I use MS Internet Explorer as my browser and like my homepage set on yahoo.com. Somewhere along the line, someone downloaded something and now everytime I boot up my computer and load IE, the homepage setting defaults to about:blank and then an unwanted search engine appears on the screen.
I’ve searched for the cause but can’t find it. Can someone help, please? I’ll buy you a cookie at the next championships.
For Microsoft Internet Explorer 5.0 and higher:
Go to the “Tools” menu and choose “Internet Options.”
Click on the “General” tab.
In the top Home page section type in http://www.you yahoo web page
Click “Apply” button at the bottom.
Click “OK” button
Download Ad-aware by Lavasoft. Ad-aware identifies and removes ad-ware, spy-ware, hijack-ware, and other nasties. It scans your computer like a virus checker, identifies the nasties, and give you the option to remove or disable the nasties.
They have a free version that you can use for home use.
It’s going to identify a lot of stuff the first time you scan your computer. Mostly it will find a lot of tracking cookies in your browser cache. The tracking cookies aren’t too much of a big deal, and it’s not the tracking cookies that are hijacking your browser search page, so ignore the browser cookies for now. It’s the browser hijackers that you’re looking for.
Read the help file for Ad-aware to find out more about what it does and how to disable the nasties that it finds.
Also do a virus scan on your computer. There are some viruses going around that hijack your browser search page too. You can try the free online virus scanner by Trend Mirco. Trend Micro Housecall online virus scanner
If those two options don’t clear up the problem there are some other nasty-ware removal tools available, but I can’t recall them off the top of my head. If these options don’t clear it up for you I can do some digging and find links to the other tools.
Thanks, but I follow that procedure now everytime I log on to IE and every time I shut down and start up again, the homepage setting defaults back to about:blank. I’ll check out what JCster is suggesting and see if that helps.
That’s because the hijack-ware is still active. As soon as it sees that you have changed your defalut home page in IE the hijack-ware will change it back. You need to remove and disable the hijack-ware before you’ll be able to change your home page to what you want. Some of the hijack-ware can be quite tricky to remove. They don’t include an unistall option and they do everything that they can to make it difficult to remove (it’s in their interest to make it difficult to remove).
Ad-aware should be able to identify what nasty is hijacking your home page. With luck it will be able to remove it.
I’m 100% with John Childs and Checkernuts with their opinion.
I got Windows 98SE with IE6 (Soon I’m Upgrading to Windows XP with Office XP) and I never had any problems with IE. I’ve always be very careful when I download a page or a Website. Porn Site’s can be a real bother when you go into their site’s especially those dreadful pop-up’s. Now I got a pop-up killer by Smart. It’s a free software and I love it. Sorry I can’t be helpful Bruce but I think John Childs have cleared it up for you as I would suggest and It’s worth to try to download the Ad-aware download page or Lavasoft USA home page. Good luck and I know what’s it’s like having bother with it.
After you use Ad-aware to clean out the junk (which works great, by the way), you might want to check into some of the different ways to prevent it from happening again. There’s a good site at the University of Illinois that covers a lot of options. IE-Spyad is one good choice, i use that in combination with the hosts file to block most of that evil stuff out there!
I run IE-Spyad. I don’t run a modified hosts file.
IE-Spyad and the custom hosts file are good things for knowledgeable uses. However, they do break some sites or some features of some sites (for example searches on some sites, navigation on some sites, etc.). When you find a site that you want to use that is broken you have to be knowledgeable enough to remove that site from the restricted sites zone in IE or remove that site from your hosts file. Not something a non-geek user is going to know how to do. One the plus side, IE-Spyad seems to break fewer sites with the newer versions.
Very good point, John…in fact, i also use xml-menu on this box to even further lock down the use of cookies but…like you said, not recommended for most casual windows users. I made the mistake of setting all this up on a friends computer once. She had managed to get it all really messed up, i wound up reformatting and doing a fresh install of all her stuff, then locked it down like i have mine. Wasn’t even a day later when she called me up again…none of her favorite sites worked! I should have learned my lesson then, i guess, and quit randomly recommending this stuff to everyone!
But still…if anyone is interested, the UIL does have some pretty informative and interesting reading on the subject.
I started using Mozilla/Linux to surf the net and it’s great. No blue screens, no crashes, far fewer viruses to deal with (none so far), and no spyware. I have a dual-boot system so I can switch between Linux/Windows, however I use Windows rarely, and never for connecting to the net since it’s so insecure.
Well, so far I downloaded and ran Ad-Aware and it found a bunch of stuff including hijack files and deleted them. But I still have the problem. I’ll have to do the virus check thing now.
I’ve run both the ad-aware and the home virus scan by Trend and I still have the same problem. The hijack think makes sense. Wish I could find out what’s going on.
The site mentions that CoolWebSearch has many variants that AdAware and others don’t remove, but they have a program that will apparently do it towards the bottom of the page.
The spywareinfo site that Phil posted mentioned that the CoolWebSearch is spread by exploiting a flaw in the Microsoft Java Virtual Machine. Go to Windows Update and update your Java VM to the latest version. That will keep you from getting infected by it again.
You can verify what version of the Java VM you have installed by opening a Command Prompt (DOS window) and typing “jview” without the quotes. jview will display some stuff on the screen. The first fiew lines will be
C:\>jview
Microsoft (R) Command-line Loader for Java Version 5.00.3810
Copyright (C) Microsoft Corp 1996-2000. All rights reserved.
At the end of the first line you have the version number. The latest version is “5.00.3810”. “3810” is the build number and is the most recent build. If you have a build that is less than 3810 then get it updated or disable Java in IE.