Home page was changed

Discussion in 'Malware Help (A Specialist Will Reply)' started by Denise_M, Jul 18, 2008.

  1. Denise_M

    Denise_M MajorGeek

    I recently downloaded a few video programs. When I exited all tabs and clicked on Internet Explorer, my homepage was changed. Should I be looking for something in particular? My malware programs picked up only cookies.
     
    Denise_M, Jul 18, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Can you change it back to your normal page and does it remain set properly after a reboot?

    Are you noticing any other issues? (popups, redirection, fake warnings of being infected)
     
    chaslang, Jul 19, 2008
    #2
  3. Denise_M

    Denise_M MajorGeek

    I didn't notice anything new. I ran several malware programs and then ran F-Secure in Safe Mode. It found only 1 cookie.

    I then read your instructions about SmitFraudFix and HiJackThis in anoher thread and followed your directions. I'm attaching the logs that you requested in the other thread.

    I have XP Pro x64 so the programs might not perform as they would with a 32-bit os but you'll be able to see and probably make a determination from the info they give.

    I might have been overly cautious but I'd rather be safe.

    One question. if I did pick up a hijacker, would a system restore remove it if I ran it immediately?
     

    Attached Files:

    Denise_M, Jul 19, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Looks like SMF may have found something and may have fixed it.

    Do you still have that copy of GetRunKey.bat that I made for x64? If you still have the MGtools folder from when I gave that to you, the file would be named GRK64.bat. Run it and attach the C:\MGtools\runkeys.txt file that it creates.
     
    chaslang, Jul 19, 2008
    #4
  5. Denise_M

    Denise_M MajorGeek

    I no longer have the file. When the test was finished and I sent you the info you needed, I must've deleted it. If you give me a link, I'll download and run it again.

    I changed my home page to my normal home page and it stayed that way after I rebooted.
     
    Denise_M, Jul 19, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It is still in your thread in the Malware Forum. You could just get it from there

    http://forums.majorgeeks.com/showthread.php?t=155494

    However remember you have to download and run regular MGtools first (I said the same thing in the above thread which you missed in that thread) then you need to extract the GRK64.bat file into the MGtools folder and then run it. As I said in my last message you can then just attach the runkeys.txt log. The GRK64.zip file was actually attached in message # 7 but you can get it from any of the BLUE hotlinks referencing it in that thread. For example: msg # 38
     
    chaslang, Jul 19, 2008
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds