Patterico's Pontifications

11/24/2003

COMPUTER PROTECTION RACKET: Some company

Filed under: Scum,Spy Wiper — Patterico @ 6:10 am

COMPUTER PROTECTION RACKET: Some company has started an internet protection racket. They somehow commandeered our browser and changed our home page. Now, when we open Internet Explorer, we are taken to a page that tries to sell us a program called “Spy Wiper.” This page does tricks like popping our CD-ROM open, or launching Notepad. Then we get a warning that says (I am paraphrasing): “If your CD-ROM popped open, or your Notepad launched, you need to download our program.”

I’d give you the link, but I’m afraid that if you went there, the same thing might happen to your computer.

If I had the people responsible for this here, it would be simple; I could just strangle them. As it is, I must settle for some other solution. If you have suggestions, please leave them in the comments.

UPDATE: I have received requests from computer-savvy people for me to publish the URLs of the site that hijacked my browser. Here they are — but beware: if you don’t know what you’re doing, don’t click on them:

http://default-homepage-network.com/index2.html

http://default-homepage-network.com/index3.html

The first one is the one that pops open your CD-ROM and launches a menacing message on Notepad.

Through a comment at xrlq’s site, I saw a link to something called “Hijack This.” But how do I know this isn’t another scam program? (By the way, it’s probably just coincidence, but this all started about 24 hours after I installed and ran Ad Aware 6.0 — a program I downloaded after reading about similar problems others had been having.) I don’t know what programs to trust anymore.

UPDATE x2: It happened to BoiFromTroy too.

UPDATE x3: Well, I fixed the problem in a strange way. I first followed BoiFromTroy’s advice, and installed all Windows updates and got rid of all cookies. This didn’t fix the problem. Then I remembered that the liberal blog Talking Points Memo has a feature whereby you can make that site your home page by clicking on the appropriate link. So I did that, and Spy Wiper’s page was gone.

I had previously set the Drudge Report as my home page, and frankly, I’d rather have that (or Patterico, for that matter) as my home page, rather than Talking Points Memo. But Josh Marshall is preferable to Spy Wiper, so until someone explains how I can take back control of my computer, this will have to do.

UPDATE x4: Problem fixed, thanks to reader Steve G. No more having to look at Josh Marshall’s self-satisfied mug every time I open a new browser. Thanks, Steve!

I still want to make this company pay. I am soliciting suggestions as to how to accomplish that, at this post.

5 Responses to “COMPUTER PROTECTION RACKET: Some company”

  1. Report as i did to ftc.gov and your state attorney on his website on internet .

    user (503d0e)

  2. BTW, HijackThis is a legit tool, but not point-and-click. it lists all the places spyware and adware could hook into your system, and lets you select items installed into these locations for removal. However, most of waht you see in the list is legit, part of windows settings, or things like the acrobat or flash IE plugins.

    Phil (71cd61)

  3. Ad Aware is legit, Spybot S&D is also legit, Hijack This is also legit. Those 3 can clean up this problem (which my 7 year old’s friend managed to put on one of our boxes last week) and just about any other. Get those 3 programs and install them, make sure they’re updated reasonably frequently, and if you have a problem, boot into safe mode and let them run.

    Be careful what you remove with Hijack This (as Phil also said) you may need to go through each thing it lists and try to figure out what it is. Often just entering the name of the program Hijack This flags into Google will tell you if it is something you need to keep.

    Be sure to also run an antivirus program in conjunction with the above spyware removal tools, it is helpful in many cases.

    D Lacey (4c3248)

  4. Have you not installed Firefox yet? I’m there on my Windows machine and the site is completely harmless.

    JT Hundley (14e618)

  5. Please note that Ad-aware is available from http://lavasoft.de and not http://www.adaware.com, which is another piece of shit spyware

    initialE (5f200e)


Powered by WordPress.

Page loaded in: 0.1934 secs.