Last night I spent some time browsing the internet looking at this that and the other thing (nope no porn) random popups make there way onto my screen and those little yes no boxes to download some program that you really don't need... From what I have found sometimes saying no just doesn't cut it.

Last night I had my browser taken away from me and filled with what seems to be more like terroristic advertizing!!

Honestly throught all the years that I have been online I have never seen anything like it. It switches your home page to some site that offers to sell you an ad ware cleaner... then it opens up note pad telling you that hackers have control of your computer...once that is out of the way your cd-rom opens up with another message telling you that they are the ones that did it.... Finaly to top it all off it takes you to another site where you are told you "URGENTLY" need to download there product to make it stop.

By all accounts the programs site looks professional and chances are it is its called "spy wiper" and they tell you for only $29.95 you never have to look at a popup or ever be subject to hijacking again.

I found there trick. Its a CGI scrip that runs you and your computer everywhere but where you want to be. There is a way to browes around it but its to much of a pain to live with.

For those people who are not what we would call "computer literate" would probably fall for it or end up spending needlessly on tech support to disable something so simple. When all it takes is going into internet options and resetting your home page.

I don't know what angers me more. The fact that they are trying to scare me into spending my money or the fact that they are getting away with it.

I WANT IT TO STOP!

For those of you who have been victim to such tactics my sympathy goes out to you. And for those of you who have had your money taken I see a class action suit in the future.

I will get down off the soap box that I stole from wenwilder while she wasn't looking and go about my marry little way.

Czar

http://security.kolla.de/ download spybot search & destroy.

on the immunization part of the page it has an option to block all bad pages. Also you can add the option to lock your homepage from change.(this is found when running the advanced version)

You can also try ad-aware. http://www.lavasoftusa.com it's more userfriendly but I don't think the free version has constant monitoring though.

Hi Czar
If you are in canada try the sympatico firewall...had the same problem as you once. I restored completely and hooked up with the firewall. Never a problem or popup ad since. Also try downloading cleanup3.0 from the web. Its a great little program and you can use it every time before you shut down for the night. It cleans up your machine for you. Good luck to you.
Audrey

Hi Czar
If you are in canada try the sympatico firewall...had the same problem as you once. I restored completely and hooked up with the firewall. Never a problem or popup ad since. Also try downloading cleanup3.0 from the web. Its a great little program and you can use it every time before you shut down for the night. It cleans up your machine for you. Good luck to you.
Audrey

I feel your pain! Only when this happened to me, it reset my home page, my search page, everything about IE -- (maybe using it was my first mistake?) only it showed no outward signs on this usage (pop-ups, the click yes to download crap only)

then, when I opened up IE the next time, I noticed it. Then, everything went to crap - It loaded a script that then loaded spyware, that then loaded a keylogger, that then loaded a backdoor trojan, that then bogged my system to a halt.

Virus from a web page just like that --

I use adware 6 professional, Norton and I have them set to stop everything, I have a pop-up blocker and sit behind a firewall now.

I wish there was someway to stop this kind of thing. I used to get this stuff and have Norton and ad aware and so far since ( knock on wood ) have not had a problem since. I also get these email that automatically open a window and when you close one it opens another and just spiders. Since I installed the firewall, pop up blocker and other items it seems to have blocked most of it. I wish I could find a good spam blocker for all the emails. Good luck and if you need signatures or other support to get the cause started to block this crap I am on board.

Czar,

What is the website?
I want to test something.

thanks,
dave

download spybot search & destroy.

Bingo! It's done wonders to get rid of all the crap that my kids have accidentally installed on our computers.

Hi, I recommend you install four free programs that will protect you.

Adaware
SpyBot Search & Destroy
SpywareBlaster
Sygate Personal Firewall

Together they give you a very good protection against this kind of horrible BS.

Panic Ware Surfpal will kill the pop ups.

Trojan shield will protect you from scans.

The cherry on the cake is to have Norton System Works (it will prevent "bad" script from executing.

I wouldn't go online without all this
Enjoy safe surfing.

The obvious source for this is most likely you clicked on a pop-up. It's easy to do. First, a firewall may or may not stop such a program. After all, you clicked on it. How is the firewall to know that you don't want the program? You can't leave these things to automation alone.

A good defense is first a pop-up blocker. I like the one with Google's toolbar. You may not, as it does supply Google with some of your browsing habits, albeit anonymously. Some will find their way through most any blocker. Next, takes a human step. When you see a pop-up, do not have a knee-jerk reaction to just close it from the pop-up window. Go to the system tray, right-click and close. Some are tricky and won't appear there or won't close. If you're not sure, it's best to kill the process. That's right, go to the task manager and end the program. You will lose all windows associated with that process, but that's better than getting stuck with a Trojan Horse.

I also recommend AdAware. It's free and will clean your system of these little gremlins. Anti-virus software will generally not detect many of them as viruses. Good luck.

DrTandem1,

In my case, I know I didn't click on the pop-up, and on the file download security warning clicked no, which then opened up another few pop-ups, and I believe it was one of these that hijacked the browser settings.

Then the home page it set my browser to is where the script loaded the virus/keylogger.

And you are right, a firewall may or may not protect this as your system is requesting that page, and all that is on it.[/u]

Per chance if you get one of these adware/spyware bots. The first thing I have my customers do with XP is go to start -> all programs -> accessories -> system tools -> system restore and roll back a day or two. then I send them to google and search on spyware. because of company policy I can't name any programs. oh well.

Well, since I don't have to worry about company policy, here they are - both freeware:

Ad-Aware (http://www.lavasoftusa.com)
Spybot Search & Destroy (http://security.kolla.de/)

DrTandem1,

In my case, I know I didn't click on the pop-up, and on the file download security warning clicked no, which then opened up another few pop-ups, and I believe it was one of these that hijacked the browser settings.


I'll bet it was actually "clicking no on the file download security warning" that caused the problem because you probably weren't seeing a true download security warning, but part of their nasty little program. Dr. Tandem's advice is correct...do not make any assumption about what you are seeing and click on it. Instead, go to the system tray, right-click and close.

I wish I could remeber the site, it was a news source, from Google news.

The advertising was the page the news story was the pop-up. Clever trick, since you got the ads and had to kill the pop-up protection to get the story.

I guess if your newspaper your primary purpose is to advertise, then report the news.

This type of advertising technique says a lot about the company that came up with it. They are obviously trying to demonstrate a point; that it is easy enough for hackers to get control of your computer. What they are doing should be illegal.

I too have to run Ad-Aware and Spy Bot and NAV just to use the internet, but we shouldn't have to. It's bad enough that there are malicious people out there that get their jollies by annonymously messing with people's computers. We don't need "advertising terrorism" making it any worse.

Who are these people? I'd like to pay them a visit.

http://www.netrn.net/spywareblog/ check it out because it tells a lot of really interesting stuff about people hijacking your computer under the false pretense of installing free antispyware...

Czar,
I can thoroughly sympathize! Had it happen to me (and customers) many times. Three programs I use for this problem, PestPatrol and HijackThis to find the pests, then SpywareGuard which includes BrowserBlaster to keep these pests out of my browser.
There is a newsletter on my site (www.customcomputerhaven.com/newsletter.html) concerning this topic with download links to each of the above programs. HijackThis and SpywareBlaster are free, PestPatrol has a trial version and is not at all expensive considering the trouble it can resolve.
Since installing SpywareGuard on all of my systems, I haven't had one hijacking! I would highly reccomend this software to be installed on all computers connecting to the internet.

This isn't new, but the aggressiveness and harm that is now being associated with it is.

One easy way I have made some sites (especially those with popups like our local newspaper site) not spew their commercial vomit all over my screen was to set these sites as "Restricted" sites under the Internet Tools Security option. This has eliminated the commercial pop-ups when I go to read my local news.

Spybot is a good program have used it on many machines to clear up problems.

Just another method to use in addition to other security features.

It's getting to the point where the Internet is getting so saturated with this kind of mindless marketing that it makes it even more painful to navigate than it already is.

Part of the problem with browser hijacking is some of the more unscruplous sites implant a trojan or other spyware into thier code. Their site is encoded with these types of hijackers, making it nearly impossible to be detected while on the site. At times this doesn't show until the machine is restarted. Many firewalls do not detect this 'secret' install. Now that it has become a real problem, more firewalls and spyware/adware programs are adding this info and alerting one to the hijacking. As far as checking ports to make sure that they are all in 'stealth' mode, while a neccessity for security, isn't a deterent to being hijacked!

Here's a great resource to scan your computer to see if you have open ports and what your status is ...

Click on the link below and scroll down to "Hot Spots" and click on Shields Up... it will take you through a probe and other tests to see how well your firewall is working.

The site is packed with great information and other software that are all helpful for different problems.

http://www.grc.com/default.htm

At one point, I stumbled across a website (not looking for porn!) that actually took the name of you host and said in big bold letters, "You are being investigated by you host name You are illegally doing blah blah blah. Download this spyware cleaner!" Then it would popup this activex control 15 times.

I use spybot and adaware. What one doesn't get, the other does. Spybot is better because it has a Resident shield (advanced mode) which block unwanted activex installs. This helps a TON, everyone should use it!

Theirs a place called www.panicware.com they do a free edition of their popup stoppers, it as default wont be no better than others but in paraniod mode it will stop any second window popping up other than your original, but if you so wan't a second window to pop up you hold Shift or Ctrl as you click the link or page loads. I recommend this along with Google Toollbar. Also if you have a pop up but theirs no window when its clicked simply do this, click the windows bar at bottom on start bar then press ALT and F4 to kill that window, if it doesn;t go then you will have to close the IE.exe in CTRL + ALT + DEL which may close all your IE windows, also try what man above said by right click the item on start bar at bottom. The net may come back to us one day but probs at a price or its freedom but then we can't have everything but then their is SSH Tunnling which more sites are using making the INTERNET once again exclusive in its own way. Tunnling is basically VPN, a way to create a network within a network so outsiders can't access it, bit like WAN but over the Internet. IF the words I said are confusing then do a search in google, sorry I can't explain them in more detail but their is some detail! :)