Strange Behaviors After I was Infected By "Smart HDD" Malware

Hi,

2 days ago, i somehow got infected with somekind of fake antivirus program called Smart HDD...
As soon as I noticed that ( it was pretty easy to notice ) I used System Restore to restore my computer 1 day earlier.

Now, at first I thought this solved the problem... There were some annoying side effects though, Smart HDD set all my files/folders to be hidden so of course this caused some issues, I started manually unhiding folder by folder but eventually found out there was a tool to do this which saved me a lot of time.

I used a bunch of scanners to check my computer, and they didnt detect anything...
I used SpyHunter, Malwarebyte's Anti-Malware, RogueKiller and another program which i think was specifically designed to delete Smart HDD from your system, its called Rkill from bleepingcomputer.com.

So after that, I thought everything was good... wrong... I started noticing 3 things:

1. My internet browsing was slower than usual...

2. Sometimes, randomly it seems, when I do a search on google and click one of the result links, I am redirected here :
http://financereports.co/ca/?&t202id=300064&t202kw=rnt%2019&match=C93960A7-C185-4417-B5E9-DBD2457DCDE1&c3=&ne=

or sometimes here :
http://www.fun-greetings-jokes.com/game.htm

3. I got a weird popup in windows, all my browser programs were closed , but I still got a tiny window popup ( which was not a FF or IE window ) that had this header : "message from webpage" and in the tiny window was this message : " thanks "


I dont know if these 3 issues are all related and if they were caused by Smart HDD or was I infected with more than 1 thing at once, I dont know... I just dont know what to do now, please help ?
7 answers Last reply
More about strange behaviors infected smart malware
  1. Can try Kaspersky Rescue disk and boot to that. It saved me from the fakeav trojan and was the only one of the four AV's I tried that fixed it.

    http://support.kaspersky.com/viruses/rescuedisk?level=2
  2. Hi J_E_D_70
    Thanks for your suggestion, on kaspersky site they say :
    "Kaspersky Rescue Disk is designed to scan, disinfect and restore infected operating systems. It should be used when it is impossible to boot the operating system. "

    Should I try Kaspersky Virus Removal Tool 2011 instead ?

    Oh, there is also another thing that I noticed which I DONT KNOW if it is related with my infection or with the fact that I used windows system restore ( which can fuckup *** by itself ) ....

    The restore point I used was a manual created just before installing an update for Adobe Illustrator CS 5 a few days ago, I had done the Illustrator update afterwards and it installed properly, Illustrator would show the latest version (Version 15.0.2). Now however, since I used that restore point, I see that Illustrator reverted back to older version 15.0.0, so I am trying to update it again but it's not working now... the installer says that the update was successful BUT illustrator is still stuck in version 15.0.0 ... I know this because it says so in "about illustrator" , and also I still have artifacts when exporting really high res jpegs ( which is why I updated to 15.0.2 as it solved this issue).

    Any input greatly appreciated, thanks !
  3. yes thats the procedure I followed, BUT i think something else was going on at the same time... I installed kaspersky virus removal tool 2011 , and it detected virus mem:rootkit.win64.sst.b ...

    Not sure if its a coincidence, but IT SEEMS like everytime I would do a google search on "virus mem:rootkit.win64.sst.b" either in IE or FF, well I'd have the time to click a link or two but soon enough the browser crashed !
  4. http://www.combofix.org/

    I have used combofix to great effect when used on infected machines when nothing else would fix it. It fixes _Everything_
  5. I'd try the other suggestions here then the removal tool.

    My system was so hosed I used rescue even tho it warned it me that it might break windows and cause metorites to obliterate all life on earth.
Ask a new question

Read More

Security Malware Hard Drives Windows 7