Go to Support Home Page
Go to Online Knowledgebase


Go Back   PC Tools Community Forum > Windows Software Discussions > Internet Explorer
Reload this Page IE homepage defaults to original setting after reboot (W98)
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 08-27-2003, 04:50 PM
gmc717 gmc717 is offline
Junior Member
  
Join Date: Aug 2003
Posts: 1
Default IE homepage defaults to original setting after reboot (W98)
After rebooting my computer, the IE homepage defaults back to http://members:fortunecity.com/.
I tried to delete this line in the registry but once again after rebooting the line reappears in the registry. How can I get rid of this problem. I have generated a startup list log posted below. Can anyone check it and kindly advise. Thanks.

Here the startup list log:
StartupList report, 27/08/2003, 5:12:47 PM
StartupList version: 1.52
Started from : C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\GAMING DEVICES\DAEMON32.EXE
C:\WINDOWS\SYSTEM\PMGAMMA.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MONEY EXPRESS.EXE
C:\COREL\SUITE8\PROGRAMS\DAD8.EXE
C:\WINDOWS\DESKMENU.EXE
C:\WINDOWS\QUICKRES.EXE
C:\ESM2\STMS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\ESM2\EBRR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\LOGITECH\ENTRTAIN\LGEVNTRT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\GETRIGHT\GETRIGHT.EXE
C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE
Deskmenu.lnk = C:\WINDOWS\DESKMENU.EXE
QuickRes.lnk = C:\WINDOWS\QUICKRES.EXE
EPSON Background Monitor.lnk = C:\ESM2\Stms.exe
PowerReg Scheduler.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

SystemTray = SysTray.Exe
Daemon = C:\Program Files\Microsoft Hardware\Gaming Devices\DAEMON32.EXE
GrIP Control Center = C:\GRAVIS\GRIP\GCC.EXE
ProMotion1 = pmgamma.exe
Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
LINUX32 = C:\WINDOWS\SYSTEM\LINUX32.vbs
ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services

reload = C:\WINDOWS\reload.vbs
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Mirabilis ICQ = C:\Program Files\ICQ\ICQDetect.exe
MoneyAgent = "C:\Program Files\Microsoft Money\System\Money Express.exe"

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=
run=Qtstub.exe

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 26/8/2003, 22:55:24)

[Rename]
NUL=C:\WINDOWS\SYSTEM\RSAENH.DLL
C:\WINDOWS\SYSTEM\RSAENH.DLL=C:\WINDOWS\SYSTEM\SET 3054.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3056.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3060.TMP
C:\WINDOWS\SYSTEM\IEPEERS.DLL=C:\WINDOWS\SYSTEM\IE PEERS.RCX
C:\WINDOWS\SYSTEM\RSASIG.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\RSASIG.DLL
C:\WINDOWS\SYSTEM\XENROLL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\XENROLL.DLL
C:\WINDOWS\SYSTEM\MSCAT32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSCAT32.DLL
C:\WINDOWS\SYSTEM\MSSIP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSSIP32.DLL
C:\WINDOWS\SYSTEM\MSSIGN32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSSIGN32.DLL
C:\WINDOWS\SYSTEM\CRYPTUI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\CRYPTUI.DLL
C:\WINDOWS\SYSTEM\CRYPTNET.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTNET.DLL
C:\WINDOWS\SYSTEM\CRYPTEXT.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTEXT.DLL
C:\WINDOWS\SYSTEM\MSXMLR.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSXMLR.DLL
C:\WINDOWS\SYSTEM\WLDAP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\WLDAP32.DLL
C:\WINDOWS\SYSTEM\MSTIME.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSTIME.DLL
C:\WINDOWS\SYSTEM\MMUTILSE.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MMUTILSE.DLL
C:\WINDOWS\SYSTEM\PLUGIN.OCX=C:\WINDOWS\SYSTEM\IE4 SETUP\PLUGIN.OCX
C:\WINDOWS\SYSTEM\MSRATING.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSRATING.DLL
C:\WINDOWS\SYSTEM\HLINK.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\HLINK.DLL
C:\WINDOWS\SYSTEM\PROCTEXE.OCX=C:\WINDOWS\SYSTEM\I E4SETUP\PROCTEXE.OCX
C:\WINDOWS\SYSTEM\URL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\URL.DLL
C:\WINDOWS\SYSTEM\IMAGEHLP.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM\COMCTL32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4334.TMP
C:\WINDOWS\SYSTEM\ADVPACK.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4345.TMP
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE=C:\WINDOWS\SYSTE M\IE4SETUP\ACM4360.TMP
C:\WINDOWS\SYSTEM\MSHTML.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4364.TMP
C:\WINDOWS\SYSTEM\MSHTML.TLB=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4381.TMP
C:\WINDOWS\SYSTEM\MSHTMLED.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4384.TMP
C:\WINDOWS\SYSTEM\SHDOCVW.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4390.TMP
C:\WINDOWS\SYSTEM\SHDOCLC.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4394.TMP
C:\WINDOWS\SYSTEM\URLMON.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM43A1.TMP
C:\WINDOWS\SYSTEM\JSCRIPT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A3.TMP
C:\WINDOWS\SYSTEM\WININET.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A4.TMP
C:\WINDOWS\SYSTEM\SHLWAPI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43B4.TMP
C:\WINDOWS\SYSTEM\ACTXPRXY.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5003.TMP
C:\WINDOWS\SYSTEM\DISPEX.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5004.TMP
C:\WINDOWS\SYSTEM\MLANG.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5006.TMP
C:\WINDOWS\SYSTEM\IMGUTIL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5013.TMP
C:\WINDOWS\SYSTEM\MSXML.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5015.TMP
C:\WINDOWS\SYSTEM\MSXMLA.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5020.TMP
C:\WINDOWS\SYSTEM\BROWSEUI.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5043.TMP
C:\WINDOWS\SYSTEM\BROWSELC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5051.TMP
C:\WINDOWS\SYSTEM\SHDOC401.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5053.TMP
C:\WINDOWS\SYSTEM\SHD401LC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5054.TMP
C:\WINDOWS\SYSTEM\SHFOLDER.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5060.TMP
C:\WINDOWS\SYSTEM\ATL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\ACM5063.TMP
C:\WINDOWS\SYSTEM\DXTRANS.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5071.TMP
C:\WINDOWS\SYSTEM\DXTMSFT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5072.TMP
C:\WINDOWS\SYSTEM\MSLS31.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A1.TMP
C:\WINDOWS\SYSTEM\DIGEST.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A4.TMP
NUL=C:\WINDOWS\SHELLI~1
NUL=C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE=C:\WINDOWS\SYSTEM\SET 51B5.TMP
NUL=C:\WINDOWS\SYSTEM\WEBCHECK.DLL
C:\WINDOWS\SYSTEM\WEBCHECK.DLL=C:\WINDOWS\SYSTEM\S ET5234.TMP
NUL=C:\WINDOWS\SYSTEM\MSIDLE.DLL
C:\WINDOWS\SYSTEM\MSIDLE.DLL=C:\WINDOWS\SYSTEM\SET 5235.TMP
C:\WINDOWS\SYSTEM\Macromed\Flash\swflash.ocx=C:\WI NDOWS\SYSTEM\Macromed\Flash\swflash.001
C:\WINDOWS\SYSTEM\dispex.dll=C:\WINDOWS\SYSTEM\dis pex.001
C:\WINDOWS\SYSTEM\jscript.dll=C:\WINDOWS\SYSTEM\js cript.001
C:\WINDOWS\SYSTEM\vbscript.dll=C:\WINDOWS\SYSTEM\v bscript.001
C:\WINDOWS\SYSTEM\OLEAUT32.DLL=C:\WINDOWS\SYSTEM\O LEAUT32.002
C:\WINDOWS\SYSTEM\STDOLE2.TLB=C:\WINDOWS\SYSTEM\ST DOLE2.001

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET CLASSPATH=C:\Program Files\PhotoDeluxe 2.0\AdobeConnectables
SET GRIP=C:\GRAVIS\GRIP
SET SOUND=C:\PROGRA~1\CREATIVE\CTSND
SET MIDI=SYNTH:1 MAP:E
SET BLASTER=A220 I7 D1 H7 P300 T6
SET PATH=%PATH%;C:\GRAVIS\GRIP
SET PATH=%PATH%
SET lmouse=c:\logitech\entrtain
mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi)
mode con codepage select=850

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Low disk space notification.job
ScanDisk for Windows (Standard test).job
Disk Defragmenter.job
ScanDisk for Windows (Thorough test).job
Tune-up Application Start.job

--------------------------------------------------

Enumerating Download Program Files:

[InstallFromTheWeb ActiveX Control]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\IFTW.DLL
CODEBASE = http://www.installfromtheweb.com/install/iftwclix.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\SWFLASH.OCX
CODEBASE = http://activex.microsoft.com/activex...ia/Swflash.cab

[SurferNETWORK Plugin]
InProcServer32 = C:\WINDOWS\DOWNLO~1\SURFER~1.OCX
CODEBASE = http://64.89.104.83/surferplugin.ocx

[RdxIE Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RDXIE.DLL
CODEBASE = http://207.188.7.150/13a70aa1c22959c...p/RdxIE601.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.co...859.7605208333

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

--------------------------------------------------
End of report, 10,060 bytes
Report generated in 1.317 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


Reply With Quote
  #2  
Old 08-30-2003, 03:16 AM
motoflop motoflop is offline
Mentor
  
Join Date: Jul 2003
Location: Europe
Posts: 846
Default Re: IE homepage defaults to original setting after reboot (W98)
Try to get attention of Metallica or rjmac. They seems to know lot of spyware.

Search with google gave hint that at least surferplugin and RdxIE are something you should get rid of. Also Qtstub.exe is suspicious (found reference at www.spywareinfo.org). There might be more.

Reply With Quote
  #3  
Old 08-30-2003, 05:03 AM
rjmac rjmac is offline
Advisor
  
Join Date: Aug 2002
Location: Can.
Posts: 451
Default Re: IE homepage defaults to original setting after reboot (W98)
That is a startup log, please post a Hijack this log.
If you haven't already, please get Spybot S&D to clear out most of the spyware.
Short tutorial and download link here:
http://www.tomcoyote.org/hjt/
and download 'Hijack This!'. Unzip, double-click HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, load it in Notepad, and copy its contents here.
Most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

<a target="_blank" href=http://www.tweakxp.com/forum/>Bulldog@TweakXP</a>
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 11:49 AM.

Archive - Top