My www searches are getting redirected to different sites

fcek
fcek used Ask the Experts™
on
I had a bug called Smart Hard drive - Rogue anti virus.

Ive ran Malware Bytes + super anti spy.

Ive ran hijackthis.de as well.

All appears normal on boot, but search results are highly suspect.

Im lost on what to do now.  

Win xp.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2013
Commented:
Have you checked your hosts file?

Author

Commented:
Hi, I checked the hosts and all looks ok.

That TDSSKiller ap appears to be biz.  Works very fast as well.

Author

Commented:
It even picked up a boot sector virus and emoved it on reboot.

Impressed.

Author

Commented:
Ho wto remove this bug. Tried and tested.

Run in this order ........

Avg boot disk - update - run - remove bugs - reboot.
F8/safe mode
Run Anti-rootkit utility TDSSKiller
ccleaner to remove temp files (makes scans quicker)
Malware bytes
Then "unhide app"

Job done.
Running anything in safe mode these days is fairly dangerous - anti malware apps are programmed to run in normal mode unless absolutely necessary.  This is because in safe mode all windows protections are not on and you could end up deleting system files.

Author

Commented:
The virus appeared to be gone - rebooted twice.  Ran a few aps.  All fine.

User called me back to say its back 24 hours later!

Where is SMART comming from?
Commented:
Do you have an official formal name for the virus as identified by a given antivirus software?
Then you can look it up on their site to see how it spreads.

Perhaps it spreads via USB Memory Sticks
or SMB fileshares
or perhaps they're visiting compromised websites
or perhaps they're downloading infected files

Might be worth checking the user's browsing history.
Can you upload an infected file to virustotal.com?  VT will check it against 42 engines.

Author

Commented:
Hi TDSSKiller is veryu good.

The end user was opening an email form a college and reinfecting the PC after I had cleaned it off.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial