Malware

Brent Dowell

Administrator
Staff member
Messages
15,082
Location
Reno NV
Here's a copy of a post I made in another thread about malware, hijacked browsers, etc.

Feel free to add any recommendations.

-------------------------------------------------
Before I start, Let me issue some cautions,


  • NEVER click on those popups that you may get from time to time that offer to 'fix your pc' or 'make it faster' or anything.
  • NEVER pay someone you don't know to fix your PC. Maybe you have a guy that you take you pc to. Or maybe it's your pc vendors support team. Or maybe it's your companies IT department. Those are fine, but if it's a link you clicked on from some company on the internet, well, you are probably going to get taken for a ride.

Browser hijacking can be one of the most irritating things to happen since for a lot of us, browsing the web is one of the main things we do.

Browser hijacking can vary from simply having your default search provider changed and strange tool bars added to your browser to a full fledge hijack that will add links and modify links in web pages.

Most of the time you get these types of things are directly due to something you have either installed or clicked on. The people that make these tools are very adept at social engineering to trick you into installing their malware. There are a lot of installer programs out that that will directly change your default browsers default search engine. They even tell you about it during the install, but you have to specifically tell them NOT to change your settings. It's a slimy practice.

The first step is to make sure you have a good set of anti virus/malware tools.

These are the ones that I use. All of them have a free version that works fine. There are a lot of other good ones out there too, these just happen to be the ones I use. I have not (knock on wood) had any real trouble with a virus in many years. (I hate that I just said that, well, because guess what will happen next). Use these, or things like these before you do anything else. Malwarebytes and the windows Malicious software remove

1) Anti Virus Software. I use AVG free and it's worked fine. But there are a lot of other good ones out there. AVG is one of those programs that will try to change your default search and add a toolbar. I hate that and do not let it do that. If you install this pay attention and read the screens while you install to make sure you do not let it add the toolbar or change your default search.
2) Malwarebytes
3) Spybot Search and Destroy Free Edition
4) Windows Malicious Software Removal

Fixing a hijacked browser can be a whole nother issue. They can be nasty to remove, but it generally is possible. It will usually require digging around on the internet and finding some registry entries to change. It's actually hard to find

First off, you need to go into your extensions/plugins and make sure to remove anything you did not install.

Chrome - http://www.chromeplugins.org/google/plugins-troubleshooting/how-can-i-remove-plugin-7780.html
Firefox - http://support.mozilla.org/en-US/kb/disable-or-remove-add-ons


Here are some links on how to fix a hijacked browser.
Internet Explorer - http://www.microsoft.com/security/pc-security/browser-hijacking.aspx
An interesting article on how one person solved their issue.http://www.softwaretestingtricks.com/2009/08/fix-mywebsearch-hijacked-firefox.html
An article on what to do if Chrome is hijacked http://support.google.com/chrome/bin/answer.py?hl=en&answer=2765944


Good luck, and you have my sympathy.
 

Sharon Wertz

Member
Messages
11
Location
Phoenix, AZ
currently there are a bunch of "text enhanced ads" going around. Usually they download with something else...a game, screensaver, font, etc. When a certain word appears in ANY website, it turns into a link to a website, usually selling something. You have to go into control panel and remove the base program, then go into your browser and remove the add-ins it puts into Internet Explorer, Firefox or Chrome. Do a google search for "remove text enhanced ads" for instructions for removing it from your system. There are several good websites out there with step by step instructions.
 
Top