system
14
Yes, but you don’t know me either. Users with x1000’s posts always assume that someone who has just arrived on a forum is automatically a dummy.
Browser hijacks in general are caused by the user not paying attention when installing what appears to be a ‘free app’ of some kind or another. As I already illustrated in the screenshot I uploaded, users need to be aware of what they’re doing before clicking the “Next” button.
If a TDSS infection is suspected, it’s simple enough to check because that virus installs its own driver and that can be seen in Device Manager under “Non-Plug & Play Drivers” as TDSSserv.sys (unhide hidden devices first).
Not every browser hijack is due to a virus. The most common cause is simply the free app earning commission by redirecting the user to another search engine. Here’s a list of installers which do just that: http://malwarebulletin.com/2011/02/11/calendar-of-updates/installers-hall-of-shame-unwanted-add-on-via-calendar-of-updates/