| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 42723 | 2004-02-20 10:46:00 | IE Home Page | jh47pcw2 (5291) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 216858 | 2004-02-20 10:46:00 | Gidday I can't rest my IE home page. Normally I have this et to about:blank. Recently something changed it to c:\windows\secure.html which does not exist. Can't change it back. Tried editing the registry (6 entries) but it ignores me. Rge string exists in a number of files: c:\load.exe, c:\windows\load.exe, c:\windows\reg32.exe, c:\windows\system.dat, c:\windows\system.dat, Its a pain Any thoughts? although we seem to get the ocasional "virus", we do reguular checks )2-3 times a week) and kill any that arrive. Cheers John Heaton |
jh47pcw2 (5291) | ||
| 216859 | 2004-02-20 11:34:00 | Download Spybot Search & Destroy (www.safer-networking.org) and/or Ad-aware 6 (free version) (http://www.lavasoftusa.com/) and give them a run. | Jen C (20) | ||
| 216860 | 2004-02-21 02:29:00 | Spybot and adaware wont help on this "hijack" Jen. Go here www.net-integration.net Read about and get "hijack this". Unzip it to it's own folder then run it. Scan and save a log for posting here. The log can be opened with notepad and the content's posted (copy and paste please) in your new reply. ******Do not fix anything****** This will show what's running on your comp. Al. |
AL... (5272) | ||
| 216861 | 2004-02-21 02:36:00 | Try CWShredder (www.majorgeeks.com) first, as there have been numerous occurences of the coolweb variations causing big problems. At 122kb, it is not big, and won't do any harm should nothing be found. But if it is a coolweb variation, this program is the only real way of dealing with it. |
Pheonix (280) | ||
| 216862 | 2004-02-21 02:42:00 | It's not cws Pheonix. | AL... (5272) | ||
| 216863 | 2004-02-21 02:47:00 | K, sorry didn't check myself. | Pheonix (280) | ||
| 216864 | 2004-02-21 02:55:00 | John, You say you've tried editing the registry etc to fix it. Have you tried booting into safemode first and editing your registry from there? While you're running in safemode, you should also check what is running on startup (run msconfig.exe), and if there's anything unusual in there, remove the tick and when you reboot see if you've still go the issue. Usually if there's something hijacking your system like this, it'll have a little program running on startup that'll reset it everytime you boot. If you boot to safe mode the program won't run, therefore you can remove the registry settings etc. and remove the program from starting up next time you boot. Hopefully this works for you. Mike. |
Mike (15) | ||
| 216865 | 2004-02-21 03:06:00 | To everyone who reads this thread I've delt with this hijack more than once and help out in a few forum's that deal with this sort of thing. While not an expert I'm far from being a novice. Messing with your reg and in msconfig can have dire conscquences. Al. |
AL... (5272) | ||
| 216866 | 2004-02-21 03:15:00 | > I've delt with this hijack more than once and help > out in a few forum's that deal with this sort of > thing. While not an expert I'm far from being a > novice. Messing with your reg and in msconfig can > have dire conscquences. Agreed, but from John's first post I would have to say that if he's willing to go searching through the registry before asking here then I'd say he probably knows the dangers of altering the registry, and will have (hopefully) taken the necessary precautions. There is a big difference between "messing" with your registry or msconfig to altering the settings that you know are related to the problem you are looking at. If you're going to go into either of those and just change anything you feel like, then yes you'll probably have problems. However if you know what you're looking for (the settings for the IE homepage aren't that hard to find), then why not? Let me put it this way... Driving a car or crossing the street can have dire consequences. :D :p Mike. |
Mike (15) | ||
| 216867 | 2004-02-27 08:35:00 | Thanks to all who replied Sorry its taken so long, but couldn't get time until tonight. (I already use adaware Jen. Sorry I should have mentioned this) I decided to checkout cwshredder. Success!! Thanks Phoenix I plan to follow thru on your suggestion Al, and we'll see what happens. I guess I need to get a wider range of tools.... Thanks again!! Regards John |
jh47pcw2 (5291) | ||
| 1 2 | |||||