start page

Computing.Net > Forums > Windows 95/98 > start page

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

start page

Name: Don
Date: November 17, 2003 at 07:37:38 Pacific
OS: win98
CPU/Ram: celeron 400

Comment:

Hope someone can help me.
My start page keeps changing to http://ziportal.com/02 no matter how often I change it back as soon as I reboot it comes back. In the registry it shows up sometimes as www.tooncomics.com or now it is www.solong.com.... I deleted everything and when i reboot it all comes back. Does anyone have any ideas how to get rid of this pain.

Sponsored Link

Ads by Google

Response Number 1

Name: Don Miller
Date: November 17, 2003 at 07:55:54 Pacific

Reply:

Your homepage has been hijacked. Try using Spybot Search & Destroy / Ad-Aware. You can also try dowloading HijackThis and running it posting the results. If you search this forum you'll find a lot of entries about this problem.
Don

Response Number 2

Name: tmg
Date: November 17, 2003 at 07:58:39 Pacific

Reply:

sounds like you've been hijacked.You need the LATEST of Hijack This version (V1.97.6)
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
download, unzip, scan. DO NOT FIX ANYTHING. Just copy your results usually in notepad. Then post your contents.someone will check you registry out for you and let you know what to fix.

Response Number 3

Name: Don
Date: November 17, 2003 at 08:23:12 Pacific

Reply:

Here are my results
Logfile of HijackThis v1.97.6
Scan saved at 11:22:06 AM, on 11/17/03
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
C:\PROGRAM FILES\DISKEEPER\DKSERVICE.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RPCSS.exe
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
C:\PROGRAM FILES\POP-UP STOPPER\DPPS2.exe
C:\PROGRAM FILES\MAILBELL\MAILBELL.exe
C:\PROGRAM FILES\ANTIVIRUS EXPERT\AMON9X.exe
C:\WINDOWS\SYSTEM\DDHELP.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://solongas.com/main/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://solongas.com/main/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://solongas.com/main/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://solongas.com/main/hp.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://approvedlinks.com/sp.htm
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ACROBAT\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRAM FILES\POP-UP STOPPER\DPPS2.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [AvxIni] c:\program files\antivirus expert\avxinit.exe
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Diskeeper\DkService.exe
O4 - HKCU\..\Run: [MailBell] C:\PROGRAM FILES\MAILBELL\MAILBELL.exe
O4 - HKCU\..\Run: [loader] C:\WINDOWS\LOADER.exe
O4 - Startup: AntiVirus eXpert Shield.lnk = C:\Program Files\AntiVirus eXpert\amon9x.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37942.2317592593
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Response Number 4

Name: smithdk
Date: November 17, 2003 at 09:39:53 Pacific

Reply:

Run this program. It should take care of it:
http://www.spywareinfo.com/~merijn/files/cwshredder.zip

Response Number 5

Name: Shadow15
Date: November 17, 2003 at 11:34:30 Pacific

Reply:

Thanks everyone I will try it
Don

why does my yahoo page keep changing genitizer microsoft dhcp option 150	gpo IE start page ftp localhost mshearts.zip download
See More

Response Number 6

Name: Don
Date: November 17, 2003 at 11:40:28 Pacific

Reply:

Well that took care of it and again thanks. By the way is there any way to prevent this from happening.
Don

Response Number 7

Name: tmg
Date: November 17, 2003 at 13:22:56 Pacific

Reply:

there is some information after you have scanned to give you some advice at what to do next depending on what system you use(win98, XP for example). There is options for a critical update from microsoft or options to remove java if you run XP.

Response Number 8

Name: Don
Date: November 17, 2003 at 14:16:24 Pacific

Reply:

Thanks I also found SpySweeper seems to work pretty good. I tested it with one of the pages that meesed me up the last time and it restored everything.
Again Thanks

Response Number 9

Name: Reggie
Date: November 22, 2003 at 00:12:00 Pacific

Reply:

I am also having the same problem. I keep changing my home page back to msn, which work a few times and then this http://ziportal.com/ keeps coming back. This is insidious. I wish there was some legal action to take against these unprincipled b---tards. I hope their genitals become infested with the fleas of a 1,000 dogs

Response Number 10

Name: ruck
Date: December 18, 2003 at 13:49:35 Pacific

Reply:

Id been hijacked I need to know what to delete out of this please help
Logfile of HijackThis v1.97.7
Scan saved at 16:16:43, on 12/18/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Linksys\Wireless Network PC Card\NICServ.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
E:\PROGRA~1\DOWNLO~1\PANICW~1\POP-UP~1\dpps2.exe
C:\Program Files\Proxyconn\PxUi.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.exe
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Compaq\EAKDRV\EAUSBKBD.exe
F:\Program Files\GPRS Modem\Modem Utilities\CFSpy.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.exe
C:\WINDOWS\System32\ctfmon.exe
F:\Program Files\RamBooster\Rambooster.exe
F:\Program Files\Ontrack\SMARTDefender\smrticon.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\AT&T Wireless\Communication Manager\Communication Manager.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\WINDOWS\DvzCommon\DvzMsgr.exe
C:\Program Files\Proxyconn\PxClient.exe
E:\Program Files\SmartDisk\FlashPath\sdstat.exe
C:\Program Files\Palm\HOTSYNC.exe
F:\Program Files\Registry Clean Pro\Scheduler.exe
C:\WINDOWS\FSScrCtl.exe
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
E:\Program Files\Microsoft Office\Office10\OUTLOOK.exe
E:\PROGRA~1\AT&TWI~1\COMMUN~1\CONNEC~1\Wid.exe
E:\Program Files\AT&T Wireless\Communication Manager\Optimization Manager\NGSpawner.exe
e:\Program Files\AT&T Wireless\Communication Manager\Optimization Manager\NettGain1100_C.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\MobiPocket.com\MobiPocket Reader\webcomp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Hijack IE programs to help\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://tooncomics.com/main/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://tooncomics.com/main/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://tooncomics.com/main/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tooncomics.com/main/hp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://tooncomics.com/main/sp.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.fastwebfinder.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/customize/ymsgr/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:9090 ftp=localhost:9093 https=localhost:9092
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://www.fastwebfinder.com/hp.php
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe,C:\WINDOWS\System32\svcpack.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_1_3_0.dll
O2 - BHO: HTML Source Editor - {086AE192-23A6-48D6-96EC-715F53797E85} - C:\WINDOWS\System32\DReplace.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - E:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: ProxyConn Browser Helper Object - {7D9E713D-0388-4384-BDD8-2A42EB1C4F04} - C:\PROGRA~1\PROXYC~1\PRXCNB~1.DLL
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_3_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Pop-Up Stopper] "E:\PROGRA~1\DOWNLO~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [PxClient.exe] "C:\Program Files\Proxyconn\PxUi.exe" /Automation
O4 - HKLM\..\Run: [CFSpy] F:\Program Files\GPRS Modem\Modem Utilities\CFSpy.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] F:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [RamBooster] F:\Program Files\RamBooster\Rambooster.exe
O4 - HKCU\..\Run: [SMARTDefender] F:\Program Files\Ontrack\SMARTDefender\smrticon.exe
O4 - HKCU\..\Run: [iedll] c:\WINDOWS\iedll.exe
O4 - HKCU\..\Run: [loader] c:\WINDOWS\loader.exe
O4 - HKCU\..\Run: [SureCleanProfessional] "F:\PROGRA~1\PANICW~1\SURECL~1\SRClean.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] F:\Program Files\Evidence Eliminator\Tracks Eraser Pro\te.exe min
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.exe
O4 - Startup: Monitor.lnk = F:\Program Files\Registry Clean Pro\Monitor.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Scheduler.lnk = F:\Program Files\Registry Clean Pro\Scheduler.exe
O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
O4 - Global Startup: AT&T Wireless Communication Manager.lnk = E:\Program Files\AT&T Wireless\Communication Manager\Communication Manager.exe
O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Global Startup: FlashPath Monitor.lnk = E:\Program Files\SmartDisk\FlashPath\sdstat.exe
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\Wireless Network PC Card\WPC11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Response Number 11

Name: bjorn
Date: December 21, 2003 at 03:40:51 Pacific

Reply:

Hi
I also have had big trouble to get rid of the www.solong.com.... virus. It is hard to imagine what kind of gangsters that are spreading this s---, causing problems for maybe millions of people. However, the cwshredder.zip program took care of the problem and I am very very grateful. Thank you all that have helped in this, and to the virus-gangsters I say: go and ... yourselves

Sponsored Link

Ads by Google

Compaq presario sound pro...

Excel 97

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows 95/98 Forum Home

Sponsored links

Ads by Google

Results for: start page

IE start page keeps changing.

Summary

www.computing.net/answers/windows-95/ie-start-page-keeps-changing/101914.html

Unwanted start page in MS Explorer

Summary

www.computing.net/answers/windows-95/unwanted-start-page-in-ms-explorer/131467.html

Start page won't move

Summary

www.computing.net/answers/windows-95/start-page-wont-move/87700.html

From the Geek Dictionary
FFXI - Short for Final Fantasy XI, The 11th numbered game in the Final Fantasy Ser...

Ask a Question!

Weekly Poll
Did you go shopping on Black Friday?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
Need to install Windows Vista on new drive

vaio cannot start server

Registry Key Missing

Can't access my account.

Hangs without hard drive installed

All Awaiting Reply

Tom's News
Man Pleads Guilty Selling Fake Chips to Navy

Threatening Rap on YouTube Lands Two in Jail

New Final Fantasy XIII Trailer is 5 Minutes Long

Guy Quits Job With Error Message

Verizon Takes on Sprint's 3G Network (And Wins)

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE