Reprints by permission only. Please contact Bret A. Bennett via Business Sites: Pubstuff ("Tech Publications . . .").
Reprints for personal use (not including reposting on venues such as intranet or internet sites) do not require permission.
Please note copyright notice below.

Note: Before attempting to avoid any browser hijacks, I highly recommend reading "How to Avoid Browser Hijack Viruses" published in the November 2011 print edition of Windows IT Pro Magazine. A link for that web article can also be found on the "Publications" page at (just click the Publications button at the top of this page to go back).


Sample Browser Hijack Pics below: "AV Security Suite", "Congratulations"


"AV Security Suite" browser hijack attack.
This is also known as the "Wait a minute! This is important - we check your device" attack:


Notice above at first glance, this appears to be an official Microsoft Windows Explorer display (like you would see when you click on My Computer. However, if you look more carefully, at the top of the picture you will see that you are actually in the second "tab" of the Windows Internet Explorer browser. "Windows Explorer" and "Windows Internet Explorer" are two different things.


"Congratulations" browser hijack attack.
This one promises an unknown prize. I've also seen this one touting a free iPod/iPad:


If you click the OK button above, you're infected with a trojan downloader virus and may immediately notice multiple browser tabs opening up automatically. Attempting to close one tab just spawns a new one.

Now that I had another live hijack site to work with, I set up a test environment and tested the "Alt_F4" theory against this malware using the Chrome web browser. Fyi, the Alt_F4 theory was presented in the Comments section of the Windows IT Pro article "How to Avoid Browser Hijack Viruses". Unfortunately, Alt_F4 did not terminate/kill the browser process. Apparently the hijack was able to use the Alt_F4 keystroke as an Enter keystroke and loaded the next malware web page. I call this second page (that was spawned by the "OK" button above) "Malware On a Plate". It looks like this:


Notice the "Claim in" countdown ticker above the fake Walmart gift card carrot. That's just another trick to help you feel the pressure to do something and click again for even more infection.

Even though I was in a test environment, I had had enough of this folly and tried to click the browser's red X icon on the top right corner to see if it would actually close. No chance that I was getting off that easy. Here's what that bought me:

Yep, one more opportunity to make 100% certain that I wanted even more trojan punishment. And finally, a new twist on the old and infamous "Free iPod" lure. I see the clowns who dish out these malwares have updated the offering, now it's an iPad 2. Their incorrect spelling and capitalization is just one more sign that you're caught up in a sham.

No one enjoys rendering their PC unusable, infecting other computers on their networks, and compromising other acquaintances' machines with toxic email. So please keep your Windows Updates current. Don't disable Vista's and Windows 7's User Access Control. Don't run as a user with administrative equivalence. Use an antivirus/anti-malware software and keep it current. That's usually all you need to do to practice safe computing.  However on that day when something slips past your defenses . . . try to remember the Ctl_Alt_Del maneuver at the first sight of a browser hijack attack.




Legal Notice
Last modified: 10/14/2018 12:23 PM -0400
Copyright 1997-2018 BRET A. BENNETT, All rights reserved.
Lost in space? Click here to return to our doorway at
Click this link to contact us with questions or comments about this web site.