Start page hijacking and how to change your start page to what YOU want.
Start page hijacking is becoming an overwhelming problem for most Internet users, as everyday there are increasingly more browser hijackers that change your default start page and search page.
Many Internet users have already had this situation: You start up your browser and the start page is different than what you normally see. You go to the options and change the settings to fix it. But the next time you start your browser, the start page is still not the one you chose. You try to restore it over and over, but nothing happens. This means you’ve been a victim of a browser hijacker, which has forcibly changed your start and/or search page to what its creators want.
Why are there such things as hijackers?
Browser hijackers are created mainly to increase web traffic – the more people that visit a page, the more times the advertisements will be shown and more money will be earned by the website owner. This system works even if you’re leaving the page immediately.
Getting rid of browser hijackers
Getting infected by a hijacker is very simple, but getting rid of it can prove to be a little more difficult. What you need to do in order to kill it depends on the exact kind of a hijacker, but there is a general procedure you should follow when fighting with a browser hijacking program.
(1) Start by scanning your PC with a spyware scanner. Programs like Spybot, Spyware Nuker or Ad-Aware will delete most of the simpler hijackers immediately. But if they fail to detect or erase your hijacker, you need to visit point 2 below.
(2) Download a program called “HijackThis”. Contrary to its name, it’s the hijackers’ uninstaller.
(3) Before you start it, make sure that you know exactly what you are going to do – there are some hijacker-killers forums that might be of help.
(4) Run HijackThis and look for any start and/or search page settings that haven’t been made by you and tick them
(5) Quit the program and look for the “control.ini” file, then open it with Notepad. Delete any values under [don’t load] section.
(6) Find any files with .hta or .js extensions and open them with Notepad. There you will find web addresses of pages you’ve been hijacked into. Search for them on your HDD and delete all files that contain these addresses.
(7) Remove all .tmp files – they are often the real source of infection
If you’ve done all of this and the problem persists, you will need to look for help from a specialist, possibly your System Administrator.
