Thursday, 18 August 2011

Google Redirect Virus - Removal Guide

I firmly believe that no other guide on the Internet can offer you this much information about the Google Redirect Virus. For this reason, please read this guide carefully for your own sake and you can easily conduct Google redirect virus removal. Removing this virus is extremely easy when you know how this virus works and how you can get rid of it without spending your precious time on guides which actually don't work.

My own computer was infected with this virus for almost 7 days and I struggled a lot to remove google redirect virus from my PC! I tried several remedies and many well recognized anti-virus products with big claims failed to remove the redirect virus. In these 7 days, I searched for a lot of solutions and tried many different things. I’m documenting those things here in this blog so that you can read this guide and get rid of Google redirect virus easily, without headaches.

If you are in hurry and don't want to read the complete page, follow these steps to remove Google Redirect Virus :

1. TDSS Killer is a free utility from Kaspersky Labs which scans your computer for rootkits, bootkits and hidden services. Click here to Download TDSSKiller.  Unzip this utility after downloading a do a scan for hidden services.

2. Scan your computer with this malware remover software and all traces of google malware will be removed in no time. Make sure that you do a "Full Scan" of your computer.

After following above steps, your computer will be completely free from Google Redirect Virus. Please read this page further for more removal help.
Google redirect virus is a silent malware that redirects you to random websites without your permission. Redirect virus can infect your computer in lots of different ways as there are many possible methods to redirect your searches to malicious websites:

1. The virus can change Internet Explorer's Proxy Settings so and redirect your searches to random websites.

2. It can infect certain drivers on your computer or install hidden services to redirect you to random websites.

3. It can change settings of hosts file In Windows so that when you open Google, a fake website will open which will look just as Google but Its not actual Google website.

4. Some variants of this virus can even change your DSL modem’s settings and redirect your searches. Make sure that you always change your modem's control panel's default password for once.

There are many other methods which can be used by scammers to infect your computer with Google Redirect Virus. 

Now I’ll tell you the symptoms you’ll see when your computer is infected with this virus :

1. The Internet Explorer browser will load very slowly and hang at times.  This is because a third party application or driver is continuously monitoring Internet Explorer activities.

2. You’ll feel like Internet Explorer or any other browser is acting very strange.

3. Some variants of Google Redirect virus won’t let you install any other browser in your computer. I noticed this thing myself and when I tried to install Chrome, Opera or Firefox, nothing happened. I double clicked over installer files of these products many times but the installation wizard never appeared on the computer.
 4. You may see very strange search results when you search on Google. This is because the results are not returned by actual Google but the scammers have made a page which looks exactly like Google but displays irrelevant, bogus and manipulated search results.

 5. It is also possible that you are searching on actual Google search engine but the results displayed will redirect you automatically. I noticed that out of ten results, some results get randomly changed. 


For example, a result will say that you are going to Microsoft's website but In fact, you’ll get redirected to a malicious website automatically. You’ll not see the actual page that you intended to visit but a completely random page which will offer your more malicious stuff to download on your computer.

6. Not only Google, but yahoo and bing will also start redirecting you to random websites. This virus is not always related to Google as It is also called search engine redirect virus and affects all search engines on your PC. 

This virus is spreading very fast and in Clean MX database I found that hundreds of sites are spreading google malware everyday. Here is the screenshot I just look :

By all means, it is possible to remove Google redirect virus from your computer but for that you’ll need to do try several methods.  Keep in mind that there are many strains of redirect virus and all the strains are not identified by a single anti-virus software. 

Some anti-virus products can identify a few strains while some other products can identify some other strains. For this reason, you need to try these steps one by one and I can guarantee that if you try all these steps, redirect virus removal will be very easy for you.
I’ve divided this removal guide into two parts:
A) Main Removal Method 
B) Alternative Removal Methods

A) Main Removal Method

First of all, I’ll tell you about Main Removal method since this method can solve about 85% cases of redirect virus easily. This method requires you to follow two steps:

1.  Download TDSSKiller

TDSS Killer is a free utility from Kaspersky Labs which scans your computer for rootkits, bootkits and hidden services. Click here to Download TDSSKiller.

After downloading this utility, please unzip the downloaded file and run TDSSKiller in your computer. If it finds a rootkit, bootkit or hidden driver, It will disinfect your computer automatically.  Make sure that you follow all the instructions shown by TDSSkiller utility. Don’t worry if this utility doesn’t find anything in your computer.

2. Scan Your Computer With Spyware Doctor

Download Spyware Doctor and scan your computer for all possible threats. This step is extremely important as Spyware Doctor has the biggest malware database and its Intelli-guard can detect If other programs are interfering with Internet Explorer in some way.

After downloading Spyware Doctor, do a “Full Scan” of your computer and sit tight. When the scan is completed, remove all the threats and then your computer should be virus free.

B) Alternative Google Redirect Virus Removal Methods

Some variants of Google redirect virus are much stubborn and need additional treatment. These variants can hide themselves from Main Removal methods and this is where you can try these alternative methods which can be very useful in detecting and removing the rogue.

If Main Removal Method doesn’t remove Google redirect virus, please download these scanners one by one and scan your computer.

1. Super Antispyware
I believe this product is very effective and If Spyware Doctor doesn’t help, then downloading Super Antispyware and scanning your computer with it can be really helpful.

2. Hitman Pro

Hitman Pro uses a very advanced technology which is called Cloud scan. Hitman pro actually uploads suspicious files to its cloud and can detect some threats which are missed by all other products.

If you follow above steps, there is no way your computer can remain infected with Google Redirect Virus. I’ll update this blog in future when I find new variants of Google Redirect Virus.