Forum: Community Center

Subject: Advice for anyone getting there IE Homepage altered

ScottA opened this issue on Feb 17, 2004 ยท 13 posts

ScottA posted Tue, 17 February 2004 at 6:06 PM

There seems to be this growing trend to hack people's computers and set the IE start page to what ever they want it to be. It's a form of slamming (forced advertising). Setting your start page works until you reboot the computer. Then it's changed again. There are several programs out there that are supposed to fix this. But none of them worked for me. So I had to go find the little trouble maker myself. What happens is. They install a script in your Windows directory that conatins instructions on which URL to load when the computer boots up. When the computer boots. The script generates the info then places it in the IE section of the registry. That's why you can't get rid of it by changing any info inside Explorer. To remove the sucker: 1.)You must first find the script and delete it. 2.)You must hand edit the registry files back to normal or windows will complain it can't find the script when it re-boots. The resistry entries affected that need to be re-written are the following: Shell.RegWrite("HKLMSoftwareMicrosoftWindowsCurrentVersionRunOncetlc",filepath); Shell.RegWrite("HKCUSoftwareMicrosoftInternet ExplorerMainStart Page",url); Shell.RegWrite("HKCUSoftwareMicrosoftInternet ExplorerMainSearch Page",url); Shell.RegWrite("HKCUSoftwareMicrosoftInternet ExplorerMainSearch Bar",burl); Shell.RegWrite("HKCUSoftwareMicrosoftInternet ExplorerMainUse Search Asst","no"); Shell.RegWrite("HKCUSoftwareMicrosoftInternet ExplorerMainUse Custom Search URL",1,"REG_DWORD"); Now that's quite a list. And not much fun. So here's what Uncle Scott does. I use their own technology to my advantage and edit the actual script in the Windows directory to go to the start page of MY choice. The script can be edited in note pad. Example: If you want IE to load Renderosity.com upon start you change the script from this: var url = "http://nasty unwanted site; var burl = "http://nasty unwanted site"; to this: var url = "http://Renderosity.com; var burl = "http://Renderosity.com"; It works well. Probably better than IE's own internal system of setting up the start page. I hope this helps anyone deal with this annoying little hacker invasion. -ScottA