Google Redirect Virus is a very notorious malware designed to redirect your searches to malicious websites. This virus is also known as browser hijack virus or search engine redirect virus. This virus is infecting thousands of new machines everyday and It is very hard to remove as it is bundled with many rootkits commonly known as TLD3 or Alureon Rootkits. These rootkits change your computer settings in such a way that when type Google’s web address in address bar of your web browser, you are not actually taken to Google but to a malicious webpage which looks exactly as Google. When you make a search, you’ll see results exactly like Google, but when you click on any of those results, you’ll be taken to a website you’re not supposed to visit.
In other words, you’ll see legitimate websites in search results but clicking on those results will take you to dubious websites which are engaged in spreading more malware to your computer. You will be offered to download more dubious products and file sharing applications which will do more harm than good. Scammers redirect Google search results for sole purpose of getting traffic easily. They know that everybody in the world uses Google and If they infect your computer with the redirect virus, they can drive lots of traffic their websites for free.
The big question is, how Google Redirect Virus spreads? It might seem a big harsh, but almost everyone having access to Internet is trying to get something for free. People are searching for free software (which are actually paid), keygens, free music and videos and use torrents to download all sort of things which are actually not free. Those downloads come bundled with various viruses and rootkits and If you don’t have a very good antivirus on your computer, you’ll get infected very easily. This image illustrates how Google Redirect Virus works :
Google Redirect Virus can affect Google, Yahoo, Bing as well as many other search engines and using a different browser will not help as the redirect virus is running in background and modifying the search results on the fly. It can also pollute DNS settings on your computer and make bogus entries in HOSTS file of your computer. This virus is a real threat and It should not be ignored. Specially, If you use online banking websites, you must make sure that your system is completely clean and no malwares are residing in your computer without your knowledge. Read next part to know how Google Redirect Virus Removal works.
How to Remove Google Redirect Virus
Google Redirect Virus Removal is not that easy and one simple solution might not work for complete assassination. To overcome browser redirect virus, we recommend two removal methods :
A) Automatic Removal
B) Manual Removal
Now I’ll tell you more about each removal method and their advantages (or disadvantages in full details).
A) Automatic Removal Method
As you can tell by now, this removal method is all about getting rid of the virus automatically without calling your friends or neighbors. This is a DIY (Do It Yourself) method and you can easily remove the virus with any headaches. Here is what you need to do :
1. First of all, you need to download a Genuine Spyware Remover which can actually check a wide variety of settings which are often manipulated by the hijack virus. Traditional antivirus products often don’t pay attention to those things and this is why the virus can easily bypass your antivirus software.
We’ve tested several different products and Spy Hunter seems to be the best software as it checks for lots of things like DNS settings, home page, Hosts file and other important stuff automatically. Please download Spy Hunter by clicking the button below :
2. After downloading Spyhunter, do a full scan of your computer and It will automatically find all the culprit files which are hiding deep in system folders of your computer. Please make sure that you do a Full Scan of your computer and fix all the problems.
3. After removing all the infections detected by Spy Hunter, you need to download a software called TDSSKiller and run it in your system. TDSSKiller is a utility from KasperSky Labs which scans your computer’s drivers for hidden rootkits and malicious drivers which are powering the redirect virus. Download TDSSKiller and do a full scan of your computer and remove any infected items If found.
4. Now restart your computer and everything should be fine. Do a search on Google or any other search engine and things should work nicely.
I’ve tested this removal method on many machines and It does work like a charm. Spy Hunter and TDSSKiller, both products get updated very frequently and new variants of redirect virus will also get caught very easily.
Here is a video showing how redirect virus redirects search results :
How To Remove Google Redirect Virus Manually
It can be really tricky to get rid of Google Redirect Virus manually since It can infect your computer in many different ways. It can be a infected driver on your computer or rootkit infection or modified DNS servers or a maliciously edited hosts file. Automatic removal method above is the best method to remove the redirect virus from your computer. If you are looking to remove Google redirect manually, you can try these steps to see If they help you :
A) Restore Internet Explorer’s settings :
1. Run Internet Explorer and click on Tools–>Internet Options.
2. Click on “Advanced” tab and then click on “Restore advanced settings“.
3. Now also click on “Reset” button and reset Internet Explorer’s settings.
Now restart Internet Explorer and see If browser still redirect your searches. If it does, then the problem is somewhere else.
B) Check If Host File On Your Computer is Infected :
1. Double click on “My Computer” icon on Desktop.
2. Locate the Windows Folder and browse into these folders :
If you’ve Windows installed on D: partition, please browser the folders accordingly. In ETC folder, you’ll find a file named “hosts“. Open this “hosts” file in Notepad and you’ll see several entries with a “#” sign in front of them, please ignore those entries. Apart from those entries, you’ll see a entry
The above entry is genuine and you don’t need to remove it. If you see other entries other than above, please remove those entries as those entries might be redirecting your searches. After removing malicious entries from hosts file, please save it and close it.
C) Please make sure that you are not going through bad proxy servers :
1. Click on Start—>Settings—>Control Panel.
2. Double-click the ‘Network Connections’ icon and right-click ‘Local Area Connection’ icon.
3. Select ‘Properties’ and highlight the ‘Internet Protocol (TCP/IP)’ option.
4. Click ‘Properties’ and in the next window ensure the option ‘Obtain DNS server address automatically” radio button is selected.
5. Checking this button will make sure that you are not going through malicious DNS servers.
If manual removal steps doesn’t work for you, please try automatic removal method and It should work perfectly for you. Please feel free to post any questions about your problem below.