Take back control of IE
Brien M Posey
Published: 29 Oct 2004 14:14 BST
My father-in-law -- a computer novice -- recently telephoned me for help changing his Internet Explorer home page. After I walked him through the usual technique, he explained that a Windows Permission Error was preventing him from making the change. I asked him a few more questions and soon realized that, at some point in the past, a pornographic Web site had hijacked his copy of Internet Explorer. Every time he opened IE, the browser went straight to this pornographic site. Worse yet, the modification prevented him from changing the home page.
A three-hour battle ensued during which we tackled some serious registry edits and a malicious group policy. Eventually we were able to return control of IE to my father-in-law and remove the offending application. Here's how we did it.
One size doesn't fit all
It's a sad truth that malicious individuals can hijack a Web browser in a variety of ways. And since there is no standard hijacking technique, there is no standard repair technique. If your browser is hijacked, a significant chance exists that the repairs that worked for my father-in-law will not work for you. I will therefore cover several repair techniques
Begin with a thorough scan
When faced with an IE hijacking, you should first scan the computer for viruses, Trojans, adware, and spyware. It's highly likely that one of these items is the hijacker. Until you ensure that your computer is free from these parasites, you'll only be treating the symptoms rather than the actual problem.
Unfortunately, I have yet to discover a single program that effectively scans for every potential form of spyware, adware, virus, and Trojan. I therefore recommend using several different programs. I know it's time consuming to download all these utilities and perform a separate full-system scan with each, but this is a critical step in the troubleshooting process.
Scan for viruses first. My antivirus program of choice is ViRobot Expert from Hauri. Although Hauri is a relative unknown in the United States, it has been a leading antivirus program in Asia for many years. ViRobot Expert will completely repair the damage from many viruses that Norton and McAfee will only quarantine or delete. In fact, my father-in-law was running McAfee — with the latest updates. I asked him to uninstall McAfee and install the free trial version of ViRobot Expert. ViRobot Expert instantly caught four viruses that McAfee had missed. Another reason I recommend using ViRobot for this particular problem is that ViRobot Expert not only scans for viruses, but also scans for common hacker tools.
Now that the system is virus free, it's time to scan for adware with a utility such as PestPatrol (which also removes spyware) or my personal favorite, which is Ad-aware from Lavasoft. After you have scanned for adware, I recommend scanning the system for spyware with a spyware removal tool, such as SpyBot-Search & Destroy from PepiMK Software or, my favourite, BPS SpyWare/Adware Remover from Bullet Proof Soft.
After you have scanned the system for virus, adware, and spyware, reboot and try to change IE's home page. If you're still unable to do so, then it's likely the hijacker has modified the Windows registry or configured a malicious group policy.
Previous
Did you find this article useful?
208 out of 427 people found this useful
- Share this article:
Full Talkback thread
8 comments
-
For heavens sake, why don't you just install Firef... Les Bernstein -
Proof that Windows really IS easy to use! And has... Chris Rankin
-
HijackThis and SpySweeper not mentioned!
ZDNet pub... Michel Merlin
-
Hijack This is mentioned, in detail and with... annoyed -
No need to visit porn to get infected. ZDNet is mi... Michel Merlin
-
Excellent piece of information.. Interestingly eno... Johnny Boyd
-
The article also doesn't mention Zerospyware which... David Isidro
-
i am currently using PANDA's version of anti virus... Anonymous
