B
Baruch
While browsing today, a new toolbar suddenly appeared. It said
"ISearch". I had not downloaded or installed any software, and I
certainly hadn't requested any toolbars (I use Google's). This was
malware.
This malware doesn't appear in Control Panel's "Add/Remove Programs",
so you can't uninstall it this way. You need to use a spyware or
adware remover. I used Ad-Aware.
If you have Ad-Aware on your computer, then you can run it to remove
ISearch. Once you have done this, you may need to restart your
computer, but you should be OK. Certain Websites may be unavailable
to you because ISearch modifies your hosts file (see #1 below).
If you do *NOT* have Ad-Aware on your computer, then you have to
download it (or another spyware remover). The Website for Ad-Aware is
www.lavasoftusa.com.
If you find that you can't access this Website, don't panic. ISearch
has altered your hosts file. You can fix that:
1. First you need to find the hosts file. Do a search for this file
using Windows Explorer. To save time you might want to start in the
Windows folder (and subfolders); however, this file may not be in this
folder for all versions of Windows. The name of the file is "hosts",
without any extension.
2. Edit hosts, using Notepad. Do *NOT* use Word or other word
processing programs; they may add unexpected characters.
3. Remove everything after the first line. The first line should
say:
127.0.0.0 localhost
You should keep this line intact, and delete the rest of the lines.
4. Save the file.
5. Now go to a Website that offers spyware removal software.
Download and run it.
In my opinion, ISearch is malware, that is, a program that does harm
to your computer. Its authors cause or allow the toolbar to be
installed without your permission or knowledge. Their FAQ suggests
that you have to click "Yes" at a prompt, or else you have certain IE
settings set too low. This is false. I neither clicked on any
prompts, nor were my settings too low. They simply hijacked my
browser.
ISearch disregards your preferences and makes significant alterations
to how your system runs, including denying you access to over 100
Websites (See list at end of message). I noticed that until I
restarted IE, Web pages I visited were obscured by large ads I had
never seen before, ads that lacked any method of minimizing or closing
the windows. You had to click on them, and then you'd go to their
Website, leaving behind the page you wanted.
ISearch also denies you a mechanism for easily removing the toolbar
from your browser. You can supposedly go to their Website and use
their download tool. I rejected this option. ISearch already showed
themselves to be disrespectful towards my wishes. Why should I trust
them?
There is no contact information on the ISearch Website. No doubt they
prefer to avoid the mass of outraged complaints they might otherwise
receive. Their contact information is available on whois.net. For
those who care to complain, the pertinent information is as follows:
Administrative Contact:
Manager, Domain (e-mail address removed)
701 Brazos
Suite 500
Austin, TX 78701
US
866-845-6873
The list of Websites ISearch didn't want me to find follows. No doubt
these are the Websites that will prove most useful in removing or
blocking ISearch.
and.doxdesk.com
auditmypc.com
boards.cexx.org
bulletproofsoft.net
camtech2000.net
cexx.org
computercops.us
ct7support.com
doxdesk.com
eblocs.com
enigmasoftwaregroup.com
forum.aumha.org
free-spyware-scan.com
free-web-browsers.com
grc.com
grisoft.com
hackfaq.org
hazeleger.net
javacoolsoftware.com
kellys-korner-xp.com
kephyr.com
lavasoft.de
lavasoftusa.com
lurkhere.com
majorgeeks.com
merijn.org
mjc1.com
moosoft.com
mvps.org
net-integration.net
noadware.net
no-spybot.com
onlinepcfix.com
pchell.com
pestpatrol.com
safer-networking.org
secure.spykiller.com
secureie.com
security.kolla.de
spybot.info
spychecker.com
spychecker.com
spycop.com
spyguard.com
spykiller.com
spyware.co.uk
spyware-cop.com
spywareinfo.com
spywarenuker.com
spywareremove.com
spywareremove.com
stopzillapro.com
sunbelt-software.com
thiefware.com
tomcoyote.org
unwantedlinks.com
webattack.com
wilders.org
www.auditmypc.com
www.bulletproofsoft.net
www.cexx.org
www.computercops.us
www.ct7support.com
www.doxdesk.com
www.eblocs.com
www.enigmasoftwaregroup.com
www.free-spyware-scan.com
www.free-web-browsers.com
www.grc.com
www.grisoft.com
www.hackfaq.org
www.hazeleger.net
www.javacoolsoftware.com
www.kellys-korner-xp.com
www.kephyr.com
www.lavasoft.de
www.lavasoftusa.com
www.lurkhere.com
www.majorgeeks.com
www.merijn.org
www.mjc1.com
www.moosoft.com
www.mvps.org
www.net-integration.net
www.noadware.net
www.no-spybot.com
www.onlinepcfix.com
www.pchell.com
www.pestpatrol.com
www.safer-networking.org
www.secureie.com
www.security.kolla.de
www.spybot.info
www.spychecker.com
www.spychecker.com
www.spycop.com
www.spyguard.com
www.spykiller.com
www.spyware.co.uk
www.spyware-cop.com
www.spywareinfo.com
www.spywarenuker.com
www.spywareremove.com
www.spywareremove.com
www.stopzillapro.com
www.sunbelt-software.com
www.thiefware.com
www.tomcoyote.org
www.unwantedlinks.com
www.webattack.com
www.wilders.org
I can be reached at:
baruch (at-sign) blessedb (dot) org
"ISearch". I had not downloaded or installed any software, and I
certainly hadn't requested any toolbars (I use Google's). This was
malware.
This malware doesn't appear in Control Panel's "Add/Remove Programs",
so you can't uninstall it this way. You need to use a spyware or
adware remover. I used Ad-Aware.
If you have Ad-Aware on your computer, then you can run it to remove
ISearch. Once you have done this, you may need to restart your
computer, but you should be OK. Certain Websites may be unavailable
to you because ISearch modifies your hosts file (see #1 below).
If you do *NOT* have Ad-Aware on your computer, then you have to
download it (or another spyware remover). The Website for Ad-Aware is
www.lavasoftusa.com.
If you find that you can't access this Website, don't panic. ISearch
has altered your hosts file. You can fix that:
1. First you need to find the hosts file. Do a search for this file
using Windows Explorer. To save time you might want to start in the
Windows folder (and subfolders); however, this file may not be in this
folder for all versions of Windows. The name of the file is "hosts",
without any extension.
2. Edit hosts, using Notepad. Do *NOT* use Word or other word
processing programs; they may add unexpected characters.
3. Remove everything after the first line. The first line should
say:
127.0.0.0 localhost
You should keep this line intact, and delete the rest of the lines.
4. Save the file.
5. Now go to a Website that offers spyware removal software.
Download and run it.
In my opinion, ISearch is malware, that is, a program that does harm
to your computer. Its authors cause or allow the toolbar to be
installed without your permission or knowledge. Their FAQ suggests
that you have to click "Yes" at a prompt, or else you have certain IE
settings set too low. This is false. I neither clicked on any
prompts, nor were my settings too low. They simply hijacked my
browser.
ISearch disregards your preferences and makes significant alterations
to how your system runs, including denying you access to over 100
Websites (See list at end of message). I noticed that until I
restarted IE, Web pages I visited were obscured by large ads I had
never seen before, ads that lacked any method of minimizing or closing
the windows. You had to click on them, and then you'd go to their
Website, leaving behind the page you wanted.
ISearch also denies you a mechanism for easily removing the toolbar
from your browser. You can supposedly go to their Website and use
their download tool. I rejected this option. ISearch already showed
themselves to be disrespectful towards my wishes. Why should I trust
them?
There is no contact information on the ISearch Website. No doubt they
prefer to avoid the mass of outraged complaints they might otherwise
receive. Their contact information is available on whois.net. For
those who care to complain, the pertinent information is as follows:
Administrative Contact:
Manager, Domain (e-mail address removed)
701 Brazos
Suite 500
Austin, TX 78701
US
866-845-6873
The list of Websites ISearch didn't want me to find follows. No doubt
these are the Websites that will prove most useful in removing or
blocking ISearch.
and.doxdesk.com
auditmypc.com
boards.cexx.org
bulletproofsoft.net
camtech2000.net
cexx.org
computercops.us
ct7support.com
doxdesk.com
eblocs.com
enigmasoftwaregroup.com
forum.aumha.org
free-spyware-scan.com
free-web-browsers.com
grc.com
grisoft.com
hackfaq.org
hazeleger.net
javacoolsoftware.com
kellys-korner-xp.com
kephyr.com
lavasoft.de
lavasoftusa.com
lurkhere.com
majorgeeks.com
merijn.org
mjc1.com
moosoft.com
mvps.org
net-integration.net
noadware.net
no-spybot.com
onlinepcfix.com
pchell.com
pestpatrol.com
safer-networking.org
secure.spykiller.com
secureie.com
security.kolla.de
spybot.info
spychecker.com
spychecker.com
spycop.com
spyguard.com
spykiller.com
spyware.co.uk
spyware-cop.com
spywareinfo.com
spywarenuker.com
spywareremove.com
spywareremove.com
stopzillapro.com
sunbelt-software.com
thiefware.com
tomcoyote.org
unwantedlinks.com
webattack.com
wilders.org
www.auditmypc.com
www.bulletproofsoft.net
www.cexx.org
www.computercops.us
www.ct7support.com
www.doxdesk.com
www.eblocs.com
www.enigmasoftwaregroup.com
www.free-spyware-scan.com
www.free-web-browsers.com
www.grc.com
www.grisoft.com
www.hackfaq.org
www.hazeleger.net
www.javacoolsoftware.com
www.kellys-korner-xp.com
www.kephyr.com
www.lavasoft.de
www.lavasoftusa.com
www.lurkhere.com
www.majorgeeks.com
www.merijn.org
www.mjc1.com
www.moosoft.com
www.mvps.org
www.net-integration.net
www.noadware.net
www.no-spybot.com
www.onlinepcfix.com
www.pchell.com
www.pestpatrol.com
www.safer-networking.org
www.secureie.com
www.security.kolla.de
www.spybot.info
www.spychecker.com
www.spychecker.com
www.spycop.com
www.spyguard.com
www.spykiller.com
www.spyware.co.uk
www.spyware-cop.com
www.spywareinfo.com
www.spywarenuker.com
www.spywareremove.com
www.spywareremove.com
www.stopzillapro.com
www.sunbelt-software.com
www.thiefware.com
www.tomcoyote.org
www.unwantedlinks.com
www.webattack.com
www.wilders.org
I can be reached at:
baruch (at-sign) blessedb (dot) org
