Help getting rid of browser hijacker

[MGMorden]

I've somehow got a browser hijacker on my system that keeps putting the following links on my desktop:

Diet Pills
Play Online

It also keeps setting my homepage to www.quicksearchgenealogy.com and occasionally it'll try to open up some page as a popup w/ a URL being payoutpal.com (my firewall has got this blocked so it never gets out to show the page).

Anyways, I've scanned w/ Adaware, Spybot, and Spy Sweeper, yet every few hours these shortcuts are back. McAfee Virusscan also didn't/isn't picking it up as a virus, and I'm stumped. Anybody got any idea on how to get rid of this blasted annoyance?

PS I'm running Windows XP w/ IE 6.0.

 

[Doomer]

when one of my clients pick up this kind of garbage I don't even try to get rid of it. I just reinstall the OS and charge them out the ying yang. They are far less likely to pick it up again when they have to pay dearly to get rid of it.

First place I'd look is in the registry. Anything loading that shouldn't be? How about startup group? Win INI? If it just started, maybe system restore can kill it.

 

[MGMorden]

I've already gotten rid of it. After some research I found out it was a variant of a hijacker called CoolWebSearch. Removal info and program is here:

http://www.spywareinfo.com/~merijn/cwschronicles.html


It also had replaced notepad with a hacked Microsoft MediaLoad. After deleted the afflicted notepad.exe windows automagically replaced with the correct one.

 

[Abzstrak]

sound like maybe you didn't update spybot properly, I've removed this one with it before.

 

[Bucksnort]

Spybot also has option to lock your home page plus 2 other options with it, use all 3. They are on the immunize screen at bottom.

 

[21stHermit]

MGMorden,

Thank you for this post. Several days ago I came to the OS Forum expecting to post a question similiar to yours. After reading your problem and solution, I downloaded CWSshredder, unZipped it, and problem gone . . . awesome!!!

My IE highjacker was hand-book.com, it installed itself to my home page plus added several items to favorites. The darn thing only did this ~ every 4th boot. It also made the video very erratic.

:beer:

 

[rnmcd]

Originally posted by: 21stHermit
MGMorden,

Thank you for this post. Several days ago I came to the OS Forum expecting to post a question similiar to yours. After reading your problem and solution, I downloaded CWSshredder, unZipped it, and problem gone . . . awesome!!!

My IE highjacker was hand-book.com, it installed itself to my home page plus added several items to favorites. The darn thing only did this ~ every 4th boot. It also made the video very erratic.

:beer:

21stHermit, how did you know that CWSshredder would eliminate hand-book.com. I didn't see it specifically referred to on the site linked to above.

I am getting hijacked by lookfor.cc and it is also giving me some pop-ups I have never had before.

Thanks.

 

[Deleted member 4644]

FUSK these people. I really, truly hate them

 

[pitupepito2000]

make yourself a favor and get rid of IE instead use http://www.mozilla.org/products/firebird/

 

[drag]

Originally posted by: pitupepito2000
make yourself a favor and get rid of IE instead use http://www.mozilla.org/products/firebird/

Seriously. IE is full of more bugs then any other peice of software that I've ever seen before, and it's getting worse. Mozilla/MozillaFirebird may not run quite as well in windows as it does in linux, but it's so much freaking nicer.

When I sit at home, I just surf around with Mozilla on my linux machine. No pop-ups, no spyware, no nothing. The tabs work great and make it easier to navigate webpages. And all sorts of nice little things.

When I go to my parents house and hop on the XP I go to the same webpages. The most horrible things pop up, pages I visit that had pop-ups, and I had no idea. All of a sudden I am reading something and 3-4 pop-ups appear from no were. WTF? Some alt-f4's and they are all gone, but when I press next or on a link, it's all over again.

Very frustrating and irritating. Then I start getting pop-ups that I know did NOT come from the pages that I am visiting. So I update the virus scanner and adaware, and a couple hours later I clean up some trackers and bogus registery enteries, the problem goes down quite a bit, but I know there still is something weird.

Mozilla may take longer to start up, but once it's all loaded it is pretty quick. Some pages bog down in Mozilla that run fast in IE, but the reverse is also true. My dad does fantasy football stuff and the page he visited bogged the machine down, but on the spare linux computer "the old computer" worked fine on the same page (pentium4 1.8ghz 512megs vs 800mhz pentium 128megs)

Plus if you need to visit a site with shockwave stuff, you can always use IE. Then that should clear up most those issues with trackers and spyware and crap like that.

 

[RandalLovelace]

Just a note about dumping IE, check with your ISP and make sure they support whatever your changing to...

for an example: If you are on AOL, Juno, Netzero, Brighthouse, you have to have IE. (not to mention have to Windows)

I am about to change ISP's because of this (can't get online with my Linux due to Netscape navigator not supported on Netzero)..

 

[Frightcrawler]

not really, he can just keep IE and browse using mozilla like i do.
its good because if theres a page mozilla cant open, i launch up IE. it also prevents any compatability issues. (like when using Windows Update)

 

[Kappo]

Originally posted by: Frightcrawler
not really, he can just keep IE and browse using mozilla like i do. its good because if theres a page mozilla cant open, i launch up IE. it also prevents any compatability issues. (like when using Windows Update)

MOST spyware is installed either by installing a program that includes it in the "bundle" (ie, divX pro w/Gain) or by clicking YES to install a plugin.

I do a ton of research for things and wind up at some very...ummmm...interesting sites. Amazing that I never have issues with spyware (unless I let someone else use my machine). I installed the google toolbar for popups and to fill out forms. I never see pop-ups and I never get spyware installed. I do not use an automatic virus protection to scan everything I download, and I never get a virus. The only thing I do is make sure my machine is updated.

You may also want to consider how ActiveX will (not) work in Firebird. They are working on that...but as of now, I do not think it works. And no, I am not going to open a new browser when I want to look at something with shockwave content. Or when I want to run windows update. Or when I want to look at my corporate website. Or if I want to take a virtual tour...I could think of more, as well.

PS- why do people thing tabbed browsing is SOOO neat? I have tons of tabs down on my start bar.

 

[Kappo]

Originally posted by: Frightcrawler
not really, he can just keep IE and browse using mozilla like i do. its good because if theres a page mozilla cant open, i launch up IE. it also prevents any compatability issues. (like when using Windows Update)

MOST spyware is installed either by installing a program that includes it in the "bundle" (ie, divX pro w/Gain) or by clicking YES to install a plugin.

I do a ton of research for things and wind up at some very...ummmm...interesting sites. Amazing that I never have issues with spyware (unless I let someone else use my machine). I installed the google toolbar for popups and to fill out forms. I never see pop-ups and I never get spyware installed. I do not use an automatic virus protection to scan everything I download, and I never get a virus. The only thing I do is make sure my machine is updated.

You may also want to consider how ActiveX will (not) work in Firebird. They are working on that...but as of now, I do not think it works. And no, I am not going to open a new browser when I want to look at something with shockwave content. Or when I want to run windows update. Or when I want to look at my corporate website. Or if I want to take a virtual tour...I could think of more, as well.

PS- why do people thing tabbed browsing is SOOO neat? I have tons of tabs down on my start bar.

 

[smp]

Originally posted by: Kappo

Originally posted by: Frightcrawler not really, he can just keep IE and browse using mozilla like i do. its good because if theres a page mozilla cant open, i launch up IE. it also prevents any compatability issues. (like when using Windows Update)

MOST spyware is installed either by installing a program that includes it in the "bundle" (ie, divX pro w/Gain) or by clicking YES to install a plugin. I do a ton of research for things and wind up at some very...ummmm...interesting sites. Amazing that I never have issues with spyware (unless I let someone else use my machine). I installed the google toolbar for popups and to fill out forms. I never see pop-ups and I never get spyware installed. I do not use an automatic virus protection to scan everything I download, and I never get a virus. The only thing I do is make sure my machine is updated. You may also want to consider how ActiveX will (not) work in Firebird. They are working on that...but as of now, I do not think it works. And no, I am not going to open a new browser when I want to look at something with shockwave content. Or when I want to run windows update. Or when I want to look at my corporate website. Or if I want to take a virtual tour...I could think of more, as well. PS- why do people thing tabbed browsing is SOOO neat? I have tons of tabs down on my start bar.

I have moz and IE open right now.
I like tabbed browsing because I already have other things (other than browser windows) clogging up my taskbar, I don't need more browser windows down there when I have a terminal, SSH, photoshop, messenger , and other garbage all taking up space.
If you don't like it, no one is forcing you to use it. Mozzila was a suggestion, the posters problem is pretty much why I use it on windows.

 

[drag]

PS- why do people thing tabbed browsing is SOOO neat? I have tons of tabs down on my start bar.

Because it's better. You have a list of all the pages you have open in one window. You can open new windows and pop ups in new tabs and no matter how many you have open you can minimalize and open them all at the same time.

It's nice to mutlitask, you can be writing a paper or reconfiguring a server or something and not have to wrestle with 30 windows. You get it down to 5-6 easily.

Makes it much easier to manage them then having a dozen individual windows open. Some people like tabs, some people don't. People who say that they like tabs actually do have a good reason. People who don't like them generally don't use them.

Or if your like me you don't like a taskbar clutering up everything. I don't like giving up the screen realstate up to a extra bar that has a long list of all the crap I got open. I like mac style stuff were I have a little button that I press to select which app I want to go to. I like to have a bunch of shortcut buttons and a couple applets on a bar, and I'd have to open up a new bar to put a task bar on it to be usefull.

What is especially good is when you combine tabs with stuff like mouse gestures. (ever play the game "Black & White"?) That way you can be uber-lazy. Since you end up using the mouse alot when scrolling around and stuff you can move from tab to tab, open links in background, close windows, maximize windows just buy flipping your mouse around.

But whatever. If you like a browser that hasn't improved any for the past 5 years or so, then that's fine. I suppose you like what your used to.

 

[21stHermit]

rnmcd

I didn't know it would work, only that the general characteristics were similiar. So what the hey. Good Luck getting rid of yours.