RE: &*&*&#@$!$@&XXX BROWSER HIJACKERS

[trackdancer]

OK - I am REALLY ANNOYED by a Search Engine company called Sir Search who somehow managed to hijack my browser and become my default Search Engine.

This kind of practice is REALLY ANNOYING as I am perfectly competent enough to select my own search engine.

Does anyone know how I can reset my default Search Engine to Google? I have their toolbar and there is an option there to set them as my default, but Sir Search has managed to be something on my system that overides that and any other options I choose. And . it I cannot for the life of me find the offending code.

Does anyone know of a fix?

[Christopher125]

Hi

I've recently had the same problem with a search engine trying to be my homepage, and it dosen't matter how many times I reset it, it would change again. Just look around the 'net for some programs that will look for this kind of thing and remove it; I'm sure there are ones.

Chris

[trackdancer]

Yup, thanks ... I think I found a solution. If it works, I will detail it here for everyone's benefit.

In the interim I am forming a lynch mob ... those interested in "tarring and feathering" the culprits please sign up.

[Lad491]

generally this sort of stuff makes registry entry changes so that even if you change it once it will default back when you boot up the next time. If you are happy editing the registry run regedit and search for and delete all references to the name being shown on the browser. Its a common problem with downloaders like Bonzi Buddy and Gator and several others.

Be very, very careful though and dont attempt the above unless you have experience in registry editing since if you make a mistake it is possible to shaft the whole PC.

[Hymek]

The last one i had saved a webpage in my windows directory as hp.html. so i decided to save http://www.wnxx.com over the top, that actually worked

so try looking in your windows directory for the intruding webpage and if you find it save uktrainsim over the top of it or something similar

[nwallace]

IF you want to have a look at whats Hijacking your browsers try and grab a utility called Hijackthis it shows you a list of what plug ins are in IE and the irritating ones tend to jump out at you from it. Used this to help a friend get rid of a tool bar that appeared on her IE and just wouldn't leave.

[numnutz]

Try a program called Adaware http://www.lavasoftusa.com/ its free and if you run once in a while gets rid of stuff like adds and data miner cookies etc.

There are others but that is the one I use / remember

[buffy500]

I had one until just recently.

All it had done was add millions of entries into 'hosts' file, and every search engine had an entry which pointed it to the same IP.

[thenudehamster]

Try a program called Adaware http://www.lavasoftusa.com/ its free and if you run once in a while gets rid of stuff like adds and data miner cookies etc.

There are others but that is the one I use / remember

Adaware is wonderful, but it's from http://www.lavasoft.de The other Lavasoft are a commercial software firm doing something else entirely, though I've heard they have a link to the lavasoft.de site on their page.

[kyle14uk]

I had the same problem too.

Try using HijackThis from http://www.spywareinfo.com/~merijn/downloads.html

It sorted mine out ok

[numnutz]

There is also a hosts file available here:
http://www.mvps.org/winhelp2002/hosts.htm

just follow instructions

A usefull tip is when you have it working as you like, write protect the file this will hopefully prevent it being altered by malaware.

Also be carefull where you visit on the net as disreputable sites can upload almost anything they want to your computer, so if you have "unusual tastes" just up the privacy settings on your browser a few notches. That is what they are there for.

[mikey2001]

There is an easy solution to solve this problem....don't use Internet Explorer. Try and different browser instead and all your problems will be solved.

[b101uk]

the "win.ini" file can be used for homepage hijacking (win 9x)
useing load= and/or run=

[windows]
load=
run=

by defualt thay are blank as above.

[trackdancer]

Thank you all for the kind advice. I did find the offending program and shredded it. Now all that remains is for me to fix the registry (the program of course did not have an uninstall function).

I run behind a firewall, anti virus and spyware shield as I have a broadband connection. Just very surprised that it even got through all of those on my machine.

Most important thing though is that they are gone and although my browser is slightly handicapped it's no biggy as I usually search from the Googlebar which I have found very useful for my needs.

Cheers:

[thenudehamster]

I run behind a firewall, anti virus and spyware shield as I have a broadband connection. Just very surprised that it even got through all of those on my machine.

Cheers:

I'm not certain, but I believe most of these 'spyware' things get installed by piggy-backing on a pop-up - at least that's my impression, so firewalls and anti-virus don't always trap them. Browser changing can be effective; I use Opera which has a buit-in customisable pop-up blocker and that traps most things, but I still use AdAware on a regular basis.