Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Windows 2000 > homepage reset

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

homepage reset

Reply to Message Icon

Name: Robert
Date: December 7, 2003 at 00:43:42 Pacific
OS: Windows 2000 SP2
CPU/Ram: 327
Comment:

Everytime I restart my computer it resets the homepage to www.find4u.net and adds a bunch of cites to my favorites. I ran hijackthis and this is the log that came up:
Logfile of HijackThis v1.97.7
Scan saved at 1:37:24 AM, on 12/7/2003
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\ati2evxx.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\WINNT\System32\Atiptaxx.exe
C:\WINNT\loadqm.exe
C:\program files\desksite\bin\cma.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\SM1BG.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\MMJB.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\MMDiag.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\mirada\ZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\WINNT\system32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = C:\WINNT\search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINNT\search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\WINNT\search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = C:\WINNT\search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\WINNT\search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = C:\WINNT\search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINNT\search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\WINNT\search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = C:\WINNT\search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = C:\WINNT\search.htm
O1 - Hosts: 66.250.130.131 msn.com
O1 - Hosts: 66.250.130.131 www.msn.com
O1 - Hosts: 66.250.130.131 search.msn.com
O1 - Hosts: 66.250.130.131 auto.search.msn.com
O1 - Hosts: 66.250.130.133 google.com
O1 - Hosts: 66.250.130.133 www.google.com
O1 - Hosts: 66.250.130.133 google.de
O1 - Hosts: 66.250.130.133 www.google.de
O1 - Hosts: 66.250.130.133 google.co.in
O1 - Hosts: 66.250.130.133 www.google.co.in
O1 - Hosts: 66.250.130.133 google.ca
O1 - Hosts: 66.250.130.133 www.google.ca
O1 - Hosts: 66.250.130.133 google.fr
O1 - Hosts: 66.250.130.133 www.google.fr
O1 - Hosts: 66.250.130.133 google.it
O1 - Hosts: 66.250.130.133 www.google.it
O1 - Hosts: 66.250.130.133 google.com.au
O1 - Hosts: 66.250.130.133 www.google.com.au
O1 - Hosts: 66.250.130.133 google.co.uk
O1 - Hosts: 66.250.130.133 www.google.co.uk
O1 - Hosts: 66.250.130.133 google.be
O1 - Hosts: 66.250.130.133 www.google.be
O1 - Hosts: 66.250.130.130 find4u.net
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Desksite CMA] c:\program files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [SM1BG] C:\WINNT\SM1BG.exe
O4 - HKCU\..\Run: [quicken] C:\WINNT\quicken.exe
O4 - HKCU\..\Run: [editpad] C:\WINNT\editpad.exe
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - Global Startup: winlogon.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDKey Class) - http://www.cdkeybonus.com/cdkey/ITCDKey.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37627.8259143519
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2142C80F-52B7-4977-B6D8-6C6B045CFDA3}: NameServer = 205.171.3.65 205.171.26.251
O17 - HKLM\System\CS1\Services\Tcpip\..\{2142C80F-52B7-4977-B6D8-6C6B045CFDA3}: NameServer = 205.171.3.65 205.171.26.251

If someone could let me know what items to delete I would greatly appreciate it, thanks,
-Robert



Sponsored Link
Ads by Google

Response Number 1
Name: Tom41
Date: December 7, 2003 at 05:38:53 Pacific
Reply:

Download and run CWShredder:

CWShredder


0

Response Number 2
Name: Eric
Date: December 11, 2003 at 05:56:29 Pacific
Reply:

Had the same problem and here is the fix!
Delete winlogon.exe out of all users\start menu\programs\startup. this is not supposed to be there since winlogon runs way before the startup! It is a bogus program that changes your browers homepage as well as your lmhost.sam file.

Next check your lmhost.sam file that is under C:\winnt\system32\drivers\etc. When you open lmhost.sam with notepad you will need to delete everything below 127.0.0.1 localhost. This should solve your problem!


0

Sponsored Link
Ads by Google
Reply to Message Icon

Related Posts

See More



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows 2000 Forum Home


Sponsored links
Ads by Google


Results for: homepage reset
Win2k Pro Can't view source www.computing.net/answers/windows-2000/win2k-pro-cant-view-source/54334.html

SearchV.com resets IE homepage... www.computing.net/answers/windows-2000/searchvcom-resets-ie-homepage/52748.html

Homepage keeps resetting itself www.computing.net/answers/windows-2000/homepage-keeps-resetting-itself/58019.html