How I Fixed my Hijacked Firefox from MyWebSearch Spyware!

Update! For more such awesome Tips and Tricks do visit the Technology How To section. 

3 days back I was browsing a popular website and I spotted “Zwinky” (which is supposed to turn a photograph into a 3D image)! It did look harmless and hence I installed it willing to give it a try. If you read me regularly, then you might probably know that I prefer Firefox over any other browser. I had used Firefox while downloading and installing “Zwinky”. But my excitement was short-lived when I spotted a new web search tool bar (MyWebSearch) that was added to my Firefox toolbar without my permission during the installation. I uninstalled this toolbar and thought it was the end of it; but soon I was going to be proved wrong!

Sometimes later, while trying to lookup something in Google, I directly typed the search query into the Firefox location/address bar. Usually, it should have displayed Google search results or a direct website based on Google’s "I'm feeling Lucky" algorithm. But this time, I got this instead:

It was super-annoying because I couldn’t search with Google, my primary search engine and Firefox, my primary web browser. It was clear that my dear browser (Firefox) was hijacked by MyWebSearch, which was causing browser redirection to their site. What the hell? I went through all of the Firefox preferences (Tools --> Options) to see if I could change back the default search engine to Google but I couldn't find any such option! Searching in Google for “MyWebSearch” gave me loads of information about this spyware. Yes, I would call it a spyware because it collects and stores information about the web pages you view, the data you enter in online forms and search fields, the "clicks" you make, the IP address, URL and country of the sites you visit, your IP address, information about your browser and operating system, and the products you purchase online while using the service. Instantly I did a scan of my PC using “Spybot – Search & Destroy”. It did find some instances of “MyWebSearch” and claimed to clean it too. But when I started Firefox, I saw it remained hijacked! Damn! :(

"MyWebSearch" Spyware Removal - Getting rid of Firefox/Google redirect Hijack:

The most irritating thing about a spyware is that it can manage to hide in your system and thus hard to be cleaned/removed. And “MyWebSearch” appeared to be quite good at it. I did the following things trying to hunt it down:

1. I checked again in “Add & Remove Programs” list. It wasn’t there.

2. I did a manual search in the “C:\program files”. I didn’t find any suspicious folder here as well. I expanded my search to whole “C:\”, without any luck.

3. Now I opened the “Registry Editor” (Start --> Run --> regedit). I did a search (Ctrl+F) for “MyWebSearch” and found 3 registry entries. I deleted them after making sure that they were the ones I was looking for. To make sure I was not missing any more registry keys, I did a search for “search” and this gave me some more entries. Out of these most were genuine Windows registry keys. But I found 2 of them were pointing to “MyWebSearch” entries; so I deleted them as well.

WARNING! If you are doing this, please be very careful while deleting a registry entry. Accidental deletion of a genuine entry may result in corrupted Windows that can only be fixed via reinstalling Windows.

After deleting the relevant “MyWebSearch” entries from the registry I was almost sure that this time it was finally removed. I started Firefox and oops; I was wrong! It was still hiding somewhere and hijacking my search results everytime I tried to do a quick Google Search via Firefox location/address bar. I searched on Web in hopes of finding out a MyWebSearch removal tool. But most (all) of them described how to get rid of the toolbar, which I had removed already. I could hardly find any info that could help in getting back my hijacked Firefox. I tried HijackThis (a free spyware removal tool by Trend Micro) too. But it was unable to sniff out “MyWebSearch” in its scan result.

I was beginning to get frustrated at this point and suddenly another “test idea” came across my mind. I went to the configuration mode of Firefox by typing “about:config” on the location bar. But searching for “defaultSearch” in the filter bar, gave me “Google” as the default engine! Damn. Where did they hide the redirect hijack configuration then?

Baffled, I now keyed in “myweb” in the filter box and here it was. It showed me the entries where the user setting was modified to hijack the browser, without my permission.

I right-clicked both the entries, choose “Reset” and restarted Firefox.

Hurray! And now the search result is back to Google. I am glad that this nasty hijack episode is finally over for me. Sorry Firefox. You had to spend 3 days in hostage situation due to my stupidity (in deciding to try out a malicious program like “Zwinky”). If you are facing a similar situation of browser hijack and looking for a way out, feel free to try my above steps and let me know if it helped. 

Update! For more such awesome Tips and Tricks do visit the Technology How To section. 

Happy Testing…

Interviewing a Testing Expert - Phil Kirkham

I am back again with yet another interesting Interview with a Testing Expert; this time with Phil Kirkham (from UK) who is a Programmer turned Tester turned Test Consultant at Acutest. He writes about testing on his blog at Expected Results! He is a Moderator of Software Testing Club and Testing Reflections as well. I felt it would be exciting to interview him and when I approached him he was kind enough to honor my interest in taking his interview. Here is what Phil has to say:

Debasis: What led you to become a software tester? And what was the topmost reason that attracted you to the field of testing?

Phil: I was working as a programmer but the s/w we were sending out was of really poor quality and the customers were getting more and more irate. My boss knew I had a knack for breaking things and debugging so asked if I would help out with the testing effort. At the same time I was also thinking about a career change after 20 years of programming, I'd got a few career change books ( such as 'What Colour is Your Parachute' ) and realised that my personality traits and tester traits were a very good match. I'd also read a few testing books by then and started to realise that testing was more than just banging away on a keyboard.

Debasis: Did you try testing anything other than software before diving into software testing?

Phil: Funnily enough, when I left university I was on a graduate training scheme at a large company and was moved around various departments. One of the departments was testing a sea-mine clearance system which meant using a large device to simulate the noise of a ship.

Debasis: Tell me 5 unknown/least-known facts about you.

Phil: (i) I used to coach a girls soccer team. After that, managing anything else is easy.

(ii) I won a slogan competition run by a coffee company and the prize was a £10K holiday which was spent on 2 weeks in the Seychelles.

(iii) My first money making scheme was finding lost golf balls at Royal Birkdale golf course. That was a bit like finding bugs - you knew there were some hiding and you got to know the areas where they could be found.

(iv) I have a scar on the back of my right hand after I put it into an oven when I was 3 - unsupervised exploratory testing can be dangerous! :)

(v) My first website was set up over 13 years ago - all about footy and the girls teams I was coaching and my daughter was playing for. Some pages still exist [http://www.geocities.com/Colosseum/3562/wkham.html]. Doing this site taught me a lot about building a community, lessons I've tried to put into practice with the Software Testing Club.

Debasis: What was the hardest challenge that you faced in your career as a tester?

Phil: Trying to convince management to take testing seriously and that being 'agile' did not mean shipping out a program after testers had give it a "quick once over". That and trying to get a tester I worked with to read a testing book.

Debasis: Tell me about the most satisfying moment in your testing career.

Phil: Sitting in a meeting near the end of a project and hearing someone say that the testing effort seemed so much more professional now that I was involved. And someone adding onto the end of that that they wish I could be cloned. Also in an annual review having it noted that "Phil's testing efforts saved the project from disaster".

Debasis: Tell me of any situation when you had wished you were NOT a tester!

Phil: The end of year pay review when the CEO decided that because I was now a tester I shouldn’t get as big a raise as the programmers (despite the comments being made in the answer above).

Debasis: Has the profession (testing) ever affected your personal life? If yes, how?

Phil: Couple of ways. I can sometimes embarrass my wife by trying to break things when out in public - such as the self-serve machines in the supermarket.

And when I was trying to change the culture of a company from a chaos culture where testing meant bashing keyboards to somewhere where testing was given some thought I found I couldn't switch off after 5:30. The work/life balance was way off.

Debasis: What do you think as the most essential skills that make a great tester?

Phil: Desire and ability to learn and a passion for testing.

Debasis: How do you see software testing as a career, let’s say after a decade? What would be the biggest challenges for the field and what would be the biggest advancements?

Phil: I had a blog post called 'The 50 years old test' that showed that in some ways not much has changed. There's the techy challenge of keeping up with all the advances that allow programmers to create apps with a few lines of code and the challenge to get management to understand what proper testing can give. I'd like to see testing moving up the chain so it takes place much earlier and I'd love it if we got to the stage where we were never finding and reporting simple boundary value bugs.

Debasis: What single thing would you want to tell every newbie who is struggling in the early stage of building software testing career?

Phil: Keep going! I found it hard to break into the field [no ISEB certificate, being a programmer rather than a tester (implies I'd be too expensive)] and I'd been at the same company for 20 years. Then a company came along that wanted people who were passionate about testing and I was on my way. Thank you Acutest.

Debasis: Is there anything else that you would like to say?

Phil: I learnt a lot from the online community and got a lot of support. I'm trying to give some of it back and would encourage everyone else reading this to do the same.

Thanks Phil for taking your time and answering my questions. It is really interesting to hear how Phil was a Programmer and became a Tester, how NOT having a Certification (ISEB, ISTQB etc) didn’t stop him from advancing in his career as a tester and how his “Passion for Testing”, more than anything else, helped him in becoming a Testing Expert. I hope all of you enjoyed this interview as mush as I did. Any thoughts?

Happy Testing…