Attn. computer geeks: Browser Hijacking question

I tend to know my way around computers enough to do certain things, and I have taken care of pesky hijack scripts before. But this has cropped up a few times recently, with a couple co-workers and a friend down south.

For the two co-workers, I went over, deleted the "Hosts" file, deleted history, cookies and temp files, installed a safer browser, and told them to stop using Internet Explorer and stay away from porn sites. The first time was a piece of cake. The second one was like playing whack-a-mole, since even after installing the program Hijack Blaster and doing all of these, the weird search engines kept coming back. My solution was to set the startup page to Yahoo, start a new 'hosts' file, and mark it "Read Only". I hope it works.

Now my friend down south has the same problem. Tons of pop-ups, redirects, and porn up the wazoo. She can't get rid of it. I am sending her an email with simple as possible instructions on how to get rid of them. This will include:

-- A DL link to a decent, secure browser (Although I like Mozilla Firebird, I think Avant might be easier for computer novices).

-- Instructions for clearing out history, cache, cookies, temp files, etc.

-- How to find and delete the 'HOSTS' file.

-- WIndows Update to stay current on security flaws.

-- AdAware and Spybot to boot spyware scum (added on edit)

Is there an easier way? I'm doing this over email, since I obviously cant' fly down there. Keep in mind, she is by no means a computer expert.

Any freeware programs to recommend? Thanks in advance.

Can you pass it along?

Browser hijackers are not viruses. Therefore, Norton AV won't pick it up, and the firewall may or may not either. Hijackers are scripts that change the 'HOSTS' file (which designates your startup page). Therefore, it becomes difficult to change through 'Internet Options'. You actually need to delete the 'HOSTS' file and make a few registry tweaks. It is usually located here on your hard drive:

C:\WINDOWS\system32\drivers\etc\hosts

Google "Browser Hijack". There is tons of information, but a bit overwhelming for the computer novice, which is what I'm seeking out for my friend (I have no problem with this stuff, but I'll probably blow her away with this stuff).

You can find these programs by googling as well. I highly recommend Avant Browser or Mozilla FIrebird instead of that piece of garbage Internet Explorer, which allows just about anything to attack your computer.

Visit Windows Update often, for when Microsoft actually addresses this problem.

And keep a good antivirus/firewall program on hand (I like Norton Internet Security).

And don't forget AdAware and Spybot to get rid of the spyware.

http://www.javacoolsoftware.com/spywareblaster.html
http://www.wilderssecurity.net/spywareguard.html
http://www.safer-networking.org/- this is Spybot Search and Destroy..best free spyware program I've ever used!
http://www.lavasoftusa.com/ - this is ad aware, both free and commercial..use it in conjunction with spybot

also, this site is extremely helpful for all windows users: http://www.annoyances.org/exec/forum/winxp

I had the same problem a few months back. 430 porn windows kept opening up. I couldn't alt F4 them fast enough. Mrs. bearfan thought I was looking at porno again. Why would she think that ? Hmmmmmmmm. But I did download a very useful tool for free. It is here:

http://www.lavasoftusa.com

It is adaware. You can customize it to run at start up every time. I also installed a free firewall. It is great. There were hundreds of people on Roadrunner using my computer as a server. The free firewall is here :

http://www.zonealarm.com

I hope this helps.................bearfan454

It's a script written to your "HOSTS' file. This needs to be deleted, or the spyware will keep coming back.

AdAware and Spybot will help, but it is the last step.

I'm not real good on the computer.

http://www.webmasterworld.com/forum16/1129.htm

This might help you with the hosts file thing

Here's my advice that I am sending her. I made it as simple as possible to understand. She also claims that her system is running very slow, so I tacked on some info about how to clean up her system (didn't get too intricate, since she is a novice). Again, this is the simple computer illiterate approach:

Step #1

Disconnect your computer from the internet.

Step #2

Click on "Start" bar at bottom left of the screen. Select "Search". On prompt, type in "Hosts" for file to look for.
When it pops up, right click on file, called simply "HOSTS" (no extension). From menu, select 'delete'.

The file is located here on your system (if you're running XP):

C:\WINDOWS\system32\drivers\etc\hosts


Step #3

Open Internet Explorer. Click "Tools" on the top of the page. A menu will drop down. Select "Internet Options". Change home page to one of your choice (I suggest http://www.yahoo.com). Next, delete all temporary internet files (butttons are "Delete Cookies" and "Delete Files").

Next, select "Delete History". Close out by clicking "X" at top right.

You can reconnect now.

Step #4

Download this alternative browser:

http://www.avantbrowser.com/download.html

This will block pop-up advertising. Do not use Internet Explorer (Microsoft's browser). There are too many flaws in it.

Download into "My Downloads" folder. Open "My Computer", then "C" drive, then "My Downloads" to access. Will be labeled as "absetup". Click on this and follow the installation wizard. Add shortcuts to your desktop and start menu for convenience (it will give you this option). You want to make this your default browser upon prompt.

After installation, some windows will pop up when you open the browser (showing on your desktop as a big blue "A"). You can disable these by clicking the box on the lower left of the message (something like 'Don't display this message'). This will make it a little less annoying.


Step #5

Now you have a new browser, and your pop-ups will be under control. Download this file: http://www.definitivesolutions.com/files/bhodmon1.zip and refer to the page that is enclosed. This is a zipped file, so you may need WinZip to access it. Get it here: http://www.winzip.com . Run through the Unzip wizard and place files in the folder marked "Program Files". Go to the "Program Files" on your C Drive and click on the icon for the program (BHDemon). with this program, you can enable and disable anything that tries to load itself when
you open your browser. Enable "Yahoo" and any programs such as your antivirus. If you see weird search engines ('ok-search', etc. or anything that looks like a suspicious web link, highlight it by clicking on it, then hitting the "details" button on the right. You can disable and enable from here.


Step #6

Go to Windows Update:

http://v4.windowsupdate.microsoft.com/en/default.asp and scan for updates. download updates under "Critical Updates and Service Packs" You may also want to take a look at the other ones as well. This may take a while, especially on a dial-up connection. Upon competion, it will prompt you to shut your system down, do this IMMEDIATELY. Select "restart" option. Go to Windows Update every two weeks or so.

From here, you should be fine.

Following this, you may need to get rid of spyware that is lurking on your system, which bogs down your system. I recommend two programs:

http://www.safer-networking.org/- Spybot Search and Destroy
http://www.lavasoftusa.com/ - AdAware

Download as before, install, and run. The processes take a few minutes. Afterward, click on all the boxes of stuff that come up (there may be a lot of them).

The Next Step.....

Clean out your temp files. This will speed up your system immensely. First step: Click on "Start" on the bottom right of your screen. In XP, this should be labeled as 'All Programs'. In other versions, it will be labeled as "Programs". A menu will pop up. Go to "Accessories". Another menu pops up. Go to "System Tools" and "Disk Cleanup". Hit "OK" on the box to clean Drive C. This may take a few minutes. A box will pop up. Click on the square to the left of "Temporary Internet Files" and "Downloaded Program Files" in the window. You can also empty the recycle bin from here, if you wish. Hit "OK". This will take a few minutes. Will prompt a box. Hit "yes".

To do a thorough cleaning of temp files, go to "Search" like before. in the "All files and folders" box, type in this: "*.tmp" (don't forget the asterisk (*)). Upon completion, go to the toolbar at the top of the window. Drop down the "Edit" menu. Click "Select All". Press the delete button. Note: All files may or may not delete. Delete what you can. Also, any AOL Instant Messenger files
show up as "temp" files. If you want to save these, instead of the "Select All" feature, you can hold down the right button of your mouse and drag a shaded square over all the files you want to delete. Click "Delete" as before.

After all this, you want to defragment your hard drive. This will organize everything so it all runs faster. Click on "Start" on the bottom right of your screen. In XP, this should be labeled as 'All Programs'. In other versions, it will be labeled as "Programs". A menu will pop up. Go to "Accessories". Another menu pops up. Go to "System Tools" and "Disk Defragmenter". Run through this operation (in XP, you press the "analyze" button, then "Defragment". Note: This takes a while to do (sometimes 1-4 hours, depending on your system. Do this when you don't plan to
be on it for awhile.

Finally, you may want to go to this site and bookmark it: http://www.pcpitstop.com . This is a complete diagnostics site with useful information and advice. The site will offer to download a temporary program to your computer that will put your unit through some rigorous tests. Do it. Upon completion, it will ask for your connection information, then offer to install "Go2MyPC" or something like that. Decline this - it is a useless program for your needs. The next screen displays the results.

I agree it's a great program, but it is just a front-end for IE. I'm not convinced that IE's vulnerabilities aren't still there when you're using Avant.

I agree that Firebird is more secure, but with Avant, you have the option of switching off pop-ups, ActiveX, scripting, and Java applets. It is based on IE, but it is a little more secure. Avant is a little more familiar to novices used to IE, and requires minimal changes to accomodate. It is mostly an improved-upon IE (which hasn't seen an update in over TWO years - way to stay on top of things, Microsoft!)

But you are only as safe as your settings and firewall. Norton Internet Security is good at detecting anyone tampering with your system. And it is important to set your security settings to block out crap you don't want.

I used to use Avant, but I wised up and switched to Mozilla a few months ago.