My home page has been hijacked by www.globalfinder.com. Anyone know how to delete this from my system?

Download, install, update and run Adaware and Spybot S&D. You can get both free from www.download.com.

They are both great programs, but each may find something the other may not.

A varient of CoolWebsearh browser highjacker.
If Adaware & Spybot don't rid you of it you can try the removal tool here:
http://www.spywareinfo.com/~merijn/cwschronicles.html/A

hth
shep

Cheers. Downloaded and sorted !! Thanks

Hi-I have the same problem - have tried Ad-aware, Spybot S&D, CW Shredder, CW Shredder_u, bhblaster, mcafee scan for viruses but no matter what I do, whem my computer starts up again, I get Global-Finder as my homepage, despite setting it for yahoo. These programs have obviously cleaned a lot of junk from my PC, but it can't kill this hijack problem. HELP!!!
Thanks

I had the same problem. Unfortunately Adaware & Spybot did not find the files. I had to dig around for them.

There are two files that you need to isolate or remove.
Windows/system32/bootconf.exe
Windows/Web/oslogo.bmp (make sure you are able to view “protected operating system files” in Explorer>>Tools>>Folder Options>View)

That should fix it!

I still can't reset my search page after I did all of the things that were suggested.

This thing is unbelievable! I've cleared my history umpteen times, blocked global-com (which doesn't work), installed and run adaware and spybot, run Norton 3 times, and nothing gets this thing. I just tried the download from spywareinfo.com, but I don't have a lot of confidence. I say this because my browser behaves the same way each time I try something; once I've run everything and go into tools/options/change homepage, the browser hangs up and won't go to another page (which it just did again after I ran the software). I have to close the browser and reopen it. Near as I can tell, this is a problem that reinstalls itself every 24hrs. Any info on that? I know this because every time I remove everything, exactly 24hrs later it pops back over to global finder in the middle of what I'm doing (or when I try to go to a different webpage). I'll wait 24hrs since I just ran the software off spywareinfo, but suspect I will be back tomorrow night. Argh!

Look for a file called msinfo.exe - it should appear in Program Files\Common Files\Microsoft Shared\MS Info - but this could vary depending on your version of Windows and delete it. Don't delete msinfo32.exe - you need that one.

Then go to Start\Run and type Win.ini. Win.ini will open in Notepad. Delete the line that refers to to msinfo.exe and save the file.

Next search for a file called bootconf.exe and delete that.

Back to Start\Run and type msconfig. Click on the startup tab and uncheck the line that refers to bootconf.exe.

Right click on Internet Explorer and copy all the code for the global finder search page - it will have a lot of % signs and other nasties.

Back to Start\Run, type regedit and paste the code that you copied from IE into the 'Find' dialogue box. Edit the strings that your search finds with your preferred home page and search engine.

Reboot and global finder is gone forever.

Note if you would rather not edit your registry you can skip the regedit bit and reset your home page in IE 'Tools' but I prefer to think that I have removed all traces of this parasite.

I got the Global Finder Hyjack on my home computer, but was able to remove it with help from this site. I got to work this morning, and I have it there, also. I have Windows 2000 at work, and nothing mentioned seems to help. Any suggestions?

thank you kelstra, your indications have been very useful to me :-)

kelstra--how exactly do I find this code? view source?

Right click on Internet Explorer and copy all the code for the global finder search page - it will have a lot of % signs and other nasties.

CristinaJ-
I noticed before that if you go into tools/internet options and select the current text in the homepage box, it gives you that string with numbers and % signs (if that's not where it is, it's under "use default"; click on that and then select the text). I'm at work right now, and I can't remember which it was. I assume this is the same string kelstra is referring to.

CristinaJ is correct - follow her advice.
As I said, you don't have to edit your registry if you don't want to - it will still be gone after you have reset your homepage in IE tools.

My wife managed to get this on out pc when searching for an image of "man in bed" for a work project. she ended up being sent to various porn sites before giving up, feeling disgusted. The next day we had this global finder cobblers and up till now i couldnt shift it. hope you advice works, i'll let you know. Does anyone know exactly which site is responsible for the setting the hijacking?

Thanks for you help
Fishybob

FYI, the latest version of CWShredder seemed to do the trick. I downloaded it from the link above (the one that directs to spyawareinfo) on 9/1/03, and the program didn't reinstall on 9/2. So far so good....

While this is not a solution for removing the dreaded thing, it will help fight back at the culprit. Sometime when you have about an hour to waste, click on a few of the links on their page. Select ones that have e-mail links to contact them. Write a simple message explaining that they chose to advertise with Global-Finder, and that you find their practice of hijacking users PC’s extremely obnoxious, on the same order as virus infections. Go on to explain that you will boycott any advertiser who posts on the Global-Finder site, and that the call to boycott is being spread all over the net. If enough advertisers get a similar message, word will spread and Global finder will watch the effects of its funding source (its customers) being poisoned.

Lynne995 is correct. I fell victim to the hijack, downloaded and ran cwshredder, and the problem is gone. In shredder's explanation of everything it found and did, there was a lot of stuff that kelstra suggested--it's just that the program did it automatically instead of you having to do it manually.

sxshep thanks very much! Your suggestion below worked:

http://www.spywareinfo.com/~merijn/cwschronicles.html

Kelstra your a god !!!!!!!!!!!!
Ive been trying to get rid of this damn global finder thing for about a month.
Your instructions worked a charm

Thanks

Chris

Just in case, if you need to know who the heck own and operate this stupid...god...dame web site. I will register his email everywhere to make sure that it get all the spam. He should have the test of his own pioson.

Whenever you guys can think of giving email address and expecting to get the big spam, give webmaster@global-finder.com. I don't know what the f..u..c..k kind of the name this guy have ...Niiko Johtaja.

domain: global-finder.com
status: production
organization: General Suomen Laatuporssi Oy
owner: Niiko Johtaja
email: webmaster@global-finder.com
title: Mr.
address: Runeberginkatu 732/56
city: HELSINKI
postal-code: 00260
country: FI
admin-c: webmaster@global-finder.com#0
tech-c: webmaster@global-finder.com#0
billing-c: webmaster@global-finder.com#0
nserver: a.ns.joker.com 194.176.0.2
nserver: b.ns.joker.com 194.245.101.19
nserver: c.ns.joker.com 194.245.50.1
registrar: JORE-1
created: 2003-07-28 13:08:27 UTC JORE-1
modified: 2003-07-29 15:27:39 UTC JORE-1
expires: 2004-07-28 09:08:10 UTC
source: joker.com

Poland here :] Niiko Johtaja... will be dead to the world ;) Or maybe just his e-mail will :)
Thx for attack coordinates...

Does anyone know how this gets on your machine. I thought my firewall would prevent it, and I havent downloaded anything recently. Can I get it just by going to a web page!

It seems this 'parasite' is loaded on to your system through a loophole in ActiveX in Internet Explorer.
If you are using IE6 with SP1 (the latest version) you will at least get a dialogue box asking if it is OK to install. As this parasite poses as a Microsoft download most people would click OK. In my case I thought I was installing a plug-in for Media Player.

If you read my comments above you will see that the install program is called msinfo.exe. An investigation of this file even suggests that it is a Micrsoft product.
What is MS doing about it? I guess nothing.

One thing I didn't say above is that the program even manages to be able to list itself as a 'Trusted Site' in IE. so it is important to remove this otherwise you will be vunerable to further attacks.
Go to Tools\Internet Options and click on the Security tab. Click on the 'Trusted Sites' icon in the top part of the window and then the Sites button. Remove any sites that you are not absolutely sure of and remember this thing poses as being from Microsoft. If in doubt remove anyway as at worst you will be asked if it is OK to download something next time.

You should also click on the General tab then Accessibility and uncheck the line that reads 'Format documents using my style sheet'.

The very best way to remove this nonsense from your system and clean away all traces is to run 'CWSchredder' which does everthing for you however from comments above it seems that this doesn't always work. In this case you will have to remove it manually as outlined above.

Hi Everybody,

I got hit by this Hi Jack site.... I dont know how they do it but I got my own solution.

-On Internet Option, click "Use Default"
A site full of "%" and letters will come out.
-Press Ctrl+"C" , to copy
-Press Windows "Start" Button
-Click "Run"
-Type "regedit", Register Editor will come out
-click "My Computer"
-Press F3
-Press Ctrl+"V", to paste the site
-when it goes to the register content, press "modify"
-then type "www.yahoo.com" or whatever site, then OK
-press F3 to fine other Default URL Global finder has changed.

That's it. Proven to work..

God Bless,
Kyle
-
-

I also had been affected by this "hijack" by the "global finder" whatever we want to call it and thanks to you all I have gotten rid off it courtesy of the "CW Shredder"... it worked a treat. Thanks again, folks.

Veshengro

Kelstra- You are a life saver!! I was going MAD trying to remove that damn web site. Thanks so much- youre directions were clear and did the trick!!

P.S. How does that SOB get away with infecting os many computers. Isnt there any authority we can report this guy to??

And has anyone else noticed that there is no way to even contact them to report our complaints??

Thank you! I was having multiple problems, including the Global Finder Hijack thing, and I used cwshredder as you recommended. It seems to have solved the other main problem I was having, which was that Outlook Express was unable to bring in my emails and I kept getting an inaccurate message that drive C was full. This is a great forum. Thank you, thank you, thank you!

hi, can somebody pls help me..
i have the global finder.com but couldn't find the copy of CWShredder from the above spywarez link,,guess their link is down for many days.
i need urgent advise and if anybody have a copy of that CWshredder, pls tell me where can i download it. Thanks.

Wilson.

Go up to the top of this page and click on the link in the response No 2 window. I can assure you it does work.

The CWSchredder link is right at the bottom of the page.

What is Global Finder Hijack? Is it a spyware? What would it do for computer users?

I followed Kelstra's instructions (for which I thank him). One small thing -- when I rebooted, after Windows starts up I was showed a dialog box entitled "System Configuration Utility" and which says "You have used the System Configuration Utility to make changes to the way Windows starts. The System Configuration Utility is currently in Diagnostic or Selective Startup mode, causing this message to be displayed and the utility to run every time Windows starts. Choose the Normal startup mode on the General tab to start Windows normally and undo the changes you made using the System Configuration Utility. [Box] Click here to not show this message or launch the System Configuration Utility when Windows starts."

What does this mean, exactly? What do I do? Do I have to live with seeing this dialog box every time I reboot?

Thanks...

hi kelstra,

sorry but that link is down now.. it may be working previously but no longer...

is there anybody who can provide a link or email me a copy of your CWShredder? thanks.

Wilson
I changed the html so's the link will open in the same window in case that was a problem.

http://www.spywareinfo.com/~merijn/cwschronicles.html

It is important to read the information about the highjacker and the varients so as to choose which "fix" to run. The article also gives tips if you get error messages when running the file as well as the proper method for deploying the program.

hth
shep

I am trying to remove this from a friend of mine's computer. It looks like it worked using CW Shredder. I had previously run Adaware and that just did a minor fix. When I try to use IE and click on Tools/Internet options, I get the message, "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator." The OS is Windows 98.

mms
This one is easy.
Sounds like you are running ME.
You can either either uncheck the box on the dialogue box you are referring to which says something like 'show this warning message again' and forget it or you can remove the unwanted line from the startup tab.
To remove the unwanted line requires a small edit to the registry.
Click Start\Run and type regedit.
Navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Run or it may be under Run- (which is the next one down).
Click on the key (run or run-if its not there) and a list of entries will be displayed in the right hand window. Right click on the line(s) you don't want and select delete.
Note: when you right click, click on the tag under the 'name' column not the 'data' one.
Sounds complex but it is very easy.

mms
This one is easy.
Sounds like you are running ME.
You can either either uncheck the box on the dialogue box you are referring to which says something like 'show this warning message again' and forget it or you can remove the unwanted line from the startup tab.
To remove the unwanted line requires a small edit to the registry.
Click Start\Run and type regedit.
Navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Run or it may be under Run- (which is the next one down).
Click on the key (run or run-if its not there) and a list of entries will be displayed in the right hand window. Right click on the line(s) you don't want and select delete.
Note: when you right click, click on the tag under the 'name' column not the 'data' one.
Sounds complex but it is very easy.

I was able to get rid of this for my home page, but, I still have it as my search engine. How do I remove this as my search engine as well?

kelstra - I've been trying for days to get rid of this thing. I too was hijacked by global-finder. I tried Spybot and Adaware, and they both found bad stuff, but every day I got back on, global-finder was back. So I just tried cwshredder (took all of 5 seconds to run). Here are the results that printed in the window - I think I got it, do you agree? Thanks for all your help, everybody!

"Done!
- 15 registry values were killed
- Hostsfile was OK
- Bootconf.exe was killed and deleted
- Trusted Zone was OK
- User stylesheet was disabled and deleted
- Oemsyspnp.inf was not present
- Svchost32.exe was not present
- Msspi.dll Winsock hook was not present
- Msinfo.exe was disabled and deleted
- Winshow.dll BHO was not present

Windows XP (5.01.2600)
CWShredder v1.12.1
Written by Merijn - merijn@spywareinfo.com"

Click on this link to go to another forum on this same site.
http://www.computing.net/security/wwwboard/forum/6234.html
There is heaps on information there.
The best way to remove this parasite is by using CWSchredder but there is also a lot of advice on how to remove it manually.

I got hit by this thing on Windows 2000 Pro. I got the spybot and it seemed to hang, after finding many problems. I ran the latest Nortons and it didn't find it. Finally checked on www.zonelabs.com and found Pest Patrol. It was $19.95 and I got the free ZoneAlarm to go with it. Pest Patrol found and eliminated over 50 problems. I ended up doing a couple of registry edits. So far so good!

I think kelstra's suggestion to use CWShredder is best idea - plus it's free. It worked for me (Spybot and Adaware didn't fix the problem). I ran CWShredder and global-finder was gone in seconds.

Kelstra,
You're incredible! This stupid hijacking was driving me nuts. I managed to screw up my computer in an effort to get rid of it, but after fixing that side problem, I then followed your advice and Poof! she's gone! Yeah for you!

I've read your forum and it has helped me a lot. I use Windows XP and CWShredder worked as it said it would against GLobal Finder. My home page problem is fixed as well as my slow IE. It seems that I also have significantly more Physical Memory too.

Thanks Everybody

thanks dude!
i'm running windows xp & i've ran into that stupid global finder thing a few days ago. well i can't seem to get rid of it at first(i searched the whole registry for that freakin' global finder link(the one with the hell lot of "$$%%%") , and i managed to get my homepage restored but it still pops up whenever i enter some "crap links".. anway just wanna say that i've got it completely annihilated by CWShredder.. yeah baby!
thanks for you people's help :)

Hiya, all.

Thanks, Kelstra.

Had the same problem as all these guys. But my next question is this. After running CWshredder, in my norton quarantine folder, I have got msinfo.exe and bootconf.exe isolated.

What do I do with them next? Delete them or what? Pretty unsure so would appreciate advice.

Thanks and cheers, mate.

thanks so much for all the help, as i truly appreciated it. there is one question i have, and it is regarding startup...whether i start my comp or restart it. i went through all the changes manually instead of just doing cwshredder, and now i get this screen that shows up all of 2 seconds that says "which version on windows would you like to run" (or something along those lines). is there anything i could do about that? thanks in advanced.

I went to the url site that message 33 has a link to; at the bottom of that site I tried the link called 'for normal users' or something like that; it didnt open, so I wen to the link 2nd below that, and it opened and worked. Then when I clicked on my yahoo companion bar, on the yahoo Y, to reopen my yahoo hompage, I then clicked on 'make yahoo my home page' ; turned off and restarted my computet; lo and behold ! It's Fixed !!
Thanks so very much for being here, and easy to search for.

Well; It's the next day for me, following the advice of message #33 still works today.
But today when I turned on my computer it came to a black screen that told me I had to press F1 to continue. I did that and it told me I had to put in a disket. But I been through that before. I just pushed the button to turn off my pc without useing the start button method. and then turned it back on; This time it started correctly.
Save yourself a lot of trouble if you get that message and shut down like I said and start again. Your computer will fix itself.

There should be no more of that.

Thanks again for being here, I am so glad that global menace is gone.

PS I have had trouble ever sence removeing aol; I always get these 2 pop ups when starting my computer, saying can not find aol win ini exe. I have to X them out to continue. Been doing this for about 2 years. Anyone know of a message board with answers for this?

PSS Recently I tried Paltalk. Upon removeing it with my add/remove thing, I now get a search bow trying to bring it back just before my computer lets me dial up. Any clues to help boards here?

A million thanks. I am refering this place to members in my groups.

Ufolight,
I recently removed AOL myself...I had a lot of problems with it !!!
And when I removed the program it left behind some files that did not get taken out!!
I did a AOL search in my files and deleted everything that came up with AOL in front of it !!!
And I have had a terrible time with this Globalfinder hijacker..did not realize what the problem was till I discovered this sight and all of you guys here have been most helpful...My main symptom was my computer was very sluggish and slow and my typing text was significantly delayed in showing up in the text boxes !! I ran the CWShredder and things are much better now !!! Thanks a bunch !!!!

Kelstra; I love you, will you marry me?!!!

It worked a treat for me after weeks of grief. Thanks for all the help guys and gals, and more problems and I'm coming straight back here.

thanks a million ...sxshep and others .cwshredder cleaned up the globalfinder.

Just wanted to thank Kelstra.I was going crazy. I tried Spybot and Ad-aware and both failed to remove it.I followed his directions and removed it manually. For some reason when I tried downloading cwshredder I got an error Dr.Watson message. If anyone knows how I can fix that and download cwshredder I would greatly appreciate it.

Going back to Response 34 from Ken, in which he asked how to get into Tools, Internet Options (he was getting a message to the effect that the adminstrator had blocked the function):

Go to Windows\System
Rename the file Inetcpl.cp_ to Inetcpl.cpl.

From now on, you can access Internet Options both from IE and from Control Panel ... or even by simply double-clicking the file you just renamed.

It is probably js.exception.exploit, see description here:
http://www.symantec.com/avcenter/venc/data/js.exception.exploit.html
- use some recent antivirus software
- download the patch (you can find the link at the address above)
Regards
Domagoj, Croatia

How to report abuse like that:
- find number IP-address (type 'tracert www.global-finder.com' or 'ping www.global-finder.com' form MS-DOS Prompt)
- copy the number address here
http://www.arin.net/whois/index.html
to find the ISP and e-mail to report abuse

(I have already done it for the global-finder address)

i have the same problems as everyone. everytime i would log on to the net global.finder would pop up. after running cw shredder . i eliminated global finder and other websites linked to it in the default page menu from internet tools. thank you kelstra's. i tried spybot and still couldn't cure the bug. i even tried to find the sites on search for files and folders. no such luck
after loading cwshredder it took approx, 6 seconds to fix the problem.. it found the websites and elliminated them
thank you kelstra

Kelstra, I tried what you said for eliminating the Global finder but couldn't progress further than the "Rt clic on IE and copy the global finder code"....guess i don't understand.
Am I clicking on the icon? When I do, I can get into Properties and the Global address but could only copy it manually, which I did. When I plugged that into Regedit, the search yielded nothing. Rechecked my numbers and repeated it. Nothing. This is driving me nuts. I am also concerned with messing up some vital functions of my computer since I have never gone into those kind of files before. I am not as computer savvy as I would like but am diligently trying. Global finder is still my homepage even though I tried to change it again on internet options.
I also tried to download that file CW shredder but seems my computer can't except zip files?
If anyone can help, please do!
Thanks.

From where can I download reliable/uncorrupted copies of Adaware and Spybot S&D?

Ran CWShredder.exe on friend's PC & it ran fine & seems to have cleaned out the hijacker stuff. Does it change the boot record? Norton A/V noticed a change in the boot record afterward.

Sixtiesgeek

DAnna,

Download the "evaluation" version of WinZip

http://www.winzip.com/

This will enable your computer to use zip files, there are others but for the moment it will do the job.
Unzip CWShredder to someplace you can find it and run the program.

hth
shep

FINALLY GOT RID OF GLOBAL-FINDER !!! To Kyle Mendoza ... YOU ARE A GOD!!! The fix you offered in Response Number 24 does get rid of that God Da!@#ned Global-Finder Homepage Hijack code. I spent a month trying every possible fix offered by Ad-aware, Spybot, Norton and Zone Alarm and could not get rid of it. Kyle's simple "regedit" fix gets rid of it in 2 minutes. Folks, follow exactly what Kyle wrote in message 24. It is a simple "regedit" modification. Took me 2 minutes to open Start>Run>"regedit">"My Computer" There were four references to a URL in the regedit (a very long string which started "%6............." which was the Global-finder string. I deleted all four references in the file with the URL http://www.yahoo.com and BINGO!!!!, when I restarted my computer and went on-line, my browser went to Yahoo instead of that piece of s!@t Global Finder. Kyle ..... Thank You!!!!

Just a heads up. I started a subject titled "Cant remove aol.exe .
I posted after a few posts the victory results of removeing not only an aol.exe popup problem, but also how I got rid of Purity Scan from dominating in my computer.

Purity Scan attaches itself to windows so that you can not remove it; But, you can stop it from running by following what I found in what I posted as Subject: Cant remove aol.exe.

If you got either of these problems, this will show you how to rid them.
write down the instructions in that message; It works.

ufolight, over and out.

DAnna
If you need CWSchredder, email me on the link at the top of the box (where it says kelstra).
If you need an unzipped version let me know.
Believe me, CWS is by far the best way to remove this nonsense. if you are not all that familiar with computers, I wouldn't recommend editing your registry anyway.

DAnna
I have just realised my email link in the above box doesn't work. Go to message No. 36 and click the link there - that one works.

Thank you Shep and Kelstra! I succeeded in downloading Winzip and CW Schredder and, so far, there is no sign of Global Finder.
A good start to a Saturday morning.

Thank you so much for all of your help here.
I removed it manually and wanted your advise as to if I should bother usins CW Scredder also, or just leave well enough alone. Also, how did it get on our computers anyway? Anyone know? Thanks!

Hi, I'm 14, I'm trying to fix my family's computer. Global Finder keeps installing itself. I tried to download, CWshredder. I saved it on my desktop, and it wouldnt open. I have ad-aware. But it doesnt stop global finder. could one of you please email me at Saiyan_Fighter@hotmail.com. I dont know if i can get back on this forum, so i would greatly appreciate it if you could email me with a way to get rid of global finder. Maybe tell me why i cant open Cwshredder.

Thank you all for helping me.
I really need to get this stupid Global Finder off of my family's computer.
Thank you all.

Frank,
Do you have a WinZip, or another zip file program on your comp?
Sounds like not, go need one to unzip(open) the file on your desktop. Go to this site and download the "evaluation" version of WinZip. Once installed you will be able to open the CWS program using the WinZip Wizard.

http://www.winzip.com/

This should take care of the problem, if you have any trouble post back.

hth
shep

Okay, now what do i do? I hope i'm not being a burden.
If you could, please post a step by step process where i could get the cwshredder download and the this new one your telling me. I dont want to screw up our CPU. Plus this global finder got on because we thought we were downloading and update for windows media. Like someone above said. It said this was a "trusted site". Thank you guys for your concern and help.

Download CWShredder, put on desktop.
Download WinZip, put on desktop.

When installing WZ choose all the easy sounding stuff, use the wizard etc.

Once done double click the WZ picture, choose the evaluation version, leave the green light in the "unzip or install..."
click next.
Highlight the CWShredder program from the list you see and click next, it will ask you where to unzip the file to, make your choice, write it down if you have to.

Once done, open CWS and let 'er do it's thing, which ain't long.

hth
shep

A lot of people are asking how this thing gets on to your system.
The short answer is Microsoft Internet Explorer.
MSIE has gaping security holes everwhere. You only need to visit the wrong site and you have it. Microsoft has just released a patch to fix the problem but naturally it dosen't.
Microsoft are good at making money not at writing clever programs.
If you really want to be safe use another browser.

I manually got rid of global finder, do you think I should use CW Shredder also, or leave it alone? Thanks.

I have had this dreaded hijack on my system for a couple of weeks now and after reading all the info here I have downloaded and run cwshredder, this as put my system back to its former glory, thank you all for helping me get rid of this awful thing.

Hello Everyone, I too was hijacked. I ran cwshredder and updated my system with all available MS patches (I'm on Windows 98). All seemed well for about a day, now whenever I go on the net no graphic or picture images show-up on any sites, only an outlined box with an small red "x" in it (I'm sure there is a name for this box, but I'm no expert here). My default homepage is holding (not going to Global Finder any longer) but this other phenom is annoying.

Any help here would be appreciated.

TRB

In reply to response no. 73
If you open Internet Explorer, click on tools, click on internet options you will see a page that contains various tabs, click on the advanced tab, scroll down to the multimedia section, look for show pictures and ensure that a tick is in the box to the left of it. Alternativley you could just click on the button that says restore defauts. I hope that this helps you out.

I finally got it off thank you sooooo much. You guys are great!

Yet another victim of the dreaded Globalfinder! I'm going to follow the advice above to get rid of the pest, but I wonder if there is something we can do to torpedo this whole outfit. Any ideas?
For myself, I'm going to spend an hour emailing every advertiser on their site to say thatif they continue to advertise their, I will boycott them and their products, and let everyone on my email address book know about this scam.

Thanks to all who gave advice on the subject.

I also was hijacked by our friends at global finder, got rid of it, thanks to CWShredder, but now have a similar situation with a site called Lucky Search (http://luckysearch.net/pgdoc/). My homepage was set to "http://%61%63%63%2e%63%6f%75%6e%74%2d%61%6c%6c%2e%63%6f%6d/%2d/?%70%67%64%6f%63 about:blank" followed by a lot of spaces, so I only could read the 'about:blank'-part.
My computer since then is slow, the hard-disk is running continiously etc.
CWshredder obviously doesn't help and I can't find any info on this specific hijack. Anybody here knows something about it?
And does anybody know how the !#$^ I get these things? I always click 'no' when a pop-up asks me to install anything.
Thanx in advance!

Okay.. like all of you I too have been annoyed by Global-Finder.com (http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31) anyway I’ve tried 3 different method.

First I used the MS IE method. I’ve deleted everything that had that site's address from the REGEDIT but when I reboot the PC it kept coming back (http://support.microsoft.com/default.aspx?scid=kb;en-us;323869).

The last method I tried and it worked. However today when i searched for something on IE address bar it came back again as default search engine (http://www.pchell.com/support/globalfinder.shtml)

Can anyone give me a permanent solution for this site?

Hey, Widder.......I had the same problem....System ran so slowly it wasn't worth being online. Typing anything was a nightmare of waiting and waiting. I especially noticed all this on sites where I had to put in a password......like email, forums, chatrooms, really the only sites I go to all the time.
I downloaded CWshredder but before I ran it I did the "copy url from i.e., regedit, find,paste url in" thing and deleted what it found. Haven't even rebooted yet so I may be back, lol, but everything's immediately speeded up and seems back to normal.
Thank-you Kelstra and everyone here.