IE homepage setting

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

willowyang

Thread Starter
Joined
Apr 28, 2001
Messages
202
An website not only set the first page to be my homepage automatically without my permission, but also disable all the 3 buttons for change the homepage setting under IE - Tools - Internet Options - Homepage. I tried Repair IE from Control Panel, it's still there. I even tried kill the all registry keies related this website, still can't fix it. Please help me.

My OS is Win98. and I'm using IE 6.0. I didn't download or accept anything from that web. I don't know what tech they use on that web, but it's really rude and disgusting. I never have the mood to visit that website, just want get rid off it.

The website address is: (edited by mod temporarily)
 

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
Hi,

First do this (quick and dirty):

Close Internet Explorer and Outlook Express


Download the attached Remove.txt, rename it to (save as) Remove.reg, and doubleclick it.
Answer 'yes' when you're asked whether you'd like to have the contents of your reg file merged into the registry, and your restrictions ought to be removed.

Now reboot.

Now to Control Panel/Internet Options, and clear your temporary Internet files.
Now click on Settings/show files, and delete your cookies.
Or, if you're running IE 6.0, delete your cookies on the Privacy tab.

Next, Now click OK, close Msconfig, and reboot.

Now open Internet Explorer, and go to your favorite Start Page.
Go to Internet Options, General tab, and click 'Use current'.

Good luck,
 

Attachments

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
Thanks Dave.

So it would be a very good idea to have the computer scanned on line at <A HREF="http://housecall.antivirus.com/">Trend Micro HouseCall </A> first, I guess.
 
Joined
Feb 28, 2001
Messages
11,584
Tony
Yes. Anyone that check that site and does not have active malicious script blocking would never know that trojan has entered until they would of scanned. It set iteself up in the IE5 temp folder for action. Here is what happened.

Upon entry received notice of install on demand the usual stuff.
Said no. Another popup could not install, ok.
Next received alert from Norton malicious script detected stopped drive activity, do you want to quarintine "JS.Exception.exploit"
1) tried repair--- could not
2) try quarintine--could not
3) try delete---could not

Item was located in c:\windows\temp internet file\IE5

Had to try ctrl,alt,del to end web page which partially took and then was able to quarintine which it is now.

Sneeky little devil!

Hope that helps others.
Dave
 
Joined
Feb 28, 2001
Messages
11,584
Another curiosity. Followed links to Microsoft from the Symantec
article and found all the updates suggested for security vunerablities. Double checked my system and all security patchs are in order and all updates have been complete for awhile and no others are available. I am a little confused how this can happen. Maybe someone can explain the mechanics of it to me.
Dave
 

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
Well, in this case it didn't infect your system, because Norton wouldn't let it.

So the patch didn't get a chance to 'kick in' so to speak, I guess.

The security patch won't stop it from getting into your Temporary Internet files, but presumably it prevents it from doing any real damage, like changing your home page or altering your Registry in any other way.
 
Joined
Feb 28, 2001
Messages
11,584
Tony
Thanks for the info. Sure makes one think why people do not have any or minimal protection on their systems. Before it was just E-mail attachments and now it webpages with no action done by the viewer other than to go there. Such a shame its gotten to that.
Thanks again for the explaination. Running a full virus scan as we talk just to make sure.
Dave
 
Joined
Jan 27, 2001
Messages
741
i clicked on the link myself to see what it was didnt get any warnings from av ran housecall didnt find anything maybe i wasnt there long enough .......i hope
 
Joined
Feb 28, 2001
Messages
11,584
ezymony
As Tony mentioned above the security patches that you apparently have downloaded have protected you from the invasion. I also ran a full virus scan of my system with Norton onboard and found the only reference to the .exploit script was in my recycle bin, which I promptly deleted. Just think of the poor souls who do not keep their systems up to date and do not have antivirus scanners onboard and up to date.
Dave
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top