TVCH FORUMS HOME . JOIN . FAN CLUBS . ABOUT US . CONTACT . CHAT  
Bomis   Quick Links   TOPICS . TREE-VIEW . SEARCH . HELP! . NEWS . PROFILE
Archive through June 20, 2004

The TVClubHouse: General Discussions ARCHIVES: 2004 Nov. - 2005 Jan.: All Things Technical: The Help Desk (ARCHIVES): Browser hijackers dangerous and on the rise: Archive through June 20, 2004 users admin

Author Message
Jan
Member

08-01-2000

Saturday, June 19, 2004 - 3:36 pm   Edit Post Move Post Delete Post View Post    
This article ran in the Toronto Globe and Mail today. I find it a little scary!

Browser hijackers can leave users flummoxed
Sinister programs that take over your surfing can dredge up illicit pages -- like pornography

Greg Weir, webmaster at Tucows.com, says browser hijacking programs are becoming a common threat for Windows users in particular.

By JERRY LANGTON
Special to The Globe and Mail


A nasty and increasingly common type of malicious software known as a ''browser hijacker'' is commandeering computers and messing with their settings -- and in some cases, harming reputations.

These tiny ''malware'' programs can arrive in e-mail and downloaded files, or latch on to a browser while a website is being viewed.

Browser hijackers aren't new. Often employed as an on-line marketing tool, they were originally a minor nuisance because they changed a few browser settings, such as a user's start page.

However, new strains -- including CoolWebSearch and its many variants -- have added such things as bogus bookmarks, pop-ups and website redirects to their arsenal.

"You can tell if you have one because your browser will start behaving differently," said Greg Weir, webmaster of Toronto-based software clearinghouse Tucows.com. "You'll get new favourites, which you may not be able to delete, a new home page, and you may also get pop-ups that can stay open even after you quit the browser."

The Web pages that are involuntarily opened often feature hardcore pornography, including images that are illegal to possess or distribute in some countries.


Traces of these images and details about pages visited can remain in the computer even after people leave the site and turn the machine off.

"When my wife saw those pictures on my computer she got very angry, to say the least," said Josh Burns, a sporting goods store manager in Houston whose system was hijacked.

"It took a lot of explaining and calming down just to keep her from throwing all my possessions on the front lawn."

Although CoolWebSearch and its variants generally do little more than annoy or embarrass victims, hijacking has led to more serious consequences for some.

A widely reported case in the United States involves an eastern European immigrant, identified only as "Jack," whose work computer was found to contain evidence of child pornography. He now has a criminal record. He is still fighting to have the charges overturned, claiming he was the victim of a browser hijacker.

In another case, engineer Adeel Lari was fired in 2002 by the Minnesota Department of Transportation after technicians found pornography on his computer. Mr. Lari, who denied knowledge of the images, was rehired recently after a judge ruled that there was no proof he voluntarily accessed the images. The subject of browser hijackers was raised by his defence attorneys.

"How can police or so-called 'expert witnesses' know whether images found on a hard disk are there because the owner deliberately sought them out, or because of either accidental acquisition or hijack?" asked Dublin-based privacy advocate Brian Rothery.

Meanwhile, people who really are breaking the law may start using browser hijackers as a convenient excuse, experts say.

"Soon, everybody with porn on their computer will be saying 'the browser did it,' " said Greg Hriniak, a New York City systems analyst. "Or would you rather tell your employer or your girlfriend that you downloaded it?"

And hijackers are becoming more common on the Internet.

"If you run Linux, you're pretty safe. If you're on a Mac you probably won't get a hijacker. If you're on Windows, it's hard not to," Tucows.com's Mr. Weir said. "It often comes through e-mail, but can spread through the Web or especially through P2P software -- Kazaa is crawling with them."

On-line discussion groups are teeming with people looking for help, often horrified at what has happened to their computers and at the objectionable material dredged up by a hijacker. The results of a hijacking can be embarrassing, whether at work or home.

"I didn't really see anything that I think was illegal, but it was pretty disgusting," said hijacking victim Michelle Williams of Hamilton. "The worst part was that I lost control of my computer. I saw what the hijacker wanted me to see, not what I wanted."

And browser hijackers are getting smarter. Some new strains are sophisticated enough to surreptitiously download regular updates to their code that combat anti-virus and anti-spyware programs. They can even keep a computer from accessing certain websites that provide advice and software for removing hijackers.

"If you notice that your anti-virus software has been disabled, you're probably infected," Mr. Weir said.

For those who fall victim, there are programs that can remove hijackers. Tucows.com offers 21 titles that combat them, ranging in complexity and effectiveness.

"Spysweeper can eliminate CoolWebSearch," Mr. Weir said. "It's our third most popular anti-spy software -- the only two more popular happen to be free."

Hijack victim Mr. Burns used a program called CWShredder to free his system after calming down his irate spouse.

"I don't know where I'd be without it," he said.

Globe & mail

Sisalou
Member

07-12-2002

Saturday, June 19, 2004 - 5:01 pm   Edit Post Move Post Delete Post View Post    
I wonder if zone alarm can prevent this from happening?

Hippyt
Member

06-15-2001

Saturday, June 19, 2004 - 5:28 pm   Edit Post Move Post Delete Post View Post    
I'm pretty sure one has gotten my hubby's puter. It is alllll messed up! He's thinking of crashing the whole system.

Draheid
Moderator

09-09-2001

Saturday, June 19, 2004 - 5:39 pm   Edit Post Move Post Delete Post View Post    
Sisalou: Unfortunately, some of these type of 'programs' use the browser to do their 'dirty work' of sending information. Since you've told Zone Alarm to allow your browser to access the internet, these things are able to get around that protection. If the program attempts to send information itself, then Zone Alarm would alert you that something is trying to access the internet and give you the opportunity to block that program.

The only defenses I can suggest are running AdAware and SpyBot Search & Destroy on a regular basis to keep your system clean.

Hope this helps.

Sisalou
Member

07-12-2002

Saturday, June 19, 2004 - 6:56 pm   Edit Post Move Post Delete Post View Post    
Thanks Dra!

Hippy, that really blows. My computer has been acting funny too, I am gonna try what Dra suggested.

Bigd
Member

09-13-2001

Saturday, June 19, 2004 - 8:17 pm   Edit Post Move Post Delete Post View Post    
I downloaded a new program the other day that is supposed to have some extra security while browsing with Internet Explorer. I don't know a whole lot about it thought. Maybe somebody else does?????

The name is SpywareBlaster! It is a free program that I downloaded from Tucows. Any comments?

Juju2bigdog
Member

10-27-2000

Saturday, June 19, 2004 - 10:23 pm   Edit Post Move Post Delete Post View Post    
And I just downloaded Spybot today. I previously just had Ad-Aware, and I ran it this morning. Just ran Spybot. It found 55 problems!!! Ack!

Draheid
Moderator

09-09-2001

Saturday, June 19, 2004 - 10:48 pm   Edit Post Move Post Delete Post View Post    
Bigd: Spywareblaster looks like a well respected utility which installs on your computer and basically prevents you from receiving spyware programs through Internet Explorer while surfing the web. The only negative comments I found appear to have been related to very early versions of the program. One that I was concerned about said the program would detect a potential spyware program but refuse to delete it unless you paid for a different/upgraded version. I was not able to locate any other mention of this fee anywhere else so I must presume it may have only been in the earlier version.

Overall, everything I read about SpywareBlaser suggests it is a worthwhile program to have on your computer.

SpywareBlaster 3.1 from Javacool Software for anyone who is interested in this program.

Lkunkel
Member

10-29-2003

Saturday, June 19, 2004 - 10:56 pm   Edit Post Move Post Delete Post View Post    
Okay, I ran I downloaded and ran Spybot--ack! 64 problems. I destroyed & immunized. When I then went and downloaded Spywareblaster, I reran Spybot and it found 9 more things.

I see myself running this program daily.

Vee
Member

02-23-2004

Sunday, June 20, 2004 - 5:33 am   Edit Post Move Post Delete Post View Post    
I run it multiple times daily...anytime the browser starts acting weird.

Rupertbear
Member

09-19-2003

Sunday, June 20, 2004 - 10:48 am   Edit Post Move Post Delete Post View Post    
Good afternoon, everybody.

I was wondering if someone would outline how you tidy up a link...that is to say, to convert a big long URL to a tidy click here mode.

Thanks in advance. :-)

Bigd
Member

09-13-2001

Sunday, June 20, 2004 - 10:58 am   Edit Post Move Post Delete Post View Post    
me too Rupertbear! watching.....

Draheid
Moderator

09-09-2001

Sunday, June 20, 2004 - 11:02 am   Edit Post Move Post Delete Post View Post    
Rupertbear: If the link is to somewhere on the board, we recommend using this:
\topurl{http://your.link.here,Click Here}
This link will open in the same window for you.

To go offsite, we recommend this:

\newurl{http://your.link.here,Click Here}

which opens the link in a new window.

The 'cleanup' has to do with what appears after the comma in the tag. Place the tag first like this:

\topurl{

Paste the link after that, like this:

\topurl{../9200/1476673.html"+1">,
and the words Click Here and close the brackets like this:

\topurl{../9200/1476673.html"0000ff">,Click Here}

This will display the results like this:

Click Here

Hope this helps.

ETA: I should add, if your link contains commas, as many sites are now using, you need to scan the link and insert a \ before each comma except for the very last one that separates the link from the text you want displayed.

Vee
Member

02-23-2004

Sunday, June 20, 2004 - 11:08 am   Edit Post Move Post Delete Post View Post    
Draheid's excellent directions

Phew! Dra beat me to the explanation. I was trying to give my detailed step by step directions when I got an error message!

You'll find a lot of info in the Spam Room in the members section.

Rupertbear
Member

09-19-2003

Sunday, June 20, 2004 - 11:11 am   Edit Post Move Post Delete Post View Post    
Thank you both very, very much. :-)

I'll probably have to practise in the Spam Room anyway, as I have a feeling I shall muck it up.

ETA: Draheid, this is totally off topic but is your nic Druid?

Vee
Member

02-23-2004

Sunday, June 20, 2004 - 11:18 am   Edit Post Move Post Delete Post View Post    
Rupertbear, I just practiced this in your folder so please forgive me!

1. Type this just as you see it: \newurl
2. Follow with the bracket that you must use the shift key for... {
3. Paste web site after that initial bracket
4. Follow with a comma
5. Choose name and place after comma
6. Close with the end bracket that you must use the shift key for... }

If this is no help, please disregard.

Draheid
Moderator

09-09-2001

Sunday, June 20, 2004 - 11:21 am   Edit Post Move Post Delete Post View Post    
Rupertbear: Not that I'm aware of. Of course there's always the possibility that something similar (or worse probably) is said that I don't know about. Actually my nickname here is nothing more the 'DieHard' spelled backwards, along with the board's auto-format so it ends up Draheid as you see here.

I have been using computers and the internet for many many years and originally started out with the nickname 'DieHard' based on my way of dealing with problems - I keep trying until I solve them.

Bigd
Member

09-13-2001

Sunday, June 20, 2004 - 11:25 am   Edit Post Move Post Delete Post View Post    
to the never die master!

Rupertbear
Member

09-19-2003

Sunday, June 20, 2004 - 11:44 am   Edit Post Move Post Delete Post View Post    
Oh Vee, thanks (((hugs))) :-) I'll have to try the ones you put in my folder one more time, 'cos I messed sumpin up!

I just tried Draheid's...and yahoo!!! it worked!

And I guess if I was dyslexic I'd have known you were DieHard...rofl. I did see Draheid typed with the big 'H' before.

And rather thank think of you as a Sears battery Dra...I'm gonna keeping thinking of ya as ancient Druid ;)

Rupertbear
Member

09-19-2003

Sunday, June 20, 2004 - 11:48 am   Edit Post Move Post Delete Post View Post    
BigD...did ya give it a go?

And oops...I should have put this whole thingy in the Q & A thread...sorry!

Jed245
Member

11-01-2002

Sunday, June 20, 2004 - 7:28 pm   Edit Post Move Post Delete Post View Post    
Don't know if anyone has said it or not. But, there are some good files to take care of browser hijackers in my free files thread.

Hijack this is great, but, you should show the entries to someone familiar with the program. CWS is something good to download. (cool web shredder)

I'll bring back more stuff along with links if anyone needs them just let me know. :o)

Jed. :o)

Rupertbear
Member

09-19-2003

Sunday, June 20, 2004 - 7:30 pm   Edit Post Move Post Delete Post View Post    
Hmmm, yeah but....how will we know we need them, 'til ya bring 'em, Jedi? hee hee hee ;)

Juju2bigdog
Member

10-27-2000

Sunday, June 20, 2004 - 10:00 pm   Edit Post Move Post Delete Post View Post    
You know what? I am almost thinking we <looks meaningfully at Mod(22)> should put the links to the free downloads of Ad-Aware, Spybot, ZoneAlarm, AVG, and maybe some others at the top of this thread or the computer help thread, since people are needing them more and more all the time.

Moderator
Moderator

06-30-2002

Sunday, June 20, 2004 - 10:20 pm   Edit Post Move Post Delete Post View Post    
Juju, here's what I have gathered so far. If you or anyone has others, post them here and I will be happy to compile a complete list and post it in a more auspicious place.

ZoneAlarm Free 4.5 Download

AdAware 6 via Download.com

SpyBot Search & Destroy

SpywareBlaster 3.1 from Javacool Software

housecall.trendmicro.com Online virus scan.

AVG Free Antivirus Download

www.java.com to update your Java (for chat, etc.)

GRC.com Port Scanner for testing your vulnerability (Firewall effectiveness)

www.mail2web.com Online access to your POP3 E-Mail (not hotmail, etc)

Irfan View 3.91 from Download.com

Mod (22)

Juju2bigdog
Member

10-27-2000

Sunday, June 20, 2004 - 10:35 pm   Edit Post Move Post Delete Post View Post    
AVG free anti-virus download.

http://www.grisoft.com/us/us_dwnl_free.php

Yay Mod(22)!!!

<Got it, Thanks> (22)