How I Fixed my Hijacked Firefox from MyWebSearch Spyware!


Update! For more such awesome Tips and Tricks do visit the Technology How To section. 

3 days back I was browsing a popular website and I spotted “Zwinky” (which is supposed to turn a photograph into a 3D image)! It did look harmless and hence I installed it willing to give it a try. If you read me regularly, then you might probably know that I prefer Firefox over any other browser. I had used Firefox while downloading and installing “Zwinky”. But my excitement was short-lived when I spotted a new web search tool bar (MyWebSearch) that was added to my Firefox toolbar without my permission during the installation. I uninstalled this toolbar and thought it was the end of it; but soon I was going to be proved wrong!
Sometimes later, while trying to lookup something in Google, I directly typed the search query into the Firefox location/address bar. Usually, it should have displayed Google search results or a direct website based on Google’s "I'm feeling Lucky" algorithm. But this time, I got this instead:



It was super-annoying because I couldn’t search with Google, my primary search engine and Firefox, my primary web browser. It was clear that my dear browser (Firefox) was hijacked by MyWebSearch, which was causing browser redirection to their site. What the hell? I went through all of the Firefox preferences (Tools --> Options) to see if I could change back the default search engine to Google but I couldn't find any such option! Searching in Google for “MyWebSearch” gave me loads of information about this spyware. Yes, I would call it a spyware because it collects and stores information about the web pages you view, the data you enter in online forms and search fields, the "clicks" you make, the IP address, URL and country of the sites you visit, your IP address, information about your browser and operating system, and the products you purchase online while using the service. Instantly I did a scan of my PC using “Spybot – Search & Destroy”. It did find some instances of “MyWebSearch” and claimed to clean it too. But when I started Firefox, I saw it remained hijacked! Damn! :(
"MyWebSearch" Spyware Removal - Getting rid of Firefox/Google redirect Hijack:
The most irritating thing about a spyware is that it can manage to hide in your system and thus hard to be cleaned/removed. And “MyWebSearch” appeared to be quite good at it. I did the following things trying to hunt it down:
1. I checked again in “Add & Remove Programs” list. It wasn’t there.
2. I did a manual search in the “C:\program files”. I didn’t find any suspicious folder here as well. I expanded my search to whole “C:\”, without any luck.
3. Now I opened the “Registry Editor” (Start --> Run --> regedit). I did a search (Ctrl+F) for “MyWebSearch” and found 3 registry entries. I deleted them after making sure that they were the ones I was looking for. To make sure I was not missing any more registry keys, I did a search for “search” and this gave me some more entries. Out of these most were genuine Windows registry keys. But I found 2 of them were pointing to “MyWebSearch” entries; so I deleted them as well.
WARNING! If you are doing this, please be very careful while deleting a registry entry. Accidental deletion of a genuine entry may result in corrupted Windows that can only be fixed via reinstalling Windows.
After deleting the relevant “MyWebSearch” entries from the registry I was almost sure that this time it was finally removed. I started Firefox and oops; I was wrong! It was still hiding somewhere and hijacking my search results everytime I tried to do a quick Google Search via Firefox location/address bar. I searched on Web in hopes of finding out a MyWebSearch removal tool. But most (all) of them described how to get rid of the toolbar, which I had removed already. I could hardly find any info that could help in getting back my hijacked Firefox. I tried HijackThis (a free spyware removal tool by Trend Micro) too. But it was unable to sniff out “MyWebSearch” in its scan result.
I was beginning to get frustrated at this point and suddenly another “test idea” came across my mind. I went to the configuration mode of Firefox by typing “about:config” on the location bar. But searching for “defaultSearch” in the filter bar, gave me “Google” as the default engine! Damn. Where did they hide the redirect hijack configuration then?
Baffled, I now keyed in “myweb” in the filter box and here it was. It showed me the entries where the user setting was modified to hijack the browser, without my permission.



I right-clicked both the entries, choose “Reset” and restarted Firefox.



Hurray! And now the search result is back to Google. I am glad that this nasty hijack episode is finally over for me. Sorry Firefox. You had to spend 3 days in hostage situation due to my stupidity (in deciding to try out a malicious program like “Zwinky”). If you are facing a similar situation of browser hijack and looking for a way out, feel free to try my above steps and let me know if it helped. 

Update! For more such awesome Tips and Tricks do visit the Technology How To section. 

Happy Testing…
Share on Google Plus

About Debasis Pradhan

Debasis has over a decade worth of exclusive experience in the field of Software Quality Assurance, Software Development and Testing. He writes here to share some of his interesting experiences with fellow testers.

212 Comments:

  1. Wow. This pest had been hunting me for several weeks now. And when I had almost decided try and live with it for ever, I came across your blog. Thanks a lot for sharing your experience here. I had already tried many of those so called removal tools, anti-spyware. But it was your Firefox Config hack what did the job for me. Now my Firefox is free from MyWebSearch and runs faster too. Thanks a lot once again, Debasis.

    ReplyDelete
  2. Thanks a million for this tip. Saved me hours of head scratching :)

    ReplyDelete
  3. Brilliant! – This saved me ages digging around. It also saved my kids from being banned from the PC for more than a day or 2…

    ReplyDelete
  4. Aaargh, now they’ve found their way into Firefox! Mywebsearch is truly the Devil.

    ReplyDelete
  5. Like you I tried every anti spyware without any luck to delete mywebsearch. Then found your site. Thank goodness it was so simple to delete with your guidance.

    ReplyDelete
  6. Hi Debasis ,
    You can try below this also.
    open mozilla
    press these keys on keyboard
    ALT+T+A or just go to Tool>add ons
    on the plugins/extensions tab , remove speedbit.
    ALso click on View>toolbars and check if Speedbit is listed their, if yes uncheck it.

    go to control panel>add remove programs> highlight speedbit> remove.


    type "about:config" in firefox address bar(without quotes)
    search for "keyword.URL" by pressing Ctrl+F
    change its entry to " http://www.google.co.in/search?q="

    ReplyDelete
  7. Awesome. I had been trying to get rid of this bugger since 2 months. In this period I tried every leading anti-spyware that you can think of. But in vain. Who would have thought that it's solution was so simple and was present inside Firefox itself? You are simple brilliant, Debasis. Thanks for the tip.

    ReplyDelete
  8. Thank You for this tip. It would be useful in my "Admin's" part of computing.

    Also I must thank Vivek for additional useful info.

    ReplyDelete
  9. You are the BEST buddy. Simply smart and determined. It was intriguing to see how you kept your hopes up while hunting down this malware and how you finally tracked it down. Though I have never been infected by it yet, I simply enjoyed the way you described your story of rescuing hijacked Firefox. Keep it up. Happy Bug Hunting ;)

    ReplyDelete
  10. @ Everybody,

    Thanks everyone for leaving your comments. I'm glad to see that my little experience is helping you in getting rid of MyWebSearch. Thanks Vivek for leaving your comment on how to get rid of it. Hope it may help people for whom my method doesn't work out. Happy Testing/Bug Fixing... ;)

    ReplyDelete
  11. Please accept me as a warrior in your War against the Evil MyWebSearch. I hereby take oath to fight till my last breath to bring it down. Amen...

    ReplyDelete
  12. Maybe this faq on their website on - "How do I uninstall the My Web Search toolbar?" would have helped?

    http://smileycentral.custhelp.com/cgi-bin/smileycentral.cfg/php/enduser/std_adp.php?p_faqid=2355&p_created=1170433528&p_sid=Mk4l5VGj&p_accessibility=0&p_redirect=&p_lva=2142&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9NTAsNTAmcF9wcm9kcz05MzYsMTAyMyZwX2NhdHM9JnBfcHY9Mi4xMDIzJnBfY3Y9JnBfcGFnZT0x&p_li=&p_topview=1

    ReplyDelete
  13. @ Hadi,

    Yeah, that's a informative source how to uninstall the toolbar. But if you look closely, I had no trouble getting rid of their toolbar (Add/Remove Programs seemed to do it). The problem was the hidden MyWebSearch that was hijacking my Google Search Result Page and was redirecting to their own! I could not allow a third party software to take control of my browsing preferences, without my permission.

    ReplyDelete
  14. Hey man, my folks machine got hijacked by a similar program (ALOT search). Your solution worked like a charm, thanks. :D

    ReplyDelete
  15. Thank you! I learned something new. MyWebsearch.. those dastardly, sneaky dogs!

    ReplyDelete
  16. SecurityTool may also generate annoying pop ups and will perform a fake system scan. This system scan will come up with all sorts of false results in order to scare you into buying the full version.

    ReplyDelete
  17. OMG!!!!! Thank you so very, very much! Pissed me off for MONTHS. Wasted weekends doing many of the things you tried as well. Gave up using Firefox altogether. I truly appreciate your work and grateful that you shared it with others.

    ReplyDelete
  18. @ Anonymous,

    I am glad that I decided to write my experience as a blog post (going against my self-decided norm to post mainly software testing related stuffs here). Seeing that this is helping many annoyed people whom MyWebSearch had troubled so much, brings me immense relief and satisfaction.

    ReplyDelete
  19. Thank you so much! That stupid thing was making me crazy. I searched everywhere to find a solution and happily I got here.

    ReplyDelete
  20. Best solution I have found and only one that worked. Easy and great instructions! Thank you...I'm free of MyWebSearch...

    ReplyDelete
  21. Awesome *thumbs up* finally got rid of it! :D

    ReplyDelete
  22. Thank you very much. Like you I got rid of the toolbar a while ago but mywebsearch was still there. It resulted in me having a 'pretend' blue screen. Eventually got that sorted but have only now, thanks to you, been able to get rid of the culprit.
    You're very helpful, thanks again.
    Bananange

    ReplyDelete
  23. Thank you so much. Can't believe it was that simple. been reading all sorts on how to get rid of it including editing the registry. Should have found this article day's ago. Thanks again!!!!!

    ReplyDelete
  24. thanks a bunch! i got infected by mywebsearch toolbar through zwinky a couple of months ago, and barely managed to uninstal it. no google highjacking that time. but a couple of days ago, i got infected with the highjacker via msn-update (that's really mean!) thanks for the great solution - i only fiddled with firefox (your last solution) and it worked like charm!

    ReplyDelete
  25. Nice blog.... Thanks for the sharing http://www.itemplatez.com

    ReplyDelete
  26. It's already been said above....had this problem for a couple of months and was beginning to think that it's here to stay. But it's now gone thanks to you. CHEERS

    ReplyDelete
  27. you are great 5 months of problems, this solution saved me!!!!!!

    ReplyDelete
  28. Amazing. It was driving me nuts. You solved it in a few minutes. Such nerve of them!

    ReplyDelete
  29. Thank You Thank You Thank You, I have finally gotten rid of the pain in the but my web. Thank You so much I didn't know what I was going to do. I finally have my fav search engine back. I even bookmarked this page just in case. Thanks J.W

    ReplyDelete
  30. Had the same problem for the past months.
    Firefox default search engine set at Google, but still hijacked by mywebsearch.

    Thought of the filter - with five entries, while simultaneously reading this page.
    "RESET" did the trick !! :-)

    Mywebsearch web site does not provide useful information :

    http://helpint.mywebsearch.com/intlinfo/policies/policies.jhtml

    An online help form will even ask you to create an account first !!
    http://smileycentral.custhelp.com/cgi-bin/smileycentral.cfg/php/enduser/ask.php

    ReplyDelete
  31. Very informative blog. Testers should have digging out habbit.

    ReplyDelete
  32. Thank Debasis,

    your post was both clear and efficient

    ReplyDelete
  33. Hi Debasis,
    Im a silent reader of your blog for more than 1 year now i guess. The thing which made me speak today is a same spyware named 'SweetIm' that too hijacked my firefox the same way 'MyWebSearch' did yours. I was completely tired with how to get rid of it then suddenly this post of yours came into my mind and I used the same workaround you discussed here and got freed from that damn toolbar.
    Thanks for sharing your these kind a experiences.

    ReplyDelete
  34. Thank you Thank you tried posting on tech guy no reply I'm so glad to come across this while searhing.

    ReplyDelete
  35. The redirect is the worst! I'd like to find whose repsonsible and well, um, you know how these things get to you ;) but thank you as this was helpful.

    ReplyDelete
  36. Thanks a lot. I tried so many removal methods from online sites, but your about:config did the job. I almost gave up on it.

    ReplyDelete
  37. I am somewhat a novice at "fixing" software problems....BUT THANK YOU!!! I have been trying for a week to figure out how to get rid if "Mysearchweb" IWON... AGAIN THANK YOU!!!

    ReplyDelete
  38. Thank you! This did it for me as well. :)

    ReplyDelete
  39. Firefox and registry thing solved my issue. Thank you so much. Superantispyware couldn't find the Firefox issue at all.

    ReplyDelete
  40. brilliant fix , straight to the root of the problem and sorted . you just saved my lil brothers life hehehe thanks again

    ReplyDelete
  41. Thank you.
    I fixed the problem. I had the same problem which was explained above. I also fixed Ask.com from my list of search engine and something more... those were reset now.
    Thanks buddy for your explanation with ease to understand.

    ReplyDelete
  42. YESSSSSSSSSSSSSSS!!! You just made my week... Have been searching for an answer and stumbled upon yours!!! So happy!!! :)

    C
    xxx

    ReplyDelete
  43. Thank you so much! I think I tried all the same things and this one finally worked. :)

    ReplyDelete
  44. I spent hours trying to get rid of this before I finally found your post. It is gone now, thank you!

    ReplyDelete
  45. Thank you so much. This really was annoying me.

    ReplyDelete
  46. Thank you for the info

    ReplyDelete
  47. Insanely helpful. My mom got this toolbar and installed it from Facebook without knowing what it was. I really hated this!

    ReplyDelete
  48. using the config route is easy and quick. This Zwinky download should carry an alert. I will contact AVG and tell them. However, A BIG THANKS to you all!

    ReplyDelete
  49. This is the only thing that worked for me. THANK YOU SO MUCH!!!!!!!!

    ReplyDelete
  50. This mywebsearch is driving me mad for months, but I'm no computer expert; where's the FILTER box please???!

    ReplyDelete
  51. Thank you, thank you, thank you! This f***ing addon/search provider/toolbar/plugin/I don't care what, had been frustrating me every search I made, for months! I was in the exact situation you were, and I reset all the entries in about:config showed upon searching "myweb" and it worked! The big frustration was that it was on my portable firefox, so things like regedit or add/remove programs could not help at all. Thanks again!

    ReplyDelete
  52. you are a life saver!! i finally just got rid of that damn MyWebSearch...now i can get back to Google and all its brilliance =]

    ReplyDelete
  53. After trying so many ways to get rid of this, this finally worked! Thank you so much!

    ReplyDelete
  54. I am beyond frustrated at this point! My problem is not that google is not my search engine. My issues is that any search engine I use is being redirected. I can do a search on a local business and when I find the thing I am looking for and then click on it I get sent to a site that is not related at all. All the spyware and malware tools I have tried (8 so far) are meant for IE and not firefox. I have the same issue in either one.

    I have tried everything I know and no luck. How do I search for it if I have no idea what it is?

    Right before all this redirect nonsense started happening I kept getting those fake XP virus search pop ups. They would list 32 viruses or trojans and then try to get me to buy the virus remover. It would start scanning my computer automatically and I would quickly shut it down.

    The search clicked links started getting redirected and I realized today I also lost my sound card. Microsoft Fix it center resolved that issue and I have sound again.

    I also have a newer HP scanner/printer and I can no longer push the scan button and get it to scan. I have to open it on my PC and do it the long way.

    When I insert my memory card to download photos it no longer works either. I have to open the photo program and do it the long way as well. It used to automatically 'see' the memory card was plugged into my printer and start to download.

    Any ideas? Having to copy and paste any search links I want to see is a real pain in the a$$!

    ReplyDelete
  55. success! thanks!!!!

    ReplyDelete
  56. Thank you so much. You have no idea how much I appreciate you passing this knowledge along. God bless the internet.

    ReplyDelete
  57. This was relevant for the "Alot" browser hijack. Thanks so much! (blows a virtual kiss)

    ReplyDelete
  58. Oh My God Thank You. You are the only one that I could find that said how to remove the spyware program everything else that I tried to find it was all about just how to make firefox have the google search bar! THANK YOU. You really helped me allot on this one. I thought that I would NEVER figure it out! Thanks.
    -Cory D.

    ReplyDelete
  59. Great help. My brother-in-law was having this problem after his questionable internet surfing habits resulted in his laptop being hosed by a virus and lots of malware. Thanks for the help.

    ReplyDelete
  60. thanks for being the only guy i could find to figure this one out. udaman.

    ReplyDelete
  61. YOU ARE AWESOME! thank you so much.

    ReplyDelete
  62. I just wanted to say thanks. This is exactly what I needed and it worked.

    ReplyDelete
  63. thanks for saving me soooo much time- had not got to the spybot stage- just rummaging around in confusion-
    "myweb" in search box revealed the pesky things- very satisfying delete-

    ReplyDelete
  64. thanks -saved soo much time using your myweb search - they popped up in seconds and a very satifying delete- though another sneaked in - i know how to find them- and i have a clean bottom again (no grey bar!)

    ReplyDelete
  65. I had the same exact problem only it took me to SweetIM, not MyWebsearch. Thank you so much!!!!

    ReplyDelete
  66. Thanks alot for the tip about removing it from about:config. worked as intended.

    ReplyDelete
  67. Awesome!!!! Thanks a ton pal! Worked like a charm.

    ReplyDelete
  68. It worked!! Thanks a lot. This had been frustrating me for a long time. Glad to be rid of that pest.

    ReplyDelete
  69. AVG keeps doing this to me when it installs its plug-ins. It's underhanded and annoying. I imagine almost any tool bar that adds a search server to Firefox will likely do this too. Most people probably wouldn't even notice though.

    Another one on AVG's "con" list. Maybe it's finally time to chance.

    ReplyDelete
  70. Damn Zwinky! I fell for the same exact scheme. Never again though!! Thanks for the post. mywebsearch was about to have me pull my hair out!.

    ReplyDelete
  71. in the words of homer simpson, wohoo!!!!

    thanks again!!!!!

    ReplyDelete
  72. seems to work but now I have a black blank space where it used to be like a scar. oh well, least its gone. hopefully.

    ReplyDelete
  73. THANKS BRAH!
    I hate mywebsearch soooooooooo much and was having trouble tracking it down. You should post this to Mozilla. Well done :D

    ReplyDelete
  74. GOD BLESS YOU!!!!!
    i am so glad i found this blog
    thanks a million :) :)

    ReplyDelete
  75. Nice job on figuring this out, but what's a guy as smart as you doing downloading something as retarded and obviously malicious as Zwinky? An ounce of prevention, etc etc...

    ReplyDelete
  76. I'm no computer guru but I think I found a real easy fix for amatures. Go to TOOLS, OPTIONS then select a different homepage - I use Google. So far no log in problems, speed is back to normal. But I don't know if MYWEBSEARCH is operating in the background.

    ReplyDelete
  77. NICE! thanks a MIL!

    ReplyDelete
  78. take the no copy off you page would help

    ReplyDelete
  79. Thanks for this post!

    ReplyDelete
  80. I cannot find this bugger in the about:config file - I searched for both myweb and websearch and got nothing and all my web searches are still being hijacked. Any other things I should look for?

    ReplyDelete
  81. Thanks a lot dude... I was trying to remove it since last few weeks.. ;-)

    ReplyDelete
  82. Thanks for the help but ummm... where exactly is the "filter box" i'm not exactly a computer expert...

    ReplyDelete
  83. THANK YOU!!! I SPENT TWO WEEKS TRYING TO DELETE THAT SNEAKY "MYWEBSEARCH"! I CAN'T BELIEVE THAT IT WAS SO SIMPLE!!!

    ReplyDelete
  84. Richard, ChennaiMarch 4, 2011 at 8:51 AM

    Thank you so much Debasis and Vivek. I was trying to quit it for the past 2 months and got annoyed of searching the whole WWW but atlast i found your trick..wow.. its great buddy... thank u again.. but what prob still i have is that the MyWebSearch search box is still available at the top right corner of my firefox browser.. any way to get rid of it too? Advance thanks friend :)

    ReplyDelete
  85. you are an allstar - this also worked against the evil "search-results" that hijacked both my FF and IE (and i had to get IE9 to figure out how to fix it)

    ReplyDelete
  86. dood
    youre awesome
    i hate those guys

    ReplyDelete
  87. Thanks a lot ... Finally got rid of it and what a simple technique ... Touche

    ReplyDelete
  88. Thanks, that was really annoying me, woww, finally I rid off it. :)

    Karol

    ReplyDelete
  89. Your solution is the only that worked. Thanks a lot!!!

    ReplyDelete
  90. you rock thank you so much you saved me hours and hours

    ReplyDelete
  91. THANK YOU!!!! I was getting so upset! It's finally fixed! Whooo!

    ReplyDelete
  92. Thanks dude...... Hats off to you .... good job

    ReplyDelete
  93. Great information. I didn't have to do anything with my registry. This one was tricky!

    ReplyDelete
  94. You are my hero.

    ReplyDelete
  95. THANK YOU!!!!!!! IT W O R K E D! ! ! I was like you and ready to give up after trying everything to get rid of those "sneaky buggers." You were a GOD sent! :) Thank you!

    ReplyDelete
  96. ThankYouThankYouThankYou!! That is all.

    ReplyDelete
  97. Awesome!!! this is the only method that worked

    ReplyDelete
  98. Thank you so much!!!!

    ReplyDelete
  99. I found 5 entries on mine. After trying for weeks to get rid of this...every antivirus and anti-malware I could find. Even professional help...still hijacking. I'd banned my kids from the computer, maybe I'll keep them off anyways :) but now things are running well again. Thank you SO much for your blog.

    ReplyDelete
  100. Thanks for giving me Google again :D

    ReplyDelete
  101. WOW! THANK YOU!!!!!!! I tried everything but nothing. This was making me crazy. THANKS A LOT!!!!!

    ReplyDelete
  102. OMG, I LOVE you! Haha, seriously, I was so paranoid I'd need to shell out money to have someone clear this thing off of my computer... it was so well hidden, and neither SpyBot, nor Malwarebytes, nor my expensive Kaspersky security program could detect it at all, let alone get rid of it. Thank you thank you!!!

    ReplyDelete
  103. DUDE THIS IS THE BEST THANKS!!!

    ReplyDelete
  104. It worked like a charm!!! Thank you so much.

    ReplyDelete
  105. Excellent Excellent Excellent!!!! 100% accurate and fixed! Thank you so much! =)

    ReplyDelete
  106. It didn't work for me. I need help!

    ReplyDelete
  107. It helped me get rid of a Zinkwink hijack - thanks!

    ReplyDelete
  108. Here's how I solved my prob. Pretty easy. Did your prob happen around the time you installed or ignored a java update? If so... uninstall facking java. Prob solved. dono if the prob would still be there if you reinstall it. Hope this helps.

    ReplyDelete
  109. Here's how i solved my prob. Uninstall Java GG. If the prob is still there then i dono. If prob got resolved only while java is uninstalled then i dono. I haven't tried installing it yet but so far no more zwinkwink. Your prob probably happen at the time you installed stupid java or ignored an update.

    ReplyDelete
  110. you are awesome my friend. thanks a ton.

    ReplyDelete
  111. Thanks a million...you're awesome!!!

    ReplyDelete
  112. You, sir, are awesome! Thanks.

    ReplyDelete
  113. Thanks, your trick really worked for me!

    ReplyDelete
  114. THANK YOU! THANK YOU! THANK YOU!

    ReplyDelete
  115. Thank you so much, I followed the instructions and I think it finally got rid of this thing. I hate crap like this and it was really hiding itself well, making it an extreme hassle to get rid of. THANK YOU!

    ReplyDelete
  116. OMG I love you :)... This has been driving me crazy for 3 days.. all fixed now :)

    ReplyDelete
  117. I seem to have the same problem but cant identify the bug, tried my websearch, nothing. The website that has hijacked yahoo on me is terra.com. or Wender from Scotland. I entered this in about:config and got nothing. How do I identify which one to reset.
    Please help Im desperate

    ReplyDelete
  118. Ok I tried everything here and it won't let me delete all of the entries in the filter. says access denied. Help!!!

    ReplyDelete
  119. Finally - THE answer.

    ReplyDelete
  120. Thank you thank you. I have been searching for this answer for a long time. We got ours when my daughter clicked on an ad in Webkinz that brought her to a page for my super hero.

    ReplyDelete
  121. I had a very similar headbanging problem with the "Alot" browser hijack on Firefox, which I picked up when (foolishly) downloading some free zip/unzip utilities. It took a day to figure out, but here's what finally got rid of it:

    1. First I updated and ran my Clamwin free anti-virus scanner to inspect the entire HD. It found a TROJAN WORM embedded deep in the Firefox system files, and successfully removed it. Nonetheless, Firefox was still being hijacked by "Alot", every time I opened it.

    2. So I then used the XP "Global Search" utility to locate every file on the HD with the word "Alot" in it. It found twelve of them. I nuked them all, and Firefox was liberated! The problem has completely vanished.

    I suspect that this easy two-step technique would be applicable to many other "colonizing" infections as well. The people who write this vicious stuff deserve to be consigned to hell for eternity with no web or wireless or cloud or radio or TV access whatsoever!

    ReplyDelete
  122. Super Anti spyware got rid of mine, its the dogs!!!

    ReplyDelete
  123. Thanks Man! You saved us! :D

    ReplyDelete
  124. Thanks for the firefox config info! After getting rid of mywebsearch, I also had to get rid of search-123.com. It's great having firefox back. Oh yeah, my virus/antispyware service(Webroot)never picked it up on scan. They also wanted $129 to fix it!

    God Bless!

    ReplyDelete
  125. How did you get to the filter screen...I can't seem to find it

    ReplyDelete
  126. Thank you so much for getting rid of this annoying menace. You guys are awesome!

    ReplyDelete
  127. uggh I couldn't figure out how i got mywebsearch on my latop , and I've had it b4 and had gotten rid of it succesfully!! I run avg and ccleaner on the reg. Was searching for what felt like 4 ever to get rid of it this time and nothing worked from spy bot which said it found something that when i googled diff names for MyWebSearch but it had failed to get rid of it.. and others that promised to rid me of it :( Then i stumbeled across ur blog!! MANY MANY THANX!!!

    ReplyDelete
  128. uggh I couldn't figure out how i got mywebsearch on my latop , and I've had it b4 and had gotten rid of it succesfully!! I run avg and ccleaner on the reg. Was searching for what felt like 4 ever to get rid of it this time and nothing worked from spy bot which said it found something that when i googled diff names for MyWebSearch but it had failed to get rid of it.. and others that promised to rid me of it :( Then i stumbeled across ur blog!! MANY MANY THANX!!!

    ReplyDelete
  129. uggh I couldn't figure out how i got mywebsearch on my latop , and I've had it b4 and had gotten rid of it succesfully!! I run avg and ccleaner on the reg. Was searching for what felt like 4 ever to get rid of it this time and nothing worked from spy bot which said it found something that when i googled diff names for MyWebSearch but it had failed to get rid of it.. and others that promised to rid me of it :( Then i stumbeled across ur blog!! MANY MANY THANX!!!

    ReplyDelete
  130. Your the bomb! doing a about:config search for myweb, and resetting them all did the trick. I just wish I knew what caused this to get added so I can avoid it in the future.

    ReplyDelete
  131. Thanks a ton! Going to about:config and doing the search for myweb got me what I needed. I reset all the entries and it's back to normal. If anyone figures out what is causing this bad plugin to get added to our browsers please report it here.

    ReplyDelete
  132. Thanks !
    I've experience same as yours..
    That's the real very very damn spyware !

    ReplyDelete
  133. The only solution that has worked thank you so much!!!!

    ReplyDelete
  134. Like the original complaint, I also deleted it and it did reappear. Read your how to , to be honest with you they are way beyond my capabilities. It was the last hint that did it for me(about:config) restarted and it was gone. Thank you

    ReplyDelete
  135. I also deleted it and it returned, read your how to, all of the info was beyond my capabilities,except for about:config,I tried it restarted and it was gone. Thank you

    ReplyDelete
  136. Thanks.It helped me.

    ReplyDelete
  137. Perfect. This was the solution I was looking for.

    ReplyDelete
  138. Great tip on about:config--still works even after 3 years. Thx

    ReplyDelete
  139. i did the last thing you said for the browser. didnt work right away so i searched i bit more and there was over 50 strings in my browser :P reset power

    ReplyDelete
  140. Thanks so much for this information!

    ReplyDelete
  141. Greetings,
    you need to remove firefox extension "videoscavenger" to get rid of my websearch.
    Also uninstall videoscavenger from add/remove programs.

    regards,
    Shijas

    ReplyDelete
  142. I cannot believe how easey it was thank so very much. I can also not beleive that this rubbish has been on the net as ffar back as 2009??
    I also made the mistake by using Baby maker. That installed this tool bar. I can still not get rid of that Baby maker thing.

    ReplyDelete
  143. Thanks for such useful post.It helped me.

    ReplyDelete
  144. thanks a lot
    it was such a nightmare

    ReplyDelete
  145. It is okay for Firefox but how to remove it from IE

    ReplyDelete
  146. k, you guys are awesome, i followed your instructions, and now i got rid of mywebsearch...mostly...like someone asked b4, the right hand corner still has the search box, and i still get void links so to speak, i am not a techie...so when i type in youtube it usually works but now it doesn't want to go there it says try later...what did i miss? what can i do to fix it! Help!

    ReplyDelete
  147. so it helped, but now i don't get the oops messages anymore, just being jumped to other sites, or no connection at all...this really suck!

    ReplyDelete
  148. Thanks sooo much for the fix. Had me stumped.

    ReplyDelete
  149. I don't have adequate words to thank you with.
    I was about ready to poke my finger in my eye.

    ReplyDelete
  150. Thank you for this! It's been driving me nuts (I usually use the search bar, but every once in a while...) and no anti-spyware program seems to catch this part of it... which is odd.

    ReplyDelete
  151. Thanks for your help with this!

    ReplyDelete
  152. Hey, Thanks a lot... it was 2 lines instead of a whole page, but nice post...

    ReplyDelete
  153. I just found your website on Google and I must say,
    I’m impressed. I frequent a lot of blogs and yours is by far one of the best
    I’ve come across. The information you have here is concise and accurate and
    you have a very good writing style. Perhaps you should consider facebook törés?
    click here Best website facebook törés

    ReplyDelete
  154. Nice one my friend - I also was strugling to get rid of this annoying seacrh bar and your hints did the trick - many thanks indeed

    ReplyDelete
  155. Thanks for steering me in the right direction. Couldn't find MyWebSearch though. Instead, located new program installed on my computer as Web Assistant by IB. I used the free program Revo Uninstaller which removed it and scanned for remaining files, which detected MyWebSearch in my Registry and then deleted. Now all is well!

    ReplyDelete
  156. Cheers. Helped me get rid of Babylon on Firefox doing the same. Why can't they stop these damn things ?

    ReplyDelete
  157. Now, whenever I open my firefox browser, it gets hijacked to one entertainmentmusichits.com website. How can I remove it?

    ReplyDelete
  158. thank you Finally i get my old google fron BabyLon

    ReplyDelete
  159. 3 years later, and I found your article after trying to get rid of this dumb spyware. Thanks!

    ReplyDelete
  160. thank you that worked perfectly.. been trying for months now and that cleared it up in seconds

    ReplyDelete
  161. I have tried EVERYTHING and still cannot get rid of the mywebsearch search engine!! nothing has worked thus far and I tried it all! any other suggestions???

    ReplyDelete
  162. i seen your web site and was quite amazed

    ReplyDelete
  163. Thanks heaps for this posting. Had the same issue with Alot search, but got rid of it moments in the about:config settings!

    ReplyDelete
  164. thanks so much, it worked!!! i did what you said and then went into the search bar and reconfigured and removed the annoying ones.. success!

    ReplyDelete
  165. Hallelujah! I thought I was going to lose my mind, but you saved it!

    ReplyDelete
  166. i did what you said in firefox but it is still there. any ideas?

    ReplyDelete
  167. Fantastic! Got this pest removed from my Mum's PC at last.

    ReplyDelete
  168. I must add my accolades to everyone else. My parents were here...and downloaded a coupon app. I have been hi-jacked from My Web Search since. I had about given up when I found your blog. Thanks for the well explained simple steps. You saved me tons of aggravation.

    ReplyDelete
  169. Help!! I followed everything, and it was gone for a minute, but when I search it takes me right back. Note: The reset in the about:config does not stay. Every time I go back into about:config the web search is reset back to "My Web Search". I tried the reset and I tried typing in the http://www.google.co.in/search?q= and it takes it, but then when I restart it is reset. PLEASE HELP ME!!!

    ReplyDelete
  170. You are The KING!!! Thank you very much. I hate them.

    ReplyDelete
  171. *GULP*... I'm sorry to be the wee boy that says the Emporer has no clothes... but this didn't work for me. I found no Speedbit Add On but, I did find Mindspark which I disabled.

    I reset every line that had mywebsearch in it, I even tired replacing mywebsearch with Google (rather than resetting the line)... gee, I even went into msconfig and disabled these guys in Startup but, everytime I reopen Firefox it is still there.

    Any further ideas????

    ReplyDelete
  172. hello...What if I use Google Chrome? Where do I check that? Thanks

    ReplyDelete
  173. Hello Debasis:

    I followed your directions until the part about the filter bar. How do I find this so-called 'filter bar'? I saw all the other headings: preference name, status, type and value but only saw a bar that said search next to it not filter. I'm so close. Any help you can provide would be appreciated

    ReplyDelete
  174. In order to disable MyWebSearch, which appears any time when you click a "+" (plus sign) opening new tab, you must also disable the VideoDownloadConverter AddOn (version 2.50.0.51741 in my case).

    ReplyDelete
  175. THANK YOU!!!!!!!!!!!!!!!! It took me an hour to find everything, but I think it's gone now. I really appreciate your help because it was driving me crazy. Your recommendations were the only ones I found that were thorough and did the job.

    ReplyDelete
  176. How to remove mysearch results search engine:

    1. click the 3 hotdogs (formerly wrench icon) beside the star.

    2.Click settings

    3.Look for On Start up

    4. Check- Open a specific page or set of pages.

    5. Check- Set pages

    6. Delete mysearchresults by clicking the X beside it.

    7.Add a new page by typing - http://www.google.com.ph/

    8. click OK

    DONE!

    ReplyDelete
  177. Genius!!! Great Detective Work!

    btw ... MindSpark Add-on was my source of infection...
    Firebug helped me diagnos

    ReplyDelete
  178. You are amazing !!!!I got tears in my eyes after finally getting rid of this m********* mywebsearch

    ReplyDelete
  179. Thanks so much! I spent hours digging in the registry until I found this.

    ReplyDelete
  180. wew.. thank you so much for this...
    a million thanks to you..

    ReplyDelete
  181. “about:config” did the trick...this is the ONLY place I saw that tip after searching hundreds of pages

    ReplyDelete
  182. thankyou!! - finally got it...

    ReplyDelete
  183. This is how I got rid of it:
    - Click Firefox Button
    - Click Options
    - Click "General" tab
    - One of the buttons you'll see is: "Restore to Default". Click on it and that should do the trick.


    ReplyDelete
  184. THANK you so much for this!!! I'm a basic computer user & couldn't figure out what had happened but I hated the change & sure enough it was right after I installed a program. I hated that mywebsearch crap & nothing I tried worked to remove/change it. I'm so glad to have found your tips as they worked, YAY!!!! :-) Just had to say thanks!!!

    ReplyDelete
  185. This is a brilliant post! The fix worked for me against the Somoto.com hijack of my Firefox url bar. I searched for "Somoto" and "Bigseekpro"(apparently related) in the config screen described and now when I use my url bar to search, my default search engine Google is used.

    Thanks!!!
    Regards
    Chrissy
    Wiltshire, UK

    ReplyDelete

NOTE: Comments posted on Software Testing Tricks are moderated and will be approved only if they are on-topic. Please avoid comments with spammy URLs. Having trouble leaving comments? Contact Me!