A bit more, all as part of my PC Housekeeping:

1. I regularly use CCleaner (Free) to clear out my machine and get rid of all the rubbish files that it seems to collect.

2. I regularly scan with a program called Secunia PSI (PSI = personal software inspector) to easily keep ALL my software slap bang up to date.

3. I also do the odd Defrag.

4. If you want to make sure all your Drivers are up to date, you can use a Free program called Driver Booster from IOBit. You shouldn't have to mess about with this very often. Once a year or so should suffice.

Take care with any of the above downloads by carefully reading what you are about to download. Sometimes prgrams like these are sponsored. The downloads may try to make you include:
a toolbar addition
changing your homepage
changing your default search engine
adding in another third party program(s)

So.....Please watch the installation carefully to opt out of any of the above and tick (or remove the tick) in the accompanied choice boxes as the download proceeds to installation under your control. You do not have to take these things if you don't want.

5. I also use another Free program called KeePass to store all my UserNames and Passwords and the associated URLs. It also has a 'Notes' facility when you need to store any needed pertinent extra information for particular sites.

This is stored on my machine in a highly encryped format and is accessed by a 'complicated, high number of digits, uppercase/lowercase/alphanumeric master password'.

Anyhow, that's about all wot I do. :-)

And despite all that, I have picked up a piece of shit which seems to be able to even launch my default browser by itself every morning and try to take me to malware sites as well as other more legit ones.

First of all this seemed to be based on a marketing activity from a URL called:

static.homesweethomejax.com

This has now recently amended itself and the activity now seems to now originate from a new URL called:

static.providinginternetnow.com

If anyone can provide me with information as to how I can stop this browser hijack from happening every day, then I would greatly appreciate it.

All that I can do for the moment is 'close it down'. It just happens once each morning and, as the browser opens, usually after a period of inactivity on my part (eg, leaving the machine and, say making a coffee) it moves to about three different web sites. Two of these will be to blatant malware sites (eg, "Your PC is running Slow - Check it now" - type stuff) and which obviously might try to instal a Trojan (I'm not sure whether McAfee would actually allow it to happen - but I am not going to let it get that far anyhow) and the third site would be to a more legitimate web site:

such as say (today's):

www.qtrax.com

or yesterday's:

www.reimageplus.com

I find fighting this sort of thing to be very hard. You do have to be constantly alert to the many scam perpetrations on the Internet these days.

Some of them are blatantly so stupid and easily dealt with, eg: An e-mail from Barclays Bank telling me my Lloyds Bank Account has been suspended. Ridiculous or wot!

Others are very, very much more sophisticated and extemely difficult to spot and deal with. Anyone who hasn't been caught yet by at least one of them, is either extremely lucky or extremely fortunate.

Not everyone reads the Terms and Conditions associated with an Online Order when they are doing one. Not to do so, is one of the easiest methods of getting yourself scammed. You do need to do more than look for little Padlocks and an https.

This is not such a foolish thing to miss. I'm sure there are lots on here who, say, did not read ALL of the Post Office IPO Prospectus but just trusted it not to be dishonest in any way and readily sent off many thousands of £££s with their Application for shares.

That was at one end of the scale. Others at the other end of the scale, generally try to catch you out with 'offers which are too good to miss'. They are more easily recognisable.

And then you have the ones in the middle..............

For instance, have a read up about 'Subscription Scams'.

........and these have nothing to do with malware or spyware!

Thanks guys, I have BT AV on another machine (running xp) and it slows it down no end to the point I have to turn it on and leave it to do its thing. I have a newish laptop (win8) which I only use for banking and spreadbetting (no browsing what so ever).

Doc,

One of the common ways of getting PCs to behave in the manner you describe is through browser toolbars. A particularly nasty one goes by the name of Babylon, but there are several more which do the same kind of thing. You possibly installed one of the bits of free anti-malware software that you referred to in some of your earlier posts, and inadvertently neglected to uncheck the little box which invited you to install something else at the same time.

You didn't mention what your preferred browser was, but you should easily be able to find out what extensions and plugins it has running by hitting either the Tools or the Help tab for that particular browser. Once you know the name of the extension or plugin, you should be able to Google its removal procedure.

If there's a lesson to be learned it's probably to not be so oversensitive about having umpteen pieces of protective software installed and to try going commando.

Sounds like it's worth a try - Going Commando.

Hilary

Nice to hear from you and I hope things are going well.

The problem I described has been evident with IE and also Cool Novo. This latter is now my main browser of choice and I think it is an upgraded version of Chrome Plus. I do like it very much and find faster than IE. Indeed, I haven't actually used IE in ages.

So, bearing in mind what you said in your post, I launched IE to find the version number:

IE v.11.0.9600.14576 (Update 11.0.2)

Tools/Internet options:-

Aha!!

Something has changed my Home Page from Google News UK!

It's now: http://start.mysearchdial.com/?f=1&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtD0E0D0D0CyCtByC0DyBzztN0D0Tzu0SyCzyzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=633623297&ir=

I've now reset Internet Explorer's settings back to their default condition (in the 'Advanced' tab). This resets everything, disables tool bars and add-ons and resets a whole lot more besides. Also I have ticked the Delete Personal Settings box too. This also deletes and resets all the stuff associated with that.

It also requires a computer restart.

In Cool Novo (I'll call it Chrome) I've looked thoroughly for any 'add-ons'. I quickly found some 'Extensions' and with which I had very little, if any, familiarity with.

I've disabled the following Extensions in Chrome:

Cool Novo Extension Recommendations 1.0.3
My Searchdial New Tab 9.4.10 (BINGO! This is obviously the extension, that's responsible for all my problems)
A 'Chinesey Characters' one which appears to be with American Shopping recommendations (I can't believe I didn't know about this one! For me it would be totally useless anyway!)

I have the following extensions still ticked and I know what they are and what they do:
Stylish 1.2
Readability 3.0.14

Hilary,

Thank you very much for your help. I think you've most likely cracked that irritating browser problem for me. :-)

Pity I won't get to 'go commando' though, like you. Bummer (literally!). Hmmm? Still I can always dream on about you doing it, eh? ;-)

IE browser Home Page now reset to: http://news.google.uk as I want it to be and the box ticked to let me know if it ever changes.

Exec.

It has been mentioned before, but try AVIRA Internet security.

I have used it for about 10 years.

For the first three years I used the Free variety, but as it was good to me and my machine I have paid for the program and 2-3 years ahead.

The only thing which doesn't seem to pick up is the problem described above with tool bars which can be a b. nuisance.

But I block those through the browser and search and remove or the installer.

Also, use periodically Free Reg Cleaner in conjunction with CCleaner. (Both mentioned before.)

Generally, I seem to have a problem free Windows 7 machine.

Good luck.

Ps I have the above running on 5 machines.

Thanks Fred.

Generally speaking, my machine is fast and quite trouble free too, also running on Windows 7.

But I did have that particular problem, as described and which I'm now fairly sure, thanks to Hilary's advice, is now sorted out.

I never thought of it being related to browser add-ons and extensions. I know tool bars can really slow the browsing experience down, particularly the Google Tool Bar on IE.

And I have found an excellent Chrome Tip:

1. Do a Right Click at the very top of the screen when the Chrome browser is fully open.
2. A small advisory window opens.
3. Click on Task Manager within it.
4. A full window opens showing all the running Tasks with tabs showing each Task's memory usage and which CPU is being used for it (if you have more than one) and a little bit more info' besides. This would be useful to show what is running in the background, if anything, when you experience a temporary slow down.

Doc,

Glad to help! Fwiw, those search bar extensions can sometimes be tricky things to remove. Some of them require a full disc scan to find multiple installations, plus a regedit to prevent the things from returning at a later date. Hopefully your one will be easier to remove.

The thing to bear in mind is that there's no such thing as a free lunch, and a lot of 'free' software isn't actually free at all. Search bar extensions often compete against the big players such as Google in an unethical way by serving unwanted ads or by opening unrequested webpages. Let's face it, the major players have the market pretty much sewn up, and the only way to compete in the industry is sometimes via unethical means.

Developers of freeware will often enter into a revenue sharing deal to install an additional bit of unwanted software like your MySearchWotsit at the same time as the freeware is installed.

Hmmm?

Hils, I think it's back. Well something is. I went to my PC quite a bit later than usual at about 11am, having been up late researching a problem concerning our chocolate cockapoo, 'Poppy'.

Poppy was not herself at all last night and was off her food and quite lethargic. So at midnight, onto Google.

Anyhow, I came across a problem called 'Gastric Torsion in Dogs', where they twist their stomach doing something like catching a thrown ball. The dog will first of all go quite lethargic. Quite quickly, this stomach twisting can mess up their intestines, which can then die off and the problem can prove to be fatal and all just within a few days. Well, we love our Poppy to bits and we certainly didn't want that to happen! Aaaargh!

She is an obsessive ball fanatic and although she is only small at 10kgs, can do fantastic 5' high flying twisting leaps to catch a thrown tennis ball. Naturally, out comes the camera and we sorta encourage this stuff. I printed off what I'd read and our whole family were reading it all up at around 1am with a big family discussion on 'Have we twisted her stomach? What shall we do?' kinda stuff.

Fortunately, she's almost back to old self though this morning! A bit quiet with it but very obviously OK. Perhaps, with her wings only being extremely small to even non-existant, her flying yesterday exhausted her. :-)

Meanwhile, becasue of all this last night, the PC was left on standby with a Cool Novo browser window open.

Well! Looking in History something has still been opening new windows on it. There are various URLs to be seen.

From the Task Manager, there now appear to be only two Chrome Novo 'Extensions' open:

1. Readability
2. Stylish

However, the Task Manager tells me two other important things are running:

3. GPU Process
4. Plug-in Shockwave Flash

Also running:

5. Instant: Google
6. Tab Extensions (that's me looking at the Chrome Novo 'Extensions')

I am now going to completely uninstall Cool Novo, see what happens overnight, and see the usual 'opening browser windows without me being involved' happens again.

In the meantime, I'll revert to using regular Chrome. If all is OK then great.

If not, I'll use Regedit when these windows are open, investigate a bit more and see if I need to disable something or whatever.

I do appreciate your help and comments. Hope you have a nice weekend.

Exec.

Another trick I have used on one of my delinquent's computers, was to clean with C Cleaner and Reg cleaner.


Remove Chrome using control panel.

Clean download folder of any references to it.

Download clean Chrome installer.

Remove Firefox.

Clean again.

And the go to download folder and re-install clean version of Chrome.

The problem you have is a bloody nuisance.

Another suggestion is use search in start menu for any constituent of the address and delete them.

Best of luck.

Fred

"Another suggestion is use search in start menu for any constituent of the address and delete them."

That sounds useful.

Why remove Firefox? I don't understand that one. It's a browser, so are you thinking it is somehow responsible for generally planting extensions or add-ons in other browsers?

Some years ago when I downloaded Chrome, it was through Firefox and from memory some of the "contact" data was switch to Chrome directories.

I have Firefox running on my laptop as I like the facility for "translations" and it is easier enough to reload. But prefer Chrome for normal access to internet.

I found the only way I could rid myself of "misdirections" on the "web" effectively was doing as I wrote. (I am sure there are other ways, but I think I spent about a day and a half B. about.)

===

The problem is as Hilary wrote, that some of the pages and Free downloads make their money from loading tracers and search engine followers etc. with or without telling you.

Watch the b. little boxes.


-----------

I may be wrong, but it seemed to work!

Once again, good luck.

Doc,

I did say previously that some of the browser search bar extensions could be tricky to remove. If you've only removed it from the browser plugin list without first uninstalling the program itself (Control Panel > Add/Remove Programs), then there's every probability that it's still there creating havoc as you've since found out.

As well as uninstalling it and removing it from the browser plugin list, you probably also need to check that there aren't multiple instances of it by carrying out some kind of a scan (and possibly a boot scan).

Why don't you follow my suggestion in #10464 which was to Google the culprit's name for removal instructions?

And then, once you've got rid of it, why don't you follow my other suggestion which was to Go Commando and ditch all of the 'free' crap that you've installed which is almost certainly what caused the problem in the first instance?

Fwiw, if you've got some AV software with regularly updated virus definitions and a firewall on your router, that should be enough. Stuff like CCleaner and all the other anti-malware gubbins is really only designed for the 'worried well' imo.

This problem of mine has been very hard to deal with.

For a start, answering the basic question "What is it that I want to remove?" has been extremely difficult.

Anyhow, I uninstalled Cool Novo (a Chrome Plus derivative) and also Chrome. Then I reinstalled just Chrome.

When clicking on the 'three bar' Chrome "Customise and control Google Chrome" button and then "Settings" you can see a section entitled "Search".

Here you can select which search engines to use and choose one to act as your default. I would normally regard my default search engine as being "Google".

However, unbeknowns to me this had been changed to "Mysearchdial".

It is a simple matter to change it back to make Google the default in the "omnibox". In the omnibox it is also a very simple matter to delete "Mysearchdial" from the list of primary search engines. There are many more search engines to use in a second section at the bottom of the omnibox. Once one has been deleted from the primary section, it completely disappears and isn't dropped back down to the secondary search engine list box.

This may not be the complete answer. It may happen again. I'll see what happens.

Doc - I had a similar problem last year, which is documented on this thread (somewhere!)

Here post 10238 - 10254

Thank you so much for that link to earlier in this thread, Skinny.

I see from the posts that follow your link, how Hilary also had a Yontoo search engine problem, which was identically similar to your 'Delta Search' problem, and which in turn are identically similar to my own problems. I will call mine a "Mysearchdial" problem.

It would seem that two pieces of coexisting and mutually helping circularly linked Malware attach themselves the user's computer. Remove one, the other immediately re-instals it, etc, etc.

The result of the malware infestation being, that it changes the user's Default Search Engine and it most probably works its way through all the browsers on the machine.

Removal is extremely difficult and, although one uninstalls a browser or changes to a different browser, the malware will reinstall itself.

I harvested two detailed removal techniques from the posting links above.

In summary, these are:

1. Malware Tips: Remove Deltasearch

2. Spyware Forum: Need help removing Deltasearch? - page 1

3. Spyware Forum: Need help removing Deltasearch? - page 2

Doc,

You're right when you say about there being two malicious programs running in tandem which effect re-installation of each other by stealth if one is uninstalled. I doubt, however, that re-installation is carried out immediately. It's far more likely imo that there's an instance of something or other which runs at startup and it does its jiggery-pokery then.

If you can't clearly see what's doing the damage via Control Panel > Add/Remove Programs, I suggest you run msconfig and hit the Startup tab. Scroll down through the list of executables and Google each item on the list in turn to see what it does exactly. I'm sure that you'll soon be able to spot the culprit(s) if you use that method.

Once you've identified the cause, you can disable it from running at startup and I'd then search your PC for all instances of it and delete them.

PS. I'd forgotten about that Yontoo thing.