| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 45595 | 2004-05-27 06:35:00 | Browser Hijacker | sarel (2490) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 239723 | 2004-05-27 10:57:00 | sarel are you from South Africa? I grew up in Northern Rhodesia from 1952 till 1973 when I came to NZ. Rob. |
zqwerty (97) | ||
| 239724 | 2004-05-27 21:22:00 | Rob - I sent you an email regarding the last question - ja broer. Sarel |
sarel (2490) | ||
| 239725 | 2004-05-27 21:26:00 | OK guys - the experts at marijn.org seems to think this is a new variant and they are checking out my logs. I will keep you guys updated as I hear from them (I am talking to a guy called Unzy). Thanks and if any-one had the same and got it off, please tell me about it. Sarel |
sarel (2490) | ||
| 239726 | 2004-05-28 02:49:00 | I am assuming by browser hijacking you mean the home and search pages of IE are being swapped out with ones you don't want . I have had this problem on one of my systems for a while and found a good trouble free way to prevent it . =============WARNING=========================== This method involves registry editing, if you don't really know what you are getting yourself into, don't attempt this method . You could prevent IE from working permanently, or even windows if you lock the wrong keys . =============================================== Go to the following key in the registry HKEY Current user\Software\Microsoft\Internet Explorer\Main If you want a blank page to appear when you start change the value for the entry "Start Page" to "about:blank" . If you want a home page put the full URL in instead . Same goes for the entries titled "Search Bar" and "Search Page" - I don't know what the MS defaults for these are, as I never use them, and you can safely put about:blank here too if you never do either . The Entry titled "Local Page" should read c:\windows\system32\blank . htm Once you have the settings how you want them, right click on the "main" key in the left tree panel and click permissions . Take the tick out of full control for every entry, so that every entry only has read permissions for the "main" key . What this does is prevent any changes to this key in the most absolute way there is - nothing will be able to write to this key, and thus make changes to the main IE settings . You can also make the same change to all other IE "main" keys found at HKEY Local Machine\Software\Microsoft\Internet Explorer\Main HKEY Users\ . Default\Software\Microsoft\Internet Explorer\Main It is a bit of a hassle, but you may will have to log into all users accounts on the system and change the HKEY Current User entry, or go through every one of the main keys under HKEY USERS key . Also note: this will prevent you from changing the most of the IE settings etc through the internet control panel as well, so if you need to change it, you will need to remember where this key is and ttemporarily change the permissions back to full control . However, you may rest assured that there is not much chance of the home page ever being hijacked again . . . Craig . |
craig_b (2740) | ||
| 239727 | 2004-05-28 03:18:00 | Or,you could just use the handy features in Spybot to lock down IE. Or,Use firefox. |
metla (154) | ||
| 239728 | 2004-05-28 03:28:00 | This is one of the reasons I switched to Mozilla. Haven't had a single problem with this sort of stuff since then. The time it took me to switch over is way shorter that the time it took me to deal with just one of the hijackings that hit me previously. C'mon ... c'mon over to the dark side.... |
oggy (1250) | ||
| 239729 | 2004-05-28 17:04:00 | I agree metla - if one do not work on Windows daily you tned to forget (like me)(brain cells dead) and it's for people like me that they made the nice little programmes like Spybot. Report back from marijn.org: new variant, want some files of my PC to look at and update the new CWSchredder files (I think) Sarel |
sarel (2490) | ||
| 1 2 3 4 | |||||