control! There need to be laws!

John

pjdami · April 2004

Spyware and Spam mail are WAY out of control! There need to be laws!

You are so correct there John. On a side note as well, the spam regular mail is out of control as well. I don't need any frieggin more credit card applications. What a waste of paper and trees.

Now, I have been pleasantly surprised by the success of the "do not call" national and local rosters that I have submitted. My number of telemarketing spam calls have gone down like 95%. I wish something would be done similarly for the email spam and mail spam. I think most Americans are just tired of it all.

Strong Bad · April 2004

Some of the spam we get is quite funny though. I love it when some of the women in the office start complaining...

"DAMN IT, I wish these people would get the hint that I don't have a ****!"

On a side note as well, the spam regular mail is out of control as well. I don't need any frieggin more credit card applications. What a waste of paper and trees.

You got it! I received about 6 of them this week alone in the mail. CRAZY!

John

PhantomOG · April 2004

actually I think the credit apps are preventable, just not really made that known.

i think they have to include information inside with them telling you how to write to the credit agencies and prevent credit card companies from sending you apps. i haven't done this, but my roommate has and he gets ZERO in the mail, i get 10-20 every week though.

pjdami · May 2004

We also use Pest Patrol to clean up all the nasty spyware.

John,

thanks for the tip on Pest Patrol. I remember using this product a couple of years ago when it was free. I downloaded the free version and it found 52 spyware / adware items that Spybot / Adaware did not catch. The trial version can detect the villans but not delete them. I went ahead and paid for a subscription to it and it has cleaned up my pc very well.

Another aggravating thing it eliminated was when I would send / receive from MS Outlook a vertical looking magnifying glass would pop up in the bottom right taskbar and then disappear when the emails were received. Now that I ran Pest Patrol this magnifying glass has disappered. Now I'm like has someone been spying on all of my emails?? Kind of pisses me off but looks like it is cleaned up now.

Thanks again and it is a good product. I like the cookie patrol too.
Paul

avelanchefan · May 2004

pjdami,

Sorry to say, and people may disagree but you should never have to pay for anti-virus software. It's advice I give to family and friends all of the time.

If you or anyone else in interested in one of the best FREE...and I mean absolutely free...anti-virus software go to http://www.grisoft.com/us/us_dwnl_free.php I run this program and have yet to have one virus slip past it. The only thing it does do every now and then is detect a virus that is not there. It actually detects microsfts system restore function. It is very strange but why it does that I have no clue. I found this by watching Tech TV, and Leo Laport was ripping the anti-virus fileds for charging people yearly subscriptions. Then he highly recommended the Grisoft software......have been happy ever since.

I also run Ad-Aware & SpyBot on top of this.

TN_Polk_Lover · May 2004

Here are a few suggestions:

If you run Windows NT, 2000, or XP you should always use a non administrative account to surf the web and do your normal everyday work. When you need to install a new program or do any maintenance like disk defrag or run Norton System Works or Norton Live Update, etc. , log in with your administrative account.

Somewhere on Microsoft's web site (some where in the TechNet section) I remember reading this about 5 or six years ago. I have done this every since and I have never had any problem with any problems like this. If you browse as a regular user, then any program that runs can't do any damage because Windows will not let it change the registry.

This is somewhat of a pain because you do have to log out and back in as an administrator when you do want to install a new legitimate program, but it sure can save you some headaches.

When browsing, a firewall won't necessarily protect you from these things because they use port 80. Port 80 has to be open in order for you to browse.

Also, increasing your security settings in Internet Explorer to a higher level can also help, even if you are browsing as an administrator. You can set everything to "prompt" and that will help you to know when something suspicious is trying to run a script. But then, you are constantly annoyed by all the prompts.

pjdami · May 2004

Thanks for the tips guys. I'll bookmark this post.

Here's the scoop with me. I don't have the time to keep up with technology and new viruses. I would rather pay my 30 bucks a year or whatever and let somebody else worry about that for me and provide me with the latest and greatest updats automatically. I believe in Norton Antivirus and it has caught many email viruses in the past couple of months. I'm pretty decent with computers and technology; but obviously not the best either.

When I'm on the computer my interests are in reading about audio, golf, football, etc. I don't really keep up with what the latest and best free software and such. It is nice to know that free software is out there though and I try to use that as much as I can as well.

Oh by the way, the magnifying glass thingy is back. I guess it is just part of Microsoft Outlook when one manually does send/receive.

Shizelbs · May 2004

Thanks TN Polk Luva. I hadn't heard that tip before, but it sure sounds like a great one.

avelanchefan · May 2004

pj,

I totally understand where you are coming from, but the grisoft program automatically updates the virus protection everytime a new version comes out.

Its as hands free as Norton or McCaffee.

Just food for thought. Something to think about when your year expires with Norton.

warviper · May 2004

How bout you stop going to all those **** sites.;)

Strong Bad · May 2004

TN_Polk_Lover:

Great tip. I'll go in and research that further. Sounds about right.

There may be a group policy to apply that could further prevent these changes to the registry by non-admin users. I'll check into that further.

Norton has been solid for me!

John

randomdestructn · May 2004

yeah that grisoft scanner works quite well. not quite as well as norton I find, but so close it isnt worth paying for norton. (sometimes i find grisoft a little slow to update stuff)

as a side note, with the spyware apps like that, sometimes when you go to download adaware, youll notice it downloads another program. Ive had several customers computers do that. i go to the adaware site, and click download, but notice another .exe comin down.. you have to be kinda tricky to get by it

(just get it from download.com or something) and itll fix it. It was also blocking my dads adaware from updating properly. it said it was doing it, but actually wasnt, so i just downloaded the update as a binary from download.com.

and on the note of all these programs and firewalls, etc. there is a much more efficient, cheaper, etc solution that everyone should look to. Its what i just did. Run linux. Mandrake 10 has gotten soooo easy to use, even your grandmother could use it. I mean, its actually easier than xp in a lot of ways. and none of this popup/virus/hacking/etc ****, and (almost) all programs are free!

its a beautiful world. lol.

anyway, just my 0.02

Brianomatic · May 2004

pjdami

Here is a way to prevent hijacking of your homepage:

Using Spybot (shareware):

http://www.safer-networking.org/

Click Start/Programs/Spybot - Search & Destroy/Spybot - S&D (advanced mode)

This brings up the advanced mode of spybot.

In the program, click on "Immunize"

At the bottom you'll see "Recommended Miscellaneous Protections"

Check the box for the three lock options.

Just remember, if you desired to make changes that you have to come back here and uncheck the boxes.

Brian

pjdami · May 2004

Thanks for that tip as well Brian. I'm really impressed with the computer knowlege on this forum. I have a confession to make actually. I was an avid Macintosh user up till about a couple of years ago. It made sense for me to get a Windows based PC since that is what I also have at work. I really liked my Mac though. Never had these kind of problems and ran ZERO virus software. Any trouble just replace the system folder with a back up copy .. drag and drop and I was good to go. Still miss that friendly broonnngg sound at bootup. Oh well.

I'm starting to use Mozilla as well since now I'm getting an error message "do want to continue to run scripts on this page? with IE" Active X problems I'm sure. I've learned a lot about windows in a couple of years. Reformated several hard drives and such. Partitioning, etc. Just some of these problems are frustrating when you are used to a Mac;)

I also realize that registry problems can obviously get by Norton. I'll also try that tip on admin / user settings to see if that helps.

Paul

Arrghh!! Homepage Hijacked again...

Comments