Google redirect virus is a group of trojans and rootkits that redirect user searches to undesired websites. Such behavior can be noticed during rogue antivirus attacks as well, when search is hijacked and no legitimate malware remover companies are displayed or accessed in results. Thus Google redirects are quite dangerous. These redirects might affect other websites (or search engines) as well.

There are several flavors of google redirect virus. The first one is simple proxy server, set up in each of affected browsers. All internet connections are passed through rootkit or trojan process and each link might be redirected to other website. A good antivirus or anti-malware tool should get rid of this type of infection, though in case of rootkit one needs TDSS killer by kaspersky lab or similar tool. There are other families of rootkits that have effect like that too. Quite typically, after removing malware processes internet stops working completely and one has to remove proxy server manually.

In some cases it is just an malicious browser add-on. If only one program is affected an no proxy is set up in that program, browser addons are the culprit. A good malware remover takes care of this problem as well and completely. Malwarebytes, superantispyware and Spyware Doctor are programs to choose from.

Some of the redirects might affect DNS server. This is done either in HOSTS file, or in TCP/IP settings of your internet connections. In ultimate cases it might affect your router as well. Some of these things are harder to detect, and can be repaired manually or by specific programs only.

We have written a nice guide about removing Google Redirect viruses on 2-viruses.com in the past and most things apply. If spyware Doctor or other remover does not help, try running combofix or going through that guide.

Categories: Security

Giedrius Majauskas

I am a internet company owner and project manager living at Lithuania. I am interested in computer security, health and technology topics.

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *