NOTICE [09/13/2010]: Formspring, the website which receives the questions asked above, is experiencing technical problems. If you send a question and it remains unanswered for over 24 hours, feel free to email your questions to

Welcome to No Bullshit Tech! This is a blog I have created for answering your technology questions.

I've spent the last 5+ years in the computer repair business, and while I enjoy my job, I'm not always allowed to give the advice and recommendations I feel I should. Sometimes this is because of contractual reasons, other times it's because of business reasons. Regardless, I established this blog to create an environment without corporate, contractual or business bullshit.

So feel free to ask me a questions about your computer repair woes. Everyone has questions about fixing, optimizing, configuring and securing their computers, and I have the answers. Even if I don't have an answer for you, I can probably point you in the right direction.

As the ball gets rolling, there is a probability that your question has already been answered. Scroll through the previously answered questions and see if anything there can help you.

Since this is a side project, I may not be available 24/7. I will attempt to answer at least one question everyday, however. Once you've asked your questions, check back frequently to find your answer and many other answers.

Obligatory legal statement: By viewing or utilizing my free service, you waive No Bullshit Tech and all it's author from any liability for damages that come as a result of upgrading, modifying, repairing, optimizing, or in any way altering or modifying your property. This service is free and as such, it comes with no warranties or guarantees of any type. Use the information you receive here, as well as from any online source, with digression and at your own risk.

Monday, September 13, 2010

Question #2: My browser redirects seemingly at random. I will type in but a website selling antivirus programs will come up instead. I ran a virus scan but it came up clean. What do I do?

There is a very good chance that you’ve become infected with a very elusive type of virus – the rootkit. The symptoms you’ve described lead me to believe that you’ve become infected with a new type of rootkit known as TDSS. It also goes by the name of TDL1, TDL2, TDL3 (on 64bit systems), Alureon or Tidserv. While the name changes depending on the antivirus scanner, the infection is the same and causes quite a few problems. Most notably, TDSS will redirect your browser away from legitimate websites and towards malicious websites attempting to install other various trojan infections. 

Rootkits are also obnoxious for their inability to be detected by most virus scanners. Many antivirus companies have received complaints over the years for how slow and clunky they are. In effort to remedy the stereotype of degrading system performance, most antivirus applications are now tailored to run as fast as possible while using as few system resources as possible. Although this does dramatically increase the end-user experience, it also prevents these scanners from running deep heuristic scans, checking inside of archives and scanning for rootkits.

Luckily, detection and removal of TDSS is quite simple. Kaspersky Labs offers a free utility for discovering and eradicating TDSS rootkits.

If this fails to fix the problem, you may have a different type of infection. There are several utilities available for free online to combat malicious infections, but I would recommend you visit a qualified technician to help you remedy the problem. Most of the tool that technicians utilize can cause vast amounts of irreparable damage if used incorrectly.

For more information, please visit the following links:

1 comment:

  1. this reminds me of when windows accidently released a backdoor for rootkits in one of their software pieces years ago haha
    hey check my blogs if you like sick politics/are interested about learning about the likely economic disaster