Google search. It doesn’t need any introduction. Even kindergarten kids know about it these days.
There are few who even search their lost dogs on Google. Kidding…
I always keep saying that security is very important when it comes to computers and Internet.
Even though Google is a giant of Internet, cyber-criminals were all eyes on it. And now, they have a brand new malware to make sure they don’t spare Google too.
Is your computer affected?
Do your Google search results are redirecting you to weird, unwanted websites?
If so, your computer may be infected by a virus called Google Redirect Virus (GRV).
Thank god, you can remove this virus completely of your PC.
Unlike most cases of malware, this virus embeds itself deeper into your system and requires more than a simple malware scan.
If you are not very tech-savvy and new to computers, then don’t you worry. We have come up with step-by-step solution for removing Google Redirect Virus from your system.
Google Redirect Virus
Let me give you a brief introduction about this malware.
First of all GRV is not a virus. Virus here is a misnomer. GRV is actually a trojan – and despite the name, Google has nothing to do with the problem.
It’s the problem with your PC and it will affect all the main browsers that you have installed, including Internet Explorer, Firefox, Opera, and Chrome.
Symptoms : The primary symptom of the Google Redirect Virus is that clicking on any Google search result link will take you to another unrelated, unwanted and irritating website.
It doesn’t matter which search link you click and it doesn’t matter which browser you use for searching.
How would be a computer affected by GRV?
Unfortunately, it’s very easy to get infected by GRV.
If you accidentally visit a malicious or infected website, and if you don’t have the necessary anti-virus protection on your computer, you can get it.
GRV is a variation of the TDSS rootkit, which piggybacks on top of a system driver.
Since the system driver is innocent in the eyes of malware detection programs, the GRV is not flagged as malicious and, therefore, not removed.
The Best Solution….
Guess what ! The solution here again is a anti-rootkit utility from our beloved security giant Kaspersky called TDSSKiller.
Follow the step-by-step instruction to remove the Google Redirect Virus from you system :
1>> Download the TDSSKiller zip file.
3>> Once extracted, open the tdsskiller folder and you should see a TDSSKiller.exe file.
(NOTE : If you are unable to download TDSSKiller on your computer, then a TDSS rootkit present in your computer may be the culprit that is blocking the download.
In such a case, you’ll need to download the file using another computer and transfer it to your own computer using a pendrive or CD.)
4>> Once you double-click on the TDSSKiller.exe, you will see the initialization process as shown below :
(NOTE : If nothing happens even after you double-click on the TDSSKiller.exe file, you’ll need to rename it.
Right click on the file and select Rename, then rename the file to myfile.com . Take note that the .com extension is very important – it is how you can bypass the TDSS block.
After all these, if you are not able to run TDSSKiller, you may need to use FixTDSS (another anti-root kit tool) instead. You can find FixTDSS below in this article.
5>> Now click on button “Start scan” as seen in the screen shot below.
6>> Kaspersky TDSSKiller starts scanning for all the TDSS rootkits present in your computer.
(NOTE : If TDSSKiller fails to find the Google Redirect Virus on your system, then you may need to scroll down and use FixTDSS instead.)
7>> Choose to “Cure” all the rootkits found by the Kaspersky TDSSKiller.
(Note : If you can’t cure some of them, leave it on the default “Skip” option. But dont ever use the “Delete” and “Quarantine”.
Using these options is very risky because it can cripple critical system files and may make it inoperable.)
8>> Click on “Reboot computer” to complete the removal of the TDSS rootkit at the end of the process.
Hopefully, Kaspersky TDSSKiller should help you remove the Google Redirect Virus. If it fails, then use this TDSS remover tool called FixTDSS.
FixTDSS is a root-kit remover from another popular antivirus products making company Symantec. Symantec is well-known for its Norton Products.
Follow these simple steps to remove GRV using FixTDSS :
1>> Download the FixTDSS here. It is an .exe file.
2>> Now, double-click the FixTDSS.exe file to run it.
3>> After the program initializes, click on the “Proceed” button to start the scan.
4>> The program will look for potential problems and fix them if necessary.
5>> To complete the removal of the TDSS rootkit, you will be required to reboot. Do so when prompted.
After your computer boots back up, you will see the results of FixTDSS’s findings.
Make Changes to Host File
Well well, you still have a little bit of work left to do.
It is possible that the Google Redirect virus has modified your computers’s HOSTS file.
The Windows HOSTS file contains a list of computer IP addresses which is accessed whenever a user types in a web address to their browser.
The browser will check the HOSTS file to see if the typed address exists in the HOSTS file and if so, direct the user to the relevant site.
If the address doesn’t exist in the HOSTS file, the browser will ask the user’s ISP DNS server for the web address and once obtained will direct the user to the site.
The Windows HOSTS file is a standard .TXT file and can be found in C:\Windows\System32\drivers\etc under the name “hosts“.
There is also a file called ‘lmhosts‘ – make sure you select the HOSTS file!
There is usually no file association with the HOSTS file, so open it by right-clicking (or double-clicking) the file and selecting ‘Open With‘ followed by Notepad.
An unmodified HOSTS file should only contain the IP address 127.0.0.1 localhost. If there are other entries in the HOSTS file, remove them and then resave the file.
If whatever said in this article went fine, the Google Redirect Virus and other TDSS rootkit should be successfully eliminated from your system.
You can do a quick check now on Google by searching for something and clicking on any search result link.
If you aren’t redirected to another website then the infection is gone.
In the future, you can help prevent infections on your system by using any of these premium anti-virus softwares.
- McAfee Internet Security 2012 Free Download with 90 Days License Key
- FREE Kaspersky Internet Security 2012 90 Days Activation Key Download
- FREE Kaspersky Antivirus 2012 90 Days Activation Code Download
- FREE G Data Internet Security 2012 Download With 4 Months Key
There are many free anti-virus software available on the Internet too:
- avast! Free Antivirus
- AntiVir Free Version
- AVG Antivirus Free Edition
- Comodo Internet Security
- Microsoft Security Essentials
OS Compatibility : Both Kaspersky TDSSKiller and Symantec FixTDSS are fully compatible on Windows XP, Vista and 7 (both 32 & 64 bit).