dodgy websites have made themselves my homepages

  • Thread starter Thread starter Taft
  • Start date Start date
T

Taft

to anyone who would be willing to help:

this website http://dimasen.narod.ru/ has rudely made
itself my browser's homepage everytime i open IE. i've
tried everything including following what is suggested in
the help section of IE. how would you restore the
settings so that your desired homepage would be displayed
and not some stupid website such as the above that force
you to look at their site. any form of help would be
m,ost appreciated
 
As a temporary measure
Try this: Tools > Internet Options > Advanced > Browsing
Uncheck the Enable 3rd party browser extensions



Get Hijack This below.
When cleared reset the 3rd party browser setting.



This is a new one for me. Get help from this forum.

Go to http://www.spywareinfo.com/downloads.php#det
Download "Hijack This!" [freeware] or download direct (below):
http://www.merijn.org/files/hijackthis.zip

If you get a 404 error or Access denied, try:
http://216.180.252.218/~spywareinfo.com/downloads/tools/hijackthis.zip

Unzip, double-click "HijackThis.exe" and Press "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Click: "Save Log" (generates "hijackthis.log")

Next, HijackThis | Config [button] | Misc Tools [button]
Click: Generate StartupList log [button] (generates "startuplist.txt")

Next, go to the below location:
http://www.spywareinfo.com/forums/

Sign in, then copy and paste both files in your message.

HijackThis Quick Start Help
http://www.tomcoyote.org/hjt/

The Tutorial if you want to know more about the results or the .log file.
http://www.merijn.org/htlogtutorial.html
 
Hi,


I think I solved the problem for a colleague of mine. Try what I did:
- Set the homepage to what you want it to be.
- In C:\Windows you'll find a sys.reg file. Remove it.
- Startup regedit
- Go to the folder HKey Local
Machine\Software\Microsoft\Windows\CurrentVersion\Run
- There you'll see an entry saying 'regedit -s sys.reg'. Remove it.

That's about it. I haven't search for more occurences of "sys.reg" in the
registry. I think it's wise to do that and remove any hits you encounter.

Do you have any idea how your computer got infected with this? My colleague
doesn't.


Mark
 
Back
Top