Homepage Changing on Auto - WANT IT STOPPED!!

ugh, that is so obnoxious. . . I really don't know what the answer is, but I offer up a similar experience with my machine and earthlink. . . when earthlink installed it made itself my homepage, and everytime we changed it, it stayed. . .

we solved it by completely uninstalling IE, wiping the machine clean of all the install files, and reinstalling. . .

Sometimes when you visit web sites or download programs, there's a sort of very suptle question asking if you want to make this page your home page? Unless you're really paying attention, you'll miss it, and like magic, you have a new home page.

It's the kind of marketing I detest, because it's so sneaky.

Just go to:

Tools
Internet Options
Replace the invader with your own home page URL ...

Good luck!

Set your homepage to the page you want to use.
Open SpyBot (in advanced mode).
Go to "Immunize".
At the bottom check the box marked "Lock IE start page setting against user changes".

See if that foils it. It should stop it from changing the home page but you still might have something in your computer.

You might want to search your registry, whatever it is, it's almost certainly in there.

Hey princessash, long time no see.

Yeah, Earthlink does that to me too. ANNOYING. I have just learned to live with it. Have the sites I use high up on "Favorites", immediately click over to them.

Good luck with your problem, Onyxelle. It sounds like something more nefarious, even if it is the same principles as the Earthlink thing. (Dunno how it works.)

edit: Just saw Craven's recommendation. Cool. May try that.

hey, soz :-) long vacation/visitation :-)

Craven - I DID THAT!!!!!!!!! That's why it's so annoying.... How do I do the registry thing please? THAT I have not done.

Princessah: where've ya been girlfriend???? I've missed yer smiling face...

weeeeell. . . I went home for christmas, and then I had a certain visitor for a few weeks (I'm working on a new avatar. . . grrrrr. . .) and then I was in Florence for a week, and now I'm back, just in time for the new semester.

:-( yucky face

onyxelle,

I am not familiar with this particular kind of scumware. But what I'd do is the following.

1) Backup the registry. Creating a system restore point wouldn't hurt.
2) Search the registry for the offending site.
3) Delete the keys that contain that site's URL.
4) Wait and see, if all hell breaks loose I'd restore the registry. If not, I'd have a beer.

But try "Hijack this" first. I've never used it but I think it simplifies the process.

Download HijackThis from here:
http://www.mjc1.com/files/merijn/HijackThis.exe

Run HijackThis, click 'Scan,' make a log file and paste it here, but don't fix anything just yet.

I just tested it out. It can perform a cleanup on the registry so that would save you the hassle of doing it manually.

Yeah. You have to tell it specifically what to fix though. Another thing it's good at is reavealing hijackers you aren't able to find easily in the registry through a search because the URL they're pointing to is sometimes intentionally obfuscated.

REGISTRY is strange word to me. Can you guys tell me where, in my PC, do I go to get to the registry? Monger, I have meetings tonight, so I probably wont' be able to do the pasting thing until early morning for you - but check it out, it'll be here when you get here I'm sure of it.

Open a command prompt (DOS) window and type:

regedit

That will open a window that allows you to look at or edit the registry. Be afraid, be very afraid.

You can actually just do that through RUN > regedit. No need to go to command prompt.

Thank you guys so much. I'm going to try this as soon as I get home tonight.

You don't have to go into the registry... d/l HijackThis from
http://www.merijn.org/files/HijackThis.exe

to a folder of your choice......doubleclick to open."Scan"...then "Save Log"...when it opens in notepad.......copy (edit..select all..copy) & paste (CTRL-V) the log into your next reply. We can take a look at the log together...

I've always been very quick to squash any attempt to hijack my "home page," but i decided to try the HijackThis program. I laughed my ass off--i've not really paid much attention to how often this has happened, but when i ran HijackThis, it said i had so many questionable registry entries, that i should go to Sys32/drivers/etc/ and delete the "Hosts" file. I did, and i deleted the IMHosts file. Yestereve, i tried to IM my sweetiepie, and the Yahoo IM icon came up, reading "Logging on as Angels_Are_Everywhere" and then showed a buddy list for that screen name. I immediately shut it down, and deleted every IM file and entry i could find on my box.

This was fun, what else you guys got?

Setanta,

That program does not differentiate between what should or should not be deleted (as that would require updates).

So it lists all registry entries that are related to certain functions that are commonly hijacked.

In short, don't delete anything with it it unless you know what to do!

It won't tell you what to delete, you need a geek for that. It just facilitates the actual removal so that you don't have to run a regedit.

What it lists is ALL related registry entries, with explicit instructions to find out which are questionable from an "experienced user" or somesuch.

Setanta....I don't know what you used.....or what you did...but Hijackthis does not present you with "questionable" entries..like Adaware or Spybot, for example...it's simply a troubleshooting tool...doesn't direct you to do anything..sorry you had a bad experience......if you want to learn more about it..there's a tutorial on some of the basics at
http://www.spywareinfo.com/~merijn/htlogtutorial.html