The Ultimate Step by Step Guide to Google Redirect Virus Removal

Share Post

Google redirect virus can be considered a very stubborn internet infection that redirects Google search results to a malicious webpage. These redirects normally foster advertisements or otherwise host enticing views guaranteed to gain the user’s attention. This is then used to steal information about the user.

This virus can also ensnare search engines like Yahoo and Bing, with the Yahoo Redirect Virus and Bing Redirect Virus.

Although called a redirect virus, it acts as a virus but functions as a rootkit, which generally are very difficult to remove, especially because they attach themselves to the core operating system file. According to a 2011 report, Google redirect virus was successful in infecting some 45,00,000 computers wide, 1/3rd out of which were in the US.

Why is Google Redirect Virus hard to remove?

Just like a rootkit, the Google redirect virus has the capacity to hide deep inside the operating system and manages to eliminate track records of its existence. It disguises itself as a legitimate file running within the system, which makes it even more difficult to remove. Unfortunately, no antivirus can completely remove this infection.

The most effective way to remove this virus is the manual way.

Remove Google Redirect virus manually

Follow these manual steps below to get rid of the Google redirect virus.

  1. Enable hidden files by opening folder options (start –>run –> control folders), under the view tab
    • Enable show hidden files, folders and drives

    • Uncheck hide extensions for known file types

    • Uncheck hide protected operating system files.

  2. Open msconfig (start –>run –> msconfig)
    • Click “Start” –>  run –> msconfig)

    • Go to “boot” tab if you are using Vista or Win 7. In case of XP, select “boot.ini” tab

    • Check bootlog

  3. Restart computer
    • Restart the computer to make sure changes have been implemented.
  4. Perform a complete IE optimization
    • Internet Explorer optimization is done to ensure that the redirection is not a result of a problem with IE or because of corrupted Internet settings.
  5. Open device manager (start –>run –> devmgmt.msc)
    • Click “Start” –>  run –> devmgmt.msc

    • Click “view” tab on top. Select “show hidden devices”

    • Look for “non-plug and play drivers”. Expand it to see entire list under option.

    • Check if you have any entry under TDSSserv.sys. Write down the name carefully. Right click on the entry and uninstall it.

  6. Open registry (start –>run–>regedit). Create a backup of the registry before making any changes
    • Click on edit –> find. Enter the first few letters of the infection name. You may type TDSS and look for any entries starting with those letters.

    • If there is an entry and no associated file location, simply delete it.

    • The next search will take you to an entry that includes the details of the file location on the right hand side which reads C:\Windows\System32\TDSSmain.dll. Open the folder C:\Windows\System32, find and delete TDSSmain.dll.

    • In the event you were unable to find the TDSSmain.dll file in C:\Windows\System32 because it is hidden, you would need to remove the file using the command prompt del C:\Windows\System32\TDSSmain.dll

    • Repeat the same process until all the entries in the registry starting with TDSS are removed.

    • If you were not able to find TDSSserv.sys inside hidden devices under the device manager, proceed to Step 7.

  7. Check ntbtlog.txt for the corrupted file
    • Google Redirect Virus

      By following the above steps, you will be able to completely remove “Google Redirect” Virus from your internet browser. If you still experience issues, contact online Virus Removal services like Jupiter Support, who will guide you through the removal of the virus at a low cost of only $29.

If you enjoyed this article, Get email updates from JS (It’s Free)
The Ultimate Step by Step Guide to Google Redirect Virus Removal
0 votes, 0.00 avg. rating (0% score)
Call Now 1 800 833 0089
This entry was posted in General. Bookmark the permalink.

Leave a Reply