When I attempt to do a search using Bing I am redirected to somewhere else. This happens three times before it provides me with the results of my original search query. Why is this happening and how can it be fixed? The computer is running Windows XP.

From your description of the problem it sounds like your computer has become infected with some kind of malware or virus. A strong indication of such an infection is that your web browser is hijacked, particularly with regard to search engines. Designers of malware often find that it is easiest to write code which detects when you are using a search engine, and then redirect the results page to their chosen destination, since search engines such as Google and Bing are generally some of the most common sites which users visit. Now that we have indications your computer has become infected we need to take some fairly immediate action to resolve this problem given the security risk which it presents.

As you may recall from my previous columns, I am of the strong opinion that once your computer has become infected with malware or spyware it can never be trusted again until the computer has been totally wiped and had its operating system reinstalled from scratch. This is because even though antimalware and antivirus utilities do their best to remove detected threats from the computer you can never be totally sure that they have removed all components of the infection, but instead some stealth components could remain behind. Since most people conduct fairly important and sensitive transactions on their computers (such as internet banking and online shopping) bear in mind that if the threats have not been completely removed from your computer then such transactions could be potentially compromised.

As a result, my recommendation if your computer has become infected is that you should backup all of your important data, format the computer and do a complete reinstallation of Windows. While some consider this a heavy-handed approach I consider that security is paramount and far outweighs the inconvenience of a Windows reinstallation. Some people have previously raised concerns about backing-up the data on an infected system, since this could potentially also backup the infection (such as virus or malware) resulting in that being transferred across to your fresh system. This is a valid concern, but with the proper precautions it is definitely something which we can avoid.

First, before copying all files to your backup drive I suggest that you completely format that drive. This will ensure that the drive is clean, particularly important if it has been previously used on the computer and is potentially infected. However, be aware that this will wipe all existing data from the drive so if you wish to keep anything already on the drive then you should copy it off prior to this procedure. With the drive connected go into My Computer or Windows Explorer, right-click on the drive, and select “Format”. Tick the “Quick format” button (which will just erase the drive, rather than doing a complete low-level format) and click “Start”. Once this has finished you should have a clean drive upon which you can copy your data for backup.

Moving now to the time when you will copy the data onto your fresh computer, you must make sure that before transferring the data you have applied all Windows updates and also have antivirus installed with the latest updates. If you are looking for a good, reliable free antivirus product then Microsoft Security Essentials (windows.microsoft.com/mse) is a capable antivirus package which should not slow down your computer. Alternatively, if you would like a more feature-rich paid antivirus product then I suggest ESET NOD32 Antivirus (www.eset.com.au). Unlike many other antivirus products, NOD32 is light-weight and is not particularly resource intensive, while providing an excellent level of protection.

Finally, viruses usually can’t affect the computer by just having their files present. Instead, an executable program needs to run which triggers the infection (a bit like a catalyst) and then starts infiltrating into the computer. Therefore, if we just copy the files across to our fresh computer then it should not cause a full-blown infection. However, it is still not totally desirable to potentially be copying virus infected files, which is why we made sure that we installed antivirus software on the computer first. This means that when you connect the backup drive to the computer the antivirus software should protect you through scanning any files which are accessed on that drive and then alerting you, and quarantining, any files which it detects as potentially infected. Additionally, I would strongly suggest that immediately after connecting the drive that you use your antivirus software to complete a full scan of the drive. Most antivirus software allows you to do “quick” scans or “full” scans. In this situation I would suggest that you complete a “full” scan, which should scan all files on the drive, to make sure that none are infected.

When purchasing antivirus products you may also see other products which provide firewall functionality. If you have a broadband router on your internet connection then I find that is much more effective at stopping potential attacks than a software-based firewall, simply because the attacks can be stopped at your internet connection “gateway” (as the broadband router acts as a hardware-firewall) rather than the potentially malicious traffic making it to your computer. You can find a full explanation of how this works in a previous question located at: www.siliconkid.com.au/2011/11/suitable-antivirus-and-security-products . However, in summary, if you have a broadband router then I recommend that you use that as your primary router with the Windows Firewall running on your computer (to provide basic protection against threats which may have somehow made it into your internal home network, such as someone plugging an infected USB thumb drive into another computer on your network). In combination with a good antivirus product, such as one of those mentioned previously, this should make your computer well protected.

Having discussed the rationale behind a computer reinstallation of Windows, some users may not wish to go down this track but instead would be happy just cleaning the infection from their computer. While this is not necessarily my recommended method, I understand that occasionally it may be not be practical or feasible to do a complete reinstallation at this point in time. Therefore, cleaning the infection is the next best option (as you certainly don’t want to leave it resident on your computer!). In the first instance you should update your antivirus software. If you don’t have any antivirus software currently installed, or you have found it to be ineffective, you may wish to download and install one of the packages which we mentioned earlier in this column. Once your antivirus software has been updated, complete a full scan of the computer (i.e. not a quick scan, but a comprehensive full scan to check all files). Be aware that this could take quite some time to complete. Hopefully by the conclusion of this process the threats on the computer should have been detected and provide you with the option for removal.

If you find that no threats are detected, or those which are detected and removed do not fix the problem, then things start to get more complicated since the antivirus scanner is having difficulty detecting the infection on your computer. In this situation you can try installing a different antivirus product to see whether that will detect the infection. However, if the threat can still not be detected using different software, this makes removal very difficult as to remove a threat you first need to detect its presence! In this situation, rather than jumping through all the hoops trying to find a utility to detect the infection, it will probably be easier to go down the route of a clean reinstallation of Windows. Additionally, if the threat is so hard to detect then it would be difficult to determine that once you do find a utility which can detect the threat whether it can detect all components of the infection and remove them all, considering the difficulty that was encountered in detecting the presence of the infection in the first place.