Thursday, December 10, 2009

DellNet Hijack of my Computer... Resolved!


I recently purchased a Dell Inspiron Zino HD as a gift for my in-laws. Dell fulfilled the order quickly and my initial impressions of the AMD powered brick computer are very positive. It's quite a performer with a host of features all for a very modest price. I would recommend it for anyone with normal email, web browsing, word processing requirements. It's a robust PC in a small, convenient package.

My in-laws are relatively good at using computers, but set-up and configuration can pose confusing options for some people who are not entirely comfortable with information technology, so I took the time to get everything in order before presenting them with the gift. As expected, the Windows 7 Home Premium set-up went along smoothly and in a short time all of their desired software was installed and everything seemed to be in order.

The last thing I wanted to set-up was the default tabs on their web browser. My mother in-law uses Yahoo! Mail, and my father in-law uses MSN Mail, so I thought it would be nice to make my.yahoo.com and my.msn.com the default tabs when Internet Explorer ("IE") was opened. After making the changes under Internet Options, my.yahoo.com displayed as expected, but what was the deal with my.msn.com? Whenever I entered my.msn.com into the address field, the URL ("Universal Record Locator") would automatically change to dellnet.my.msn.com. What the heck is DellNet?




DellNet was Dell Corporation's Internet Service Provider ("ISP") business. It was introduced in 1999 as a stand-alone ISP option. In 2000, they announced a partnership with the Microsoft Network ("MSN") to provide a customized version of MSN Explorer that included Internet access. It's not entirely clear if DellNet still exists as a service provided by Dell. The service seems to have been absorbed by MSN sometime in the early 2000s. But that is not what this story is about.

The issue here was 1) I did not install or initiate service with DellNet on this brand new installation of Windows 7, and 2) I did not want my attempts to use MSN to be hijacked by Dell. I was very disappointed that Dell would do this. It is nothing less than adware or spyware activity. Even when simply entering msn.com into the address field, Dell changed the URL to dell.msn.com. If I wanted to navigate to dell.msn.com, I would have entered it into the address field!

So here's where the fun began. How could I fix this behavior to eliminate the DellNet intrusion? Changing the default pages via IE8's Internet Options had no effect and there were no rogue entries in the HOSTS file. I scoured the Internet looking for a solution. It seems as though there are a lot of bad user and tech support experiences with trying to uninstall the DellNet / MSN service from users' computers. I tried using some of their proposed solutions, such as removing the default registry entries for MSN6 and IE's home page and search service, but those efforts alone had no impact either.

Using Trend Micro's HijackThis seemed like an extreme measure, after all, this was a brand new computer; how could it be infected with adware or spyware already? However, I proceeded to install HijackThis and used it to identify a few additional registry entries that mentioned MSN that I had not found in my previous effort. Still no change... any attempt I made to browse to MSN.com changed the address to include Dell or DellNet. How frustrating!

Then it dawned on me. On my first use of IE8 with the new Dell Zino, the browser had automatically navigated to dell.msn.com. This was likely because of a factory-set registry entry. Now I had since removed the registry entry, but the browser continued to use the same hijacked URL. Did the dell.msn.com web site install a cookie to redirect the address?

To view the IE8 browser cookies, you use the Internet Options selection from the Tools menu. Then the General tab, Browsing History section, and Settings button. Once you are in the Temporary Internet Files and History Settings dialog, choose the View Files option. A File Explorer window will open where you can view all of the images, scripts and cookies saved by IE8.

I found two cookies had already been installed for MSN.com, and I deleted them both. After a re-boot to make certain I was starting fresh, the problem was resolved. Visiting msn.com or my.msn.com did not revert the URL to dell.msn.com or dellnet.my.msn.com!


Why did this happen in the first place? What is Dell thinking? It's one thing to direct me to the manufacturer's web site on the initial load of the web browser, but hijacking the browser to constantly redirect the URL to their co-branded site is simply adware; it's wrong and not welcome by me.

It's important to note that this issue is only with IE and does not impact access to MSN.com when using other browsers (i.e. Google Chrome, Firefox, or Safari tested to be okay). However, that does not make it a less serious matter.

So what is the solution to removing the dellnet.my.msn.com hijack? Based on my experience, I believe that it has multiple steps:
  1. Remove all instances of the default browser homepage in the Windows registry with very careful use of HijackThis or manual editing with RegEdit (the Windows registry editor).
  2. Delete all Internet Explorer cookies associated with MSN.com for all users.
  3. Add dell.msn.com and dellnet.my.msn.com to the Internet Explorer blocked sites under Privacy Settings to keep the cookies from being reinstalled should you happen to attempt to browse (or be redirected by a link) to one of those sites in the future.
If your computer has been hijacked by Dell, I hope that this information helps you access MSN.com without being redirected to Dell's adware version of the MSN web site.

9 comments:

  1. We just bought one of these from Dell to replace a register PC in our store. Typically I replace the default installation of Windows with one of my MSDN copies to avoid precisely this scenario; but in this case - since its for our store - I cannot [legally]. I really wish it was possible to order more PCs without a Windows installation because a Windows installation crippled with vendor specific crap just isn't worth the discount.

    ReplyDelete
  2. For the record this happened to me on Google Chrome (my default browser) so it's not just an IE thing.

    ReplyDelete
  3. Since Microsoft Internet Explorer is the web browser installed with the Windows operating system by Dell, it is the application with which most users will experience this problem. There is no question that it could happen with other browsers as well, and the remedy stays the same.

    ReplyDelete
  4. I just received my new laptop yesterday and noticed this very thing. Glad I know how to fix it! Thanks!

    ReplyDelete
  5. Got a new computer from dell yesterday. Same isue. this worked. I hate this. Its for my wife so I have to clean this stuff up for her or it will cost me hours later. I wish these darn suppliers would stop this. It just causes agravation and frustration toward the vendor.

    ReplyDelete
  6. I've seen the same issue with an Asus laptop - seems like a common vendor practice rather than just Dell

    ReplyDelete
  7. thankyou, dell one 23 crap same also, loaded hijack this ahhhhhh works gr8

    ReplyDelete
  8. It's 2012 and they are still doing this. They lost a customer tonight for the intrusion and hijacking. Thanks for your insights and solution. Dell technicians need to read your site. This was a simple, 3 minute operation that they turned into a 45 minute call.

    ReplyDelete
  9. F* you dell and shame on MS for allowing this to happen. None these suggestions work for me!

    ReplyDelete