I'm getting redirects after searching with both Google and Bing. I have Mcafee SC that came with my Dell laptop and I've tried using steps frm previous discussion (TDSSKiller, SUPERAntiSpyware, Malwarebytes....), I've turned off and cleaned out my restore points, checked my hosts file, checked my internet settings.....No luck at all. Please help! Been banging my head against tihs for hours now!
Also please could someone tell me what effects (other than the obvious) the malware might have? (IE *seems* to work fine until one of the search files is used.)
Solved! Go to Solution.
Clean Win7 install has made the problem go away. Thanks to all for trying to help menavoid the nuclear option, but at least I'm getting somewhere now. Or I will be once I've finished downloading drivers...
You can try the free version of this.It should work on rootkits and redirections.Hitman pro free download.Not sure if it is a 30 dat trial but you can download to try and fix this problem.
Here is their homepage http://www.surfright.nl/en
Thank you. I've downloaded it and it is still running (Classifying) but it already tells me there's a BackDoor.Tdss.5544 in the MBR and Win32/Bootkit. Is the correct action to choose 'Replace'? I'm feeling frightened and paranoid.
If you can get going and connect to the internet, download GetSusp from HERE. The post has links to an FAQ and a User Guide, which you should read first before running the utility.
This looks like a TDL3 variant rather than TDL4, in which case it's been around for a couple of years and should be manageable. I've recommended this utility first because it scans the MBR, which this rootkit hijacks.
Then download the Stinger from HERE. Set the sensitivity level to High, and the Action to Report Only for the first scan. If necessary repeat, and crank up the sensitivity to Very High (but watch out for erroneous reporting - false positives). Before you set the Action to Repair, be sure you're not clearing out innocent files along with infected ones. Again, read the instructions carefully before running the utility.
Let us know what these two find.
Sorry.Not sure why you had a problem.After download and update.You would run scan.when it is done you would click next.then it will ask to purchase and enter a code.Or under that use free activation (30 days).Click free activation.Unless you want to purchase it.Then it will say activated.Or something like this.Hitman pro will then scan and delete what it can and will most likely ask you to reboot your computer to clean remaining infections.When it starts back up it will go into a pre boot type mode.You will see a black screen with some writing for a minute.Then it will boot up.I would then run another scan.Just in case.Or you can try what Hayton has suggested.Good luck
Hi newjack, any thoughts on why Hitman Pro misbehaved here? Have you ever come across a BSOD using it? I'm wondering whether to request the minidump or kernel dump be sent over, since I spent most of this afternoon downloading and setting up SDK including a raft of Microsoft debugging tools. Can't do it tonight though, so perhaps best to let that little exercise wait for another time.
Okay, thanks newjack. It's just one of those things then. As the poster has retired from the fray for a while I'm going to put this to one side and wait for developments. Thanks for your contribution, glad to see you're still willing to help us out.