If your Home page changes unexpectedly, you have a "HomePage hijack", and will see this page each time you invoke your browser. What the hijacker has done is to change the registry key:
In the Root key HKEY_CURRENT_USER, the key Software\Microsoft\Internet Explorer\Main has a value "Start Page" that has likely been reset to something.
In the Root key HKEY_LOCAL_MACHINE, the key Software\Microsoft\Internet Explorer\Main has a value "Start Page" that has likely been reset to something like http://yourbookmarks.ws/
Fixing this seems simple, but some pests make repair a bit more difficult. For instance, CWS sets the first of these entries to:
http://www.coolwwwsearc %68%2e%63%6f%6d/%7a/%61/%78%31%2e%63%67%69?%36%35%36%33%38%37 This is "encrypted"; its decryption works out to http://www.searchv.com/
Disabling Scripting:
IE supports "scripting", a useful but dangerous capability that you will want to disable if you ever visit unknown sites. The scripts that can be run will be Javascript or VBScript, often embedded in a web page you visit. Such scripts can execute ActiveX controls, which can do anything in your machine that any software can do.
To be stop scripting the easy way, do this:
From IE's top menu bar, select the Tools menu. On this menu, choose "Internet Options". It will display a popup dialog box. Click on the Security tab, you will see the internet options box has popped up.
Each zone has four security levels available, ranging from Low Security to High. IE is configured for Low Security when it is first installed. Medium or High is what you need.
High (most secure) Exclude content that could damage your computer.
Medium (more secure) Warn before running potentially damaging content.
Medium-Low (Same as Medium) No warning before running potentially damaging content.
Low Minimal safeguard and warning before running potentially damaging content.
For the Internet Setting, move the slider to "Medium" This will ensure that you are prompted before signed ActiveX controls are run, and unsigned ActiveX controls will not run.
But it will still allow active scripting. So click on the "Custom Level" button, and follow these instructions:
Configure IE so that it does not run Active scripts automatically:
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, scroll down to the Scripting section, and click Disable under Active scripting and Scripting of Java applets.
Click OK, and then click OK again.
Configure IE so that it does not automatically use items that show active content, such as vertical marquees or animations:
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting.
Click OK, and then click OK again.
Verify that IE's internal Java Just-In-Time (JIT) compiler is disabled:
On the Tools menu, click Internet Options, click the Advanced tab, and then click to clear the JIT compiler for virtual machine enabled (requires restart) check box under Java VM.
Click OK.
Configure IE so that it does not run Java programs automatically.
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable Java under Java Permissions, click OK and then click OK again.
In the Root key HKEY_CURRENT_USER, the key Software\Microsoft\Internet Explorer\Main has a value "Start Page" that has likely been reset to something.
In the Root key HKEY_LOCAL_MACHINE, the key Software\Microsoft\Internet Explorer\Main has a value "Start Page" that has likely been reset to something like http://yourbookmarks.ws/
Fixing this seems simple, but some pests make repair a bit more difficult. For instance, CWS sets the first of these entries to:
http://www.coolwwwsearc %68%2e%63%6f%6d/%7a/%61/%78%31%2e%63%67%69?%36%35%36%33%38%37 This is "encrypted"; its decryption works out to http://www.searchv.com/
Disabling Scripting:
IE supports "scripting", a useful but dangerous capability that you will want to disable if you ever visit unknown sites. The scripts that can be run will be Javascript or VBScript, often embedded in a web page you visit. Such scripts can execute ActiveX controls, which can do anything in your machine that any software can do.
To be stop scripting the easy way, do this:
From IE's top menu bar, select the Tools menu. On this menu, choose "Internet Options". It will display a popup dialog box. Click on the Security tab, you will see the internet options box has popped up.
Each zone has four security levels available, ranging from Low Security to High. IE is configured for Low Security when it is first installed. Medium or High is what you need.
High (most secure) Exclude content that could damage your computer.
Medium (more secure) Warn before running potentially damaging content.
Medium-Low (Same as Medium) No warning before running potentially damaging content.
Low Minimal safeguard and warning before running potentially damaging content.
For the Internet Setting, move the slider to "Medium" This will ensure that you are prompted before signed ActiveX controls are run, and unsigned ActiveX controls will not run.
But it will still allow active scripting. So click on the "Custom Level" button, and follow these instructions:
Configure IE so that it does not run Active scripts automatically:
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, scroll down to the Scripting section, and click Disable under Active scripting and Scripting of Java applets.
Click OK, and then click OK again.
Configure IE so that it does not automatically use items that show active content, such as vertical marquees or animations:
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable under Download signed ActiveX controls, Download unsigned ActiveX controls, Initialize and script ActiveX controls not marked as safe, Run ActiveX controls and plugins, and Script ActiveX controls marked safe for scripting.
Click OK, and then click OK again.
Verify that IE's internal Java Just-In-Time (JIT) compiler is disabled:
On the Tools menu, click Internet Options, click the Advanced tab, and then click to clear the JIT compiler for virtual machine enabled (requires restart) check box under Java VM.
Click OK.
Configure IE so that it does not run Java programs automatically.
On the Tools menu, click Internet Options, click the Security tab, click the Internet Web content zone, and then click Custom Level.
In the Settings box, click Disable Java under Java Permissions, click OK and then click OK again.
