'Browser Hijacking' the Latest Threat for Windows Users
It takes tedious, time-consuming work to undo the damage, and most users only discover the ‘hijacking’ after it’s happened. Pop-up windows overlap everywhere, the Internet Explorer home page and Web services are switched to other sites and the list of favorite sites is replaced with porn, the Washington Post reported.
In some cases, all users did was click an "OK" button that they thought was changing home-page settings or adding a Web toolbar — not knowing the damage that would result. The problem is often caused by going online with an old copy of Windows, allowing a hijacker's site to take advantage of security flaws.
The Washington Post recommends a few strategies to stop the problem. Run an up-to-date antivirus utility and firewall program and regularly download Microsoft's critical updates (windowsupdate.microsoft.com). Two of the biggest security flaws behind browser hijacking can be fixed with a pair of downloads. A third can be remedied by installing a better browser.
First, stop pop-ups by going to toolbar.google.com through Internet Explorer 5.5 or newer, or install another browser. Step two is to update the Java software on your machine. Its developer, Sun Microsystems, designed it with tight limits on what a Web-based application can and can't do. But these limits must be enforced by a "virtual machine" program that runs on your own computer, and the one Microsoft developed contained vulnerabilities that hijackers abuse. The better option is to download and install Sun's own, free Java virtual machine (www.java.com).
Step three is to eliminate ActiveX, which allows Web interactivity, but it relies on users to give the right answer when Internet Explorer asks, "Do you trust this publisher?" Click "yes" and the ActiveX program can do whatever it wants. Use an ActiveX-free browser for everyday Web use. A good Internet Explorer replacement is a free copy of Mozilla (www.mozilla.org).
If your computer has already been infected, your antivirus program should clean it out. But you may need specialized hijack-removal software, such as Hijack This! or CWShredder (both at http://www.spywareinfo.com/~merijn/downloads.html