Homepage Probs

[doit]

When I logon to internet, my homepage has changed to "Search For" Has anyone else had anything like this happen. any ideas. This started happening a few days ago for no reason. No new programs have been added, or updated. Apart from Anti-Virus.

Any ideas would be welcome. Thanks

Am running:

Win XP
IE6
B/Band
Norton Internet Security/Anti-Virus (up-dated automatically)

 

[Igorian]

Probably becoming one of the most common calls that I get these days.

You have either been hijacked by a site you visited or some spyware has been 'secretly' installed (usually with shareware or filesharing apps).

Any of these should help:

Spysweeper (www.spysweeper.com)
spyassasin (www.spyassasin.com)
ad-aware (www.lavasoftusa.com/software/adaware/)

A general Internet search for spyware will find countless others.

These work with varying success, but will remove most of it. Some will allow you to 'lock' your homepage setting or warn you when something is trying to change it. They can also continuously monitor your system in the same way as an anti-virus app.

You will probably be surprised by how much stuff they will find on your machine!

 

[Igorian]

P.S.

I personally think NIS sux! (Just an opinion tho.)

 

[doit]

I personally think NIS sux! (Just an opinion tho.)

On the most part I agree, but the Firewall is OK. Has stopped a few possible probs.

Spysweeper is Ace, would recommend to all. Prob now sorted.

Thanks "Igorian"

 

[pipme]

Hi,

Some browser home page hi-jackings prevalent at this time.

Go take a look around :- http://www.net-integration.net and

http://www.wilderssecurity.com

Some good work being carried out there ... Need to read through.

Luck,
P

 

[Metric]

cwshredder is what you need.

 

[AdamW]

The worst one of these programmes I have heard of was a hijack that replaced your default internet connection with a different ISP, on a premium rate number. Lots of people got caught out, didn't realise until they got the phone bill.

Yet another reason to have broadband

 

[Dragonrider]

I had one which intercepted my search engine choice! previously, if I mistyped an URL, I would go to either MSN search or Google search. Suddenly I was visiting a strange page with loads of dubious links.

Could NOT get rid of it, now matter what I tried, then finally saw in the very small print at the bottom of the page, Uninstall. Clicked and downloaded a small prog, couldn't do that much more damage I thought, double clicked and, stopping it accessing the net, it removed the link to this weird search engine.

Still don't know how it got on in the first place though Sophos AV and Zone Alarm Pro, AdAware etc etc etc

 

[pipme]

Hi,
Here, find the gen on a recent hi-jack.
Not necessarily your particular one.

http://forums.net-integration.net/index.php?showtopic=13515
A tool has been developed within this forum to at least stop the hi-jack subject above. (other good maintenance tools available here)
Quite a big read ... but if you have suffered from the same malware ... beware of 'un-installer' offered by the interloper ... could be reinfecting with something more sinister. ... after all, why infect then offer disinfect ?

The Hi-jack possibly came in through one of the recently plugged M$ vulnerabilities, in that way perhaps looked like genuine code... Get those windows updates from MS installed !! etc etc.

P

 

[Igorian]

On a similar subject to uninstallers, it should be noted that if you receive some spam with a link described as 'unsubscribe', do not click on it. They generally unsubscribe you from nothing, but they will alert the sender that your email address is genuine and so they can spam you some more.

 

[AdamW]

You know what, I wonder about the whole "receipts" system. Anyone who uses MS Outlook will no doubt be familiar with the option to get receipts to let you know when the person receives the e-mail, when they read it and what their response is to a voting/meeting request.

Even if it is proprietary MS code then no doubt someone could still spam via a macro running through Outlook, then use another macro to sort the receipt responses out and choose the genuine addresses, even better the ones that get read.

 

[aussie1]

some sites you surf can do this,install firewall.

 

[pipme]

Oz,
Back a while just before the most recent M$ security up dates, My machine was hit for the first time ever in years of using .... up to date V.check, Firewall ... Adaware 6 updated etc etc
Suddenly my home browser page was hi-jacked .... took some hunting down, used other security / computing forums as I have posted here previously.
The hi-jack apparently, had made use of the very security holes which the forthcoming up-dates were to plug.
Eventually cleaned out.
The M$ up-dates by the way, prevent not cure.
Beleive me you need 'em !!

Edit :- Aw sh-t already said this !! Sorry.
P