IE homepage

[Lau]

Hello,

I've an odd problem with my XP installation > quite regularly IE 6.0 will
set the default page to MSN.COM in spite of my using blank.When this happens
a spyware scan using Ad-Aware will always reveal a 'possible browser hijack
attempt' followed by very slow or no DNS resolving.No matter how many times
I remove/quarantine this and set the IE page back to blank it will show up
again,even after having restored my system with an image from several months
ago that did not have this problem.

All WinXP packs/fixes are up to date,no viruses to be found with latest
definitions.

Help!!

Lau

***quote from Ad-Aware***
Vendorossible Browser Hijack attempt
Categoryata Miner
Object Type:RegData
Size:-
Location:Software\Microsoft\Internet Explorer\Main "Start Page"
("about:blank")
Last Activity:11-06-2004
Risk LevelMedium
Commentossible browser hijack attempt
Descriptionossible attempt to control\redirect the browser. This object
referrs to a "blacklisted" site.
***

 

[Lau]

Update:

The problem as described will occur after having deleted the hijack attempt
reported by Ad-Aware.Also,for some or another reason I cannot get onto
www.pestscan.com to do an online spyware check while others can.

Lau

 

[Will Denny]

Hi

Try these two programs as well:

Spybot - http://www.safer-networking.org/
CWShredder - http://www.spywareinfo.com/~merijn/downloads.html

Also see the following link:

http://mvps.org/winhelp2002/unwanted.htm

--

Will Denny
MS-MVP Windows - Shell/User
Please reply to the News Groups


| Hello,
|
| I've an odd problem with my XP installation > quite regularly IE 6.0 will
| set the default page to MSN.COM in spite of my using blank.When this
happens
| a spyware scan using Ad-Aware will always reveal a 'possible browser
hijack
| attempt' followed by very slow or no DNS resolving.No matter how many
times
| I remove/quarantine this and set the IE page back to blank it will show up
| again,even after having restored my system with an image from several
months
| ago that did not have this problem.
|
| All WinXP packs/fixes are up to date,no viruses to be found with latest
| definitions.
|
| Help!!
|
| Lau
|
| ***quote from Ad-Aware***
| Vendorossible Browser Hijack attempt
| Categoryata Miner
| Object Type:RegData
| Size:-
| Location:Software\Microsoft\Internet Explorer\Main "Start Page"
| ("about:blank")
| Last Activity:11-06-2004
| Risk LevelMedium
| Commentossible browser hijack attempt
| Descriptionossible attempt to control\redirect the browser. This object
| referrs to a "blacklisted" site.
| ***
|
|

 

[GTS]

This is due to a problem introduced in a recent Adaware update. It reports
the standard Microsoft about:blank as a hijack attempt. If you let Adaware
delete it, IE then defaults to msn.com which is MS's original default.
It's maddening because every time you run Adaware looking for a hijack you
recreate the problem. To avoid this, add the about:blank item to Adaware's
ignore list.
(Adaware is a great program, but this is senseless bug is causing a lot of
confusion. Hopefully they'll fix it at some point.)

 

[roger]

Hi,

Hello,

I've an odd problem with my XP installation > quite regularly IE 6.0 will
set the default page to MSN.COM in spite of my using blank.When this happens
a spyware scan using Ad-Aware will always reveal a 'possible browser hijack
attempt' followed by very slow or no DNS resolving.No matter how many times
I remove/quarantine this and set the IE page back to blank it will show up
again,even after having restored my system with an image from several months
ago that did not have this problem.

All WinXP packs/fixes are up to date,no viruses to be found with latest
definitions.

Help!!

More info about parasites:
http://www.aumha.org/a/parasite.htm

Download the utility CWshredder:
http://www.spywareinfo.com/~merijn/files/cwshredder.zip

Unzip - close *all* instances of IE & OE, hit the executable and
follow the prompts.

You can also download Hijack This from here:
http://computercops.biz/zx/phoenix22/hijackthis.zip
http://www.computercops.biz/downloads-cat-14.html
Go here:
http://mjc1.com/mirror/hjt/

For instructions on how to use it; you have to post the log it
produces

here:
http://www.spywareinfo.com/forums/
so experts tell you what is good and what is malware
HijackThis Log Tutorial
http://www.aumha.org/a/hjttutor.php
HiJack This is a program that simply searches for programs that run at
boot time, and checks for browser plug-ins. The results this program
gives you are generally just informative. Most of the programs it will
come up with are valid programs that you actually want running. You'll
have to go through the results and tell the program to delete unwanted
programs. If you can't figure out what some of the programs are, don't
just delete them, research them and/or post them so experts can let
you know what the program does. Just type the program name into google
which gets a decent answer pretty quickly.

Spybot S&D
http://www.safer-networking.org/index.php?lang=en&page=download



If these don't correct the problem, then get yourself a copy of
BHODemon,

available at
http://www.definitivesolutions.com/bhodemon.htm

It does not need installing - simply unzip and run the EXE program. It
is easy to use. It will find the hijackware DLL files, and give you
the ability to disable them.

Hope this helps.