1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

IE homepage setting

Discussion in 'Web & Email' started by willowyang, Jan 13, 2002.

Thread Status:
Not open for further replies.
Advertisement
  1. willowyang

    willowyang Thread Starter

    Joined:
    Apr 28, 2001
    Messages:
    202
    An website not only set the first page to be my homepage automatically without my permission, but also disable all the 3 buttons for change the homepage setting under IE - Tools - Internet Options - Homepage. I tried Repair IE from Control Panel, it's still there. I even tried kill the all registry keies related this website, still can't fix it. Please help me.

    My OS is Win98. and I'm using IE 6.0. I didn't download or accept anything from that web. I don't know what tech they use on that web, but it's really rude and disgusting. I never have the mood to visit that website, just want get rid off it.

    The website address is: (edited by mod temporarily)
     
  2. TonyKlein

    TonyKlein Malware Specialist

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    Hi,

    First do this (quick and dirty):

    Close Internet Explorer and Outlook Express


    Download the attached Remove.txt, rename it to (save as) Remove.reg, and doubleclick it.
    Answer 'yes' when you're asked whether you'd like to have the contents of your reg file merged into the registry, and your restrictions ought to be removed.

    Now reboot.

    Now to Control Panel/Internet Options, and clear your temporary Internet files.
    Now click on Settings/show files, and delete your cookies.
    Or, if you're running IE 6.0, delete your cookies on the Privacy tab.

    Next, Now click OK, close Msconfig, and reboot.

    Now open Internet Explorer, and go to your favorite Start Page.
    Go to Internet Options, General tab, and click 'Use current'.

    Good luck,
     

    Attached Files:

  3. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
  4. TonyKlein

    TonyKlein Malware Specialist

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    Thanks Dave.

    So it would be a very good idea to have the computer scanned on line at <A HREF="http://housecall.antivirus.com/">Trend Micro HouseCall </A> first, I guess.
     
  5. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Tony
    Yes. Anyone that check that site and does not have active malicious script blocking would never know that trojan has entered until they would of scanned. It set iteself up in the IE5 temp folder for action. Here is what happened.

    Upon entry received notice of install on demand the usual stuff.
    Said no. Another popup could not install, ok.
    Next received alert from Norton malicious script detected stopped drive activity, do you want to quarintine "JS.Exception.exploit"
    1) tried repair--- could not
    2) try quarintine--could not
    3) try delete---could not

    Item was located in c:\windows\temp internet file\IE5

    Had to try ctrl,alt,del to end web page which partially took and then was able to quarintine which it is now.

    Sneeky little devil!

    Hope that helps others.
    Dave
     
  6. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Another curiosity. Followed links to Microsoft from the Symantec
    article and found all the updates suggested for security vunerablities. Double checked my system and all security patchs are in order and all updates have been complete for awhile and no others are available. I am a little confused how this can happen. Maybe someone can explain the mechanics of it to me.
    Dave
     
  7. TonyKlein

    TonyKlein Malware Specialist

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    Well, in this case it didn't infect your system, because Norton wouldn't let it.

    So the patch didn't get a chance to 'kick in' so to speak, I guess.

    The security patch won't stop it from getting into your Temporary Internet files, but presumably it prevents it from doing any real damage, like changing your home page or altering your Registry in any other way.
     
  8. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Tony
    Thanks for the info. Sure makes one think why people do not have any or minimal protection on their systems. Before it was just E-mail attachments and now it webpages with no action done by the viewer other than to go there. Such a shame its gotten to that.
    Thanks again for the explaination. Running a full virus scan as we talk just to make sure.
    Dave
     
  9. ezymony

    ezymony

    Joined:
    Jan 27, 2001
    Messages:
    741
    i clicked on the link myself to see what it was didnt get any warnings from av ran housecall didnt find anything maybe i wasnt there long enough .......i hope
     
  10. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    ezymony
    As Tony mentioned above the security patches that you apparently have downloaded have protected you from the invasion. I also ran a full virus scan of my system with Norton onboard and found the only reference to the .exploit script was in my recycle bin, which I promptly deleted. Just think of the poor souls who do not keep their systems up to date and do not have antivirus scanners onboard and up to date.
    Dave
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/64779

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice