A dammed search engine has installed itself as my homepage again,now I know how to restore my normal homepage, I normally use my ISP homepage it has my webmail access stuff like that, but this is very irritating
Every time I boot up this persistant bastard has again become my homepage, this is the URL as it appears, for gods sake dont click on the bastard though you will never be rid of it.
http:drxcount .biz, ect ect.
The URL as it appears in the homepage box in internet settings is a whole load of numbers letters and percentage signs, and I have used the find function to try and track it down without success, where will this swine be lurking?.
Last time I was so annoyed I formated my H/D seems to be the only way to be rid of it,there must be some way of deleting unwanted URL's from the homepage box?,theres a whole raft of them that have instaled themselves in there, I have adaware and zone alarm, neither stop this ****.
Help its driving me nuts
PS I am running win 98

:suspect: :* :confused:

Coolwebsearch (http://www.spysweeper.com/remove-coolwebsearch.html)

Hi Tony,

As Orac says, it's definitely a CWS affiliated site, but I'm not convinced about Spysweepers claims. :) There is only one tool that will do the job in my opinion, as CWS is continually changing, and that is a program called CoolWebShredder, written specifically for the job.

Please go here (http://www.soft32.com/download-CWShredder-19014-5.html) and download, unzip then run CoolWebShredder.

CWS installs via the byte verifier exploit in M$ JavaVM so just surfing a page with an infected applet can install it with no user participation. So once you’ve run the above, it is vital that you go here (http://v4.windowsupdate.microsoft.com/en/default.asp), click Scan for updates in the main frame, and download and install all CRITICAL updates recommended.

Cheers

Liam

Ok thanks ORAC Liam,have downloaded that, but before I run it, should I delete adaware and Zone Alarm from my system?, as I have stated in a previous post I had some problems because I had both adaware and spybot on the machine at the same time and it crashed my browser, I had to format and do a full reinstall.
It is my experience that it is third party software that does the damage in windows, I know it is impossible to go through life without third party software though, but I am always a bit reluctant to run this type of utillity, will give it a go though, these search engines that install themselves as your homepage infuriate me

No need to delete/uninstall them, but it's always sensible to ensure you don't have any programmes running when you install/run another one. Either close them down using their own control panels, or use Ctl/Alt/Del and Close Program to shut down everything non-essential first.

Right peeps downloaded it and ran it, it appears to have done the biz, that dammed search engine has disapeared, but the cheeky buggah installed itself as my homepage, never mind restored my normal page and the machine is booting with that now,
I am a tad confused though, are all these utilities doing the same job, ie Adaware, Zone alarm?, can I delete these other two now?, after all they didn't spot that buggah installing itself,although Adaware does seem to catch some data miners every time I have been surfing and run it, I don't seem to get many new registry entries now though.
Thanks again ORAC and LIAM

:ok:

Hi Tony, and you're welcome. :) :ok:

Adaware will get some elements of CWS, but over at Lavasoft, they know about Shredder, and know that it really is the only tool that will rid a machine completely. There are a couple of variants (smartsearch being one) for which a complementary program has to be run first. This is because those that write CWS know a couple of ways to get around Shredder.

Those critical updates must be installed as well, or you'll get it back again. A firewall won't stop CWS, because by it's very nature, it has exploited the machine and granted itself permission to access the outside world. A firewall is absolutely essential, as is an up-to-date Anti-Virus program.. but they can only do so much.

Both Adaware and Spybot are very good programs and work well together. The problems that you state with them are quite possibly down to either the CWS hijack, or another peice of scumware, that has installed itself on your machine. There are literally thousands of programs and scripts written to make your (and everyone elses) life hell, and the more devious writers amongst them are able to disrupt those security programs, and keep their stuff on your machine. When people see that there are conflicts with these, they get rid of the good guys thinking that they are to blame.. a bit like leaving the door open on the car, so that you don't get a window broken by someone who wants your CD player. Usually you won't know of their existence in the computer until something goes wrong. At least CWS is fairly easy to spot.. most of the time!!!

The advice I posted in the sticky above will help to protect you, but I'd be happy to check your machine over for you, to see what else lurks. Click on the TechSupportForum's link in that article above, register (it's free and painless) :) and download 'Hijack This!' from here (http://mjc1.com/mirror/hjt/), unzip, and place it in it’s own folder, (not in the temp folder) doubleclick HijackThis.exe, and hit "Scan". When the scan is finished, click "Save Log", and copy and paste it in a reply.

This will give me a rundown of what’s going on in your PC. Don’t fix anything yourself yet, as a lot of the stuff on that list will be harmless or required.

As you may have realised by my posts, :D my time is mainly spent giving advice on security forums regarding spy/mal and adware, along with virus/trojan removal, and the prevention of the above, in the first place.

Hope that's enough info.. just ask if you need more.

EDIT: I've just changes the link for HJT as Merijn's site is down due to DDOS attacks at the moment. :ok:

Cheers

Liam

tony draper,

There is a tug of war going between the malware makers and the malware killers. They both fight to end up on top.

For us it means that if we do not keep up with what malware is out there, we could get stuck with one.

Take Care,

Richard

P.S. It is a good thing we have such good people in this forum that have the answers.:ok: