Malware Inc. - Part 2

Saturday in Part 1 we examined Search Engine infection and ways to avoid your browser being infected with the Web of Trust Link Scanner. Today we will discuss Search Engine HIJACKING.

Search Engine Hijacking is absolutely the most common problem I see on systems brought in for repair. Almost every computer brought in for service has a malicious search engine on it. In most cases it has been made the default search engine. We live in the internet age, where competition among software companies is fierce. One of the most common ploys utilized by these companies is the lure of free software. As with anything in life however, nothing is free. They are paying for your "free" software with Ads and Malware. Most software you download off the internet today has a free version and a paid version. Usually the free version provides you with basic features, or the full version for a limited time. If you want the full version or continued access to the full version though, you must pay for it. This is NOT an unreasonable request.  A lot of companies also offer programs for free that that are paid for via in-app advertising or worse yet, include free toolbars, search engines, etc… There are simply dozens of varying tactics used in order to monetize software in today's world. The ultimate goal in most cases being to drive traffic to a website or worse yet, to gather information about your search history, interests, and more to provide to marketing companies. While some are simple and above board, many companies will use any and every possible tactic to get paid, regardless of whether any of these tactics are ethical or moral. 

The most unfortunate part of all this is that It's perfectly LEGAL in most cases, because in the majority of circumstances, the user agreed to it, by simply clicking their way through things in a hurry. I will show you how. With these companies being so underhanded, it is simply imperative that you be cautious when installing software, paying close attention to the screens and check boxes along the way. Here are some examples of what I am referring to:

Attempting to install unwanted extensions that market products to you..

Attempting to install unwanted extensions that market products to you..

Attempting to install unwanted Toolbar, Change your Search Engine & HOMEPAGE... 

Attempting to install unwanted Toolbar, Change your Search Engine & HOMEPAGE... 

Same as above...

Same as above...

You can definitely see what's wrong here:

  1. Free Toolbars
  2. Malicious Search Engines
  3. Browser Extensions
  4. Changes to your default homepage

I want to focus on changes to your default search engine here. Not paying attention to the small check boxes along this install process can cause serious problems for you. The next time you open your browser and search, the results page will look slightly different than before, and many of the links returned in the search will redirect you to advertising and malware sites. These sites and their software all working together toward a common goal: Collecting information on you for everything from pushing targeted ads to you based on what you talk about, search for or look at, all the way to stealing your banking information to make unauthorized purchases. The point in the redirects is to send you to malicious websites with viruses. The next thing you know, you are bringing us your computer for repair. 

What to watch for:

  • If you click on a search result and the link takes you someplace not even remotely relevant to your initial search
  • If your search results page says something other any of the top search engines such as Google, Yahoo, Bing, Live, AOL, etc...
  • If your search results page is any of the following: Onewebsearch, Conduit Search, Coolwebsearch, Deltasearch, Babylon, anything like that. 

What do you do in this case? The first step is to remove any fake search engines and I always recommend making Google the default search engine. That is obviously a personal preference, but Google has the cleanest, least cluttered interface, and it works exceptionally well with the Web Of Trust Link Scanner we talked about earlier. I will issue a disclaimer here about my next statement, I make this statement based solely on the thousands of systems I have repaired for people with spyware problems. That said, I have  found the absolute best and most secure combination of browser, search engine and settings is the Google Chrome Browser with Google as the search engine and the Web of Trust scanner installed. Since I recommended the Chrome browser, I will show you how to configure it first, and then IE and Firefox in another post. . 

  1. Click the Wrench icon or the Three Horizontal Bars next to the address box and select Settings

2. In the Search section, click on Manage Search Settings.

. Move the mouse over the the search engine you wish to be the default engine and select Make Default.

4. Remove any other search engines other than Google, Bing and Yahoo by clicking the X to the right of each.