Batu69 Posted February 9, 2017 Share Posted February 9, 2017 There is a large family of Spigot browser hijackers that all have a lot in common. So by giving you a description of them we hope this will help you to avoid any similar and new ones that might come along. Targeted browsers For some, but not all browser hijackers in this family there are extensions for Firefox and Google Chrome. In Internet Explorer they change the default Search Provider and the startpage. Trying to install the PUP on Edge will get you nothing but an “Unsupported Browser” notice. Recognizing the sites The websites where these hijackers can be downloaded will show you the EULA — –explaining to you, “the User”, what the downside of installing “the Software” might be. The Software is a free desktop application that offers you direct links to websites from your new preferred homepage and saves your new preferred home page and/or new tab page. When we set your Browser’s settings using the Software, they will be saved automatically on Chrome™, Firefox®, and Internet Explorer®. As part of the installation process of the Software, we may change your Internet Browser settings and/or provide you with the ability to opt to make changes to your Internet Browser settings. Download locations Downloads typically come from proinstall-download[dot]com or report-download[dot]com (both blocked by our Web Protection module). Both of these domains are registered with GoDaddy (no surprise there!). The download location changed not too long ago. It used to be secure[dot]fileldr08[dot]com and from the screenshot above you can see why we categorized these browser hijackers as PUP.Optional.Spigot. Worth noting is that after they switched away from the above download location, I was unable to install the extensions on Google Chrome. It failed to download and offer the extension. But this got fixed after a few weeks. The startpage The new startpage for the affected browser is a typical search page with a toolbar and some shortcuts, pointing to sites where you can find the information or functionality that the hijacker promised to provide, supplemented by local weather and social media links. Installation guidance Another typical behavior, that these hijackers copied from the likes of Mindspark, is the right in your face installation guidance with huge green arrows pointing out what your next step should be. Removal guides You can find some examples among the removal guides on our forums: My Email XP Your Television Now Easy Online Game Access GetFitNow Summary Spigot browser hijackers of this family are easy to recognize and in our opinion hardly worth installing because they add no more functionality than a few bookmarks. We hope this post helps you to avoid them in the future. As always: Save yourself the hassle and get protected. Article source Link to comment Share on other sites More sharing options...
jtmulc Posted February 10, 2017 Share Posted February 10, 2017 If I had a dollar every time I heard "I don't know where that came from, it must be a virus" or "one of the kids must have installed it", I could retire a rich man. No, you installed it yourself and when the warnings popped up, you just kept clicking 'Next', 'Allow', or 'OK' until it went away instead of reading the damn thing. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.