MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.

Closed Thread
Thread Tools Display Modes
Old 07-16-07, 20:03
hopperdave2000's Avatar
hopperdave2000 hopperdave2000 is offline
Major Geek
Join Date: Apr 2006
Posts: 2,203
Thanks: 0
Thanked 6 Times in 6 Posts
Default Hijacked!

WinXP MCE SP2... when I launch IE, it goes to my home page OK, but in 5 or 10 seconds, at least one (usually 2) other pages open behind it. Stuff like "" or "" and also "" are the most common ones. I can close 'em fairly easily so they aren't a HUGE problem, but they shouldn't be there. This isn't my PC, and when I first looked at it last week, it was loaded with malware. I'm usually pretty good at cleaning the crap-ola, and it was clean. No wierdness, no ad pages opening up, nothing. Now, it's a week later and the guy says "I'm still getting pop-ups!". Well, they aren't pop ups, and they weren't there last week. I've followed the steps in the "read and run me" sticky, and I've run other scans too. I just can't seem to get rid of these ad pages. Attached is a zipped folder with several scan logs in it.... any help will be appreciated!


Just now, another ad page opened behind this post! "Welcome to Advertisers Reward Network" and the page is ""

EDIT: I forgot to mention that he had all the security stuff in IE turned down to minimum and I KNOW when I worked on it last week, I had set them all at default or Medium as needed, so he went in turned 'em all down for some reason....
Attached Files
File Type: zip scan (12.4 KB, 2 views)
Sponsored links
Old 07-17-07, 01:37
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 81,674
Thanks: 66
Thanked 8,190 Times in 4,526 Posts
Default Re: Hijacked!

You need to install and rename HijackThis as requested in the READ ME and then attach a new log. You more than likely have one of the exact infections that makes this critical.

You also need to follow all steps in the READ ME and attach the logs that were requested. Note you did not fix anything that AVG Antispyware found. You need to run it again and fix what it finds and save a new log to attach.

Below is a list of all logs that were requested (including HJT):
  • CounterSpy - only for Windows XP, 2K, & NT users
  • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
  • Bitdefender - from step 6
  • Panda Scan - from step 6
  • runkeys.txt - the log from GetRunKey.bat
  • newfiles.txt - the log from ShowNew.bat
  • HijackThis
"There are 10 types of people in this world. Those who understand binary and those who don't."

Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Desktop Hijacked/IE Hijacked FiremanJoe Malware Removal 4 01-06-06 14:29
Hijacked woodman4emi Malware Removal 1 04-04-05 01:41
i got hijacked again steve628 Malware Removal 1 11-13-04 14:31

All times are GMT -5. The time now is 00:05.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds

All content Copyright source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger