How to remove Google Redirect Virus with ComboFix

The Google Redirect Virus is one of the most common infections on the computers. Although this virus is invisible (its changing a few files on your system), the links in your search engine will refer you to random websites and some pop-up windows are loading. Google Redirect Virus sneaks inside a PC, and once it is activated, makes it almost impossible for the user to use any search engine.

What is Google Redirect Virus

The Google Redirect Virus is a search engine redirect infection that works by changing some of the settings of your computer is used to send you to the other links on the Internet. Although this is commonly known as the Google Redirect Infection, it is a hidden program that turns your Windows settings and then just disappear.  Usually there is reference to title of virus, Google Redirect Virus can better be classified as a Rootkit or Trojan. This threat is caused by different types of TDSS Rootkits, some have names such as:

  • Backdoor.Tidserv
  • Tidserv
  • TrojanSpy: Win32/Chadem.A
  • Alureon
  • Trojan: WinNT / Alureon.D
  • and many others.

Google Redirect Virus blocking Google’s search results and displays random pages that lists and links to suspected spammers and malware sites. The search results will be hijacked and makes it impossible to do online searching.

When the user is redirected to a website that is not related to the initial search, the user will help the redirected website to create fake payments from their affiliate marketing. This is an easy way for fakers to generate extra money by creating more traffic to their websites. Others are trying to let you buy harmful security tools like Windows Necessary Firewall and Fast Windows Antivirus 2011.

Another big problem is that it can hide itselve against the installed security software, it will be detected only by a few security software. So it does’nt make it easy for the user to detect and remove the virus. It will change or remove the Host settings, DNS and registry values.

How do you get the Google Redirect Virus

First of all don’t blame Google on this, Google has nothing to do with it. They made it the name Google Redirect because it’s a search engine Virus. The people who making this malware are the ones who are guilt. Mostly you get this virus if you are entering malware sites with an unsecure browser. Victims will be forwarded to for example those sites:


How to remove Google Redirect Virus

There are many Trojan Horse Removal Tools, those are a kind of software that scans your PC and get rid of any Trojan Horse infections that are harboring the virus. Tools like Hitman Pro or SpyHunter are able to get rid of different variants of the infection.

Also you can use the special program called ComboFix, this software is free to use. It scans for malware, viruses, trojans and other junk that you do not want to have on your computer. Usually you can find them in the windows/system32 folder. Virus scanners like AVG, Norton and McAfee are not able to detect and remove those kind of viruses. Follow these steps to use ComboFix:

  • Disable or close all anti-spyware, anti-malware, antivirus real-time protection, which may affect ComboFix.
  • Download ComboFix and save it to your desktop.
  • Close all programs and software which are running on your computer.
  • Run ComboFix
  • During the execution it will make a backup of the registry and a system restore point.
  • The system date will be changed to make it easier to detect and remove the malware.
  • The network will be disconnected.
  • It will make a kind of test virus to check if the program will detect the virus, if it is correct you will see a warning.
  • When Combofix finished, it will create logs for you.
  • Once it found malware ComboFix will reboot your system.

Once you’re finished with ComboFix and removed the malware, use CCleaner. This program cleans the registry, deleting Internet files, cookies, history, recycle bin etc. It also has the ability to uninstall programs.



Leave a Reply