Can't Change IE Homepage

[douglas9]

For some reason can't change my homepage. It is one of two culprits, SAS paid, or WinPatrol. Have unchecked real time and left blank homepage protection on SAS, and made all appropriate unchecks on Win Patrol. Have killed SAS core and prevented both programs from loading yet still unable to change homepage. Any ideas or suggestions appreciated. TIA

[GuiltySpark]

Hi douglas9,

Please download and run this program http://www.bleepingcomputer.com/download/dds/

Post the DDS log so we can see what's running.

[douglas9]

Thanks for the reply. Believe this is what you are requesting:

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Douglas at 4:59:12 on 2013-06-14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.137 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Disable Startup\DisableStartup.exe
C:\PROGRAM FILES\AD MUNCHER\AdMunch.exe
C:\Program Files\NetWorx\networx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://online2.statefarm.com/SSOLogin-Web/pages/login.xhtml?
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
mStart Page = hxxp://www.dell.com
uProxyOverride = <-loopback>
BHO: IE 4.x-6.x BHO for Internet Download Accelerator: {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - c:\program files\ida\idaiehlp.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &NetWorx Desk Band: {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - c:\program files\networx\deskband.dll
mRun: [Disable Startup] "c:\program files\disable startup\DisableStartup.exe" -start
mRun: [Ad Muncher] "c:\program files\ad muncher\AdMunch.exe" /bt
mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download ALL with IDA - c:\program files\ida\idaieall.htm
IE: Download remotely with IDA - c:\program files\ida\remdown.htm
IE: Download with IDA - c:\program files\ida\idaie.htm
IE: {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - c:\program files\ida\ida.exe
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340708964437
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340708905234
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: Interfaces\{B2B1B10D-BDEA-468A-9AFA-75CA0F7CA368} : NameServer = 207.69.188.167 207.69.188.166
Notify: DIMS Notification Handler - <no file>
Notify: dimsntfy - <no file>
Notify: igfxcui - igfxdev.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-2 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-2 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-23 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-3-30 368944]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-3-23 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 67664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-3-30 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-2 66336]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2012-6-6 2505072]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S1 SABKUTIL;SABKUTIL;\??\c:\documents and settings\douglas\desktop\saskutil.sys --> c:\documents and settings\douglas\desktop\SASKUTIL.SYS [?]
S3 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-13 46808]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\drivers\procexp151.sys --> c:\windows\system32\drivers\PROCEXP151.SYS [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 12872]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S4 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-3 116608]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-05-09 08:59:10 765736 -c--a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59:10 49376 -c--a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:10 174664 -c--a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59:09 66336 -c--a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 -c--a-w- c:\windows\avastSS.scr
.
============= FINISH: 5:00:11.07 ===============

[GuiltySpark]

What was your original Home Page and what do you want to change it to?

[douglas9]

State Farm is my homepage, i want to change it to anything else...but can't make the change.

[GuiltySpark]

Ok.

 

Click on this link https://duckduckgo.com/

 

Then select the Gear or Tools in IE

 

Select Internet Options

 

On the General tab select Use Current

 

Select Settings under the Search sub heading

 

Select DDGo from the list and choose Set Default

 

Select OK

 

Apply

 

OK

 

Also make a note of what other search engines you have in the list.

 

Restart the computer and see if that fixes things.

[douglas9]

That is a negative. Only search engines were duck,bing,google. Me thinks a previous version of SAS or Winpatrol locked it and thru upgrades can't change it.....Will try and find some reg hack to solve the problem. Appreciate your time. 

[Elmer Fud]

@ douglas9,

 

 BrowserJavaVersion: 1.6.0_31=Outdated

Present version is Version 7, update 21

 

It would be interesting to see your DDS log with " If you wish to scan all of them, select the 'Force scan all domains' option." 

If you decide to post, please include the Attach.txt

[douglas9]

Thanks for the replies, but feel the workaround of opening two home pages will rectify a minor annoyance since i seldom use IE. Found a possible microsoft fix that involves editing 4 registry entries, but since that is above my pay grade will pass.

http://support.microsoft.com/kb/2493729