This was a problem I encountered today. I set a customer’s homepage to what she wanted, but every time I opened Internet Explorer, it would go to one of those suspicious websites, this one was www-searching.com. The customer’s brother loaded a bunch of those junk free but not free potentially-unwanted-programs. Even after cleaning with Malwarebytes and Rogue Killer, the malicious website remained.

It turns out that one of those programs modified the shortcut for Internet Explorer. With IE and Google Chrome and Mozilla Firefox and Opera and, well … any browser, if you add a website to after the program, it will load that website. So if I type “C:\Program Files (x86)\Mozilla Firefox\firefox.exe” www.google.com, the browser will open up and go to google.com ignoring what my homepage is set to. If the shortcut is modified so that a malicious website is added after the program name, then whenever you click on the icon to load the browser it will load that malicious website. Simply remove anything after the program file name and you will be good to go.

Advertisements