Solved

http://www.freewebs.com/abuseFrozen.htm "FreeWebs Site Frozen" Page Set as Home Page With Every IE Launch

Posted on 2006-06-16
5
1,216 Views
Last Modified: 2013-12-04
The url "http://www.freewebs.com/abuseFrozen.htm" launches with every Internet Explorer launch after Windows XP Pro boot.
The page has the text "FreeWebs Site Frozen.  Account Frozen.  Access Denied.".  Then I reset my home page (for example, to www.google.com), upon the next IE launch after a fresh boot, the FreeWebs page again is present as the home page.

How can I eliminate the source file for this nuisance spyware/malware?

Thanks,
JSM

0
Comment
Question by:JSMcCoy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 32

Expert Comment

by:r-k
ID: 16924437
Download Ewido from: http://www.ewido.net/en/download/ and install and run it.
It is free for 14 days and will most likely clear up the problem.

After starting Ewido, click on Updates to update, then click on "Quick Scan", that is normally enough.

If the problem persists after that, then run Hijackthis as follows:

Download and run HijackThis from http://www.hijackthis.de/
Copy-and-paste the resulting log back to that same web site (not here)
Click on "Analyze", and then click on "Save Analysis" at the bottom of the next page.
Finally post a link here to the saved analyzed page.

0
 
LVL 22

Expert Comment

by:p_davis
ID: 16925176
delete temp internet files for every profile-- delete c:\windows\prefetch\* (files in prefetch folder) if using xp--
check start-->run-->msconfig -- startup tab-- for items that don't need to be running in the background --almost everything--a good site to check for these is sysinfo.org.-- check the run folder in regedit to make sure that nothing is spawning from there and then reboot--

oh yeah,
run ad-aware, spybot, and antivirus scans in safe mode w/o networking.---
make sure you have up-to-date files for all 3.

P
0
 
LVL 30

Expert Comment

by:callrs
ID: 16926778
I usually start with adaware:
http://www.lavasoftusa.com/software/adaware/ 

Here's more that can help:
http://www.fjsmjs.com/IE/homepage.htm     Can't Change HomePage-
http://www.pjwalczak.com/spguard/       StartPage Guard
http://www.pestpatrol.com/Support/HowTo/How_To_Clear_a_Hijack.asp     How To Clear a Hijack
http://www.ccleaner.com/                CCleaner - Crap Cleaner free software download - Spyware FREE

-R.S.
0
 
LVL 30

Accepted Solution

by:
callrs earned 200 total points
ID: 16928823
0
 

Author Comment

by:JSMcCoy
ID: 17015244
callrs supplied the winning answer.

This troublesome and difficult to remove IE home page hijacker was only removed by running the SmitRem utility at http://noahdfear.geekstogo.com.

Ad-aware SE, Spyware Doctor, AVG, Norton Antivirus, or Ewido Anti-Malware could not locate and delete the offending file.  SmitRem did.

Read the narrative and follow the directions at the noahdfear site closely.  This utility worked (and apparently it will eliminate a number of trojans, hijackers, and other malware variants.

Although the other Experts provided logical approaches, only callrs approach worked without significant time or effort involved.

Thanks, callrs !!
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question