Short Version:
reinstall Firefox (no need to uninstall first)
Long version:
A friend recently asked me to remove some malware from his computer that was hijacking his Google search results. He was using Firefox 4 on Windows XP and when he searched on Google the results would show up as normal, but when he clicked a link it would take him to search2box.com and show their "search results."
I scanned his computer with Microsoft Security Essentials and one other tool he had -- I can't remember what it was right now, but I will update this post when I find out -- and neither found a problem. I checked to see if anything had modified his hosts file, nothing had. I checked to see if anything changed his proxy settings, nothing had. I asked a guy at work whose job is studying malware if he had heard of it and he said it looks like it might be the TDSS rootkit, so I grabbed TDSSKiller and that didn't find anything.
My friend also had Google Chrome installed, so I tried searching with it and it was unaffected. After all the other efforts had failed I decided to reinstall Firefox to see if that would help and, sure enough, that seems to have fixed it. It's not supposed to be that easy and that concerns me a little, so I'll post an update if anything changes.
0 comments:
Post a Comment