Google Redirect virus: the virtual annoyance that has been causing headache for computer users for years
Google redirect virus is a serious computer infection that causes continuous redirections to random pages having nothing in common with user's search query on Google or other search engine. The program that initiates these redirections seeks to generate revenue by promoting shady third-party websites, products and services.
Unfortunately, reliability of these external sites is not what matters for browser redirect malware developers. According to experts, such programs are closely related to browser hijackers, adware and similar types of malware. Such programs cause a lot of problems to computer users, so experts recommend to remove Google Redirect virus from Chrome and other browsers as soon as it is possible.
Google redirect issue is initiated for making the money and increasing traffic to needed websites that are trying to increase their sales or page rank on Google. Beware that Google redirects may end on malicious website trying to steal your personal information or seeking to infect you with malware or spyware.
In addition, when trying to find relevant information online with the browser redirect virus on your computer you risk entering phishing websites unexpectedly. Keep in mind that you might run into sites showing fake error codes and displaying warnings about security threats affecting your computer. Such messages often contain a tech support number that the victim is asked to dial. However, doing so simply connects the victim with tech support scammers.
This issue is usually followed by another issue – different kinds of advertisements that appear in various forms, such as pop-ups, in-text ads, banner ads and similar notifications. Please, do NOT fall for their tricky titles because they can hardly help you save the money or get needed updates.
To sum up, having Google redirect virus on your computer means lots of serious problems that can be avoided only by removing this threat from the system. The most serious thing is that you need to find the virus that causes these issues on your computer yourself. This task is quite challenging, so we often recommend using anti-spyware or anti-malware programs for Google redirect virus removal.
Avoid installing unwanted programs that cause browser redirects
Google redirect is mostly caused by browser hijackers. However, TDSS, Alureon or Tidserv viruses can also be related to this problem. As soon as the browser hijacker or other threat gets into the machine, it initiates a dangerous mess in user's web surfing routine.
Besides, you can find yourself disconnected from many Internet websites and services. Besides, you can be redirected to various sites that are either harmless commercial websites or dangerous sites that are associated with Internet criminals.
Avoid installing such unwanted programs by developing secure web browsing habits:
- First of all, avoid visiting domains that raise suspicion to you. If a website displays an excessive number of ads, download buttons or links and other untrustworthy content, better close such site immediately.
- Never open vague email attachments sent to you by strangers. We highly doubt that you want to install browser redirect viruses, however, opening suspicious emails can drop a much more serious malware on the system, for example, ransomware or Trojans.
- Install computer programs wisely and without a rush. Do not become a victim of a browser hijack only because you tend to rush during software installation. A smart way of avoiding spyware programs is choosing Custom/Advanced software installation option. After selecting one of these options, the user should see a list of programs that can be installed alongside the main one. These should be deselected immediately as they often prove to be ad-supported virtual annoyances.
- Install and continuously update an anti-spyware software. Unfortunately, traditional antivirus solutions often detect severe malware variants only, meaning that they let spyware-type programs slip into the system unnoticed. To fix this, we recommend installing anti-spyware or anti-malware software. You can read some software reviews on our website on the Software page.
If your machine is protected by a licensed version of anti-spyware and anti-virus programs, you can be calm while browsing the Internet because there is almost no risk to get Google redirect virus on your PC. However, failing to protect your machine with licensed software opens the doors to the system and makes it vulnerable to cyber threats.
Remove Google redirect virus and block redirects on Chrome and other browsers
In order to block Google redirect virus, you need to find the program that causes the redirect problem. Detecting the infection can be a time-consuming task, so we usually recommend choosing an anti-malware or anti-spyware program for the elimination of the threat.
First of all, scan your computer with an updated anti-spyware program:
Now, check Hosts file for malicious entries:
Hosts file is on C:\\\\Windows\\\\System32\\\\Drivers\\\\etc\\\\hosts where Windows is your windows installation directory. On Windows 10/8/8.1/7/Vista/8/XP, you should open your hosts file with administrative privileges. For that, use these steps:
- Click Start and search for Notepad. Right-click on the search result and choose Run as Administrator. In case the system asks to enter Administrator's password, do it.Slide 1 of 15
- Click on the file location bar and enter this value: C:\\Windows\\System32\\Drivers\\etc\\. Most likely this will open an empty folder, but do not worry – the file you need is hidden. Simply type hosts in the File name field and click Open.
- An alternative way to open the hosts file is to go to that folder and click View. Then you need to select Hidden items option and then you will see the right file on your screen. You can right-click on it and choose Open with Administrator privileges.
The hosts file will look like this:
- Pay attention to lines and IPs. To put it shortly, potentially unwanted programs might configure the hosts file to redirect you to different websites by assigning wrong IPs to particular domain. In the given example, you can see an IP of mystartpage.com, but not Google. Delete such suspicious lines and then click File > Save.
Check Domain Name Server (DNS) settings
- Go Control Panel-> Network Connections -> select Local Area Connection. In other Windows versions it might be easier to access the panel using these directions:
- Press down Windows key + R and type control panel. Click OK. Go to Network and Internet section, then to Network and Sharing center. Here, click on Change adapter settings.
- Then you should right-click the icon of the network you are using and choose Properties.
If asked, enter your Administrator password again.
- You should see a window presented in the image below.
- Here, you will need to adjust Internet Protocol (TCP/IP) properties. Be aware that you might find two versions (4 and 6) of Internet Protocol (TCP/IP), so in such case, we recommend applying same changes we will describe to both of them. So, let's start with Internet Protocol Version 4 (TCP/IP). Select it and click Properties:
- New window (Internet Protocol window) will show up;
- Select Obtain an IP address automatically and Obtain DNS server address automatically options. Alternatively, you can set public Google DNS servers manually. In such case, you need to enter select Use the following DNS server addresses options and then enter 220.127.116.11 and/or 18.104.22.168 into provided fields. Click OK to save.
Check your proxy settings
For Internet Explorer:
- Launch IE, then go Tools > Internet Options;
- Click Connections tab and press Local Area Network (LAN) Settings as it is shown is a picture:
- Deselect everything or enter parameters that were given by system administrator and press OK. Click Apply and OK in Internet Options window.
For Mozilla Firefox:
- Launch Mozilla Firefox, then go Tools > Options;
- Additionally, press Advanced and open Network tab. Press Settings button.
- Select No proxy or enter parameters that were given by system administrator and press OK.
For Google Chrome:
- Open Google Chrome and enter this line into the address field: chrome://settings/system and press Enter;
- Find System tab and click Open proxy settings;
- Now in the Internet Properties window, click Lan settings button > Local Area Network (LAN) Settings;
- Uncheck the Use Proxy server for your LAN, Automatically detect settings, Use automatic configuration script and click OK.
- Click Apply and OK in the Internet Properties window to finish.
For Microsoft Edge:
- Open Microsoft Edge and open its Settings (three dots in the upper right corner of the browser window). Scroll down and click View Advanced Settings.
- Find and click Open Proxy Settings. Here, select Automatically detect settings option and click Save.
- Open Safari and click gear icon in the upper right corner. Click Preferences.
- Go to Advanced tab. Here, click Change Settings… button next to Proxies option.
- Open LAN settings. In the new window, deselect all options as shown in the example below and click OK. In Internet Properties tab, click Apply and OK to save.
Delete AutoConfigURL virus:
Sometimes, browser hijackers and malicious programs can add AutoConfigURL key to Windows Registry. In such case, you can also see a suspicious address in the Use automatic configuration script setting. You should follow the given directions to remove AutoConfigURL virus:
- Press Windows key + R to open Run prompt. Type regedit and click OK.
- Now, navigate to Computer\\HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings and find AutoConfigURL key here.
- Right-click the key and Delete it.
Check your browser add-ons:
For Internet Explorer:
- Launch IE, then select Tools > Manage Addons;
- Delete all add-ons that look spammy/unknown or simple are unverified (there might be some useful ones, but better re-install them after some time).
- Set browser's settings to default. Use these Reset Internet Explorer instructions.
For Mozilla Firefox:
- Launch Mozilla Firefox, and enter about:addons in the address field. Then click on Extensions and remove every suspicious entry you can find installed on your browser.
- Refresh Firefox and set its settings back to default using these instructions on how to reset Mozilla Firefox.
For Google Chrome:
- Open Google Chrome and enter chrome://extensions in the address bar.
- Once in the Extensions tab, locate unknown and unverified entries and click on a trash can icon next to them. Click Remove to delete them.
- Reset Chrome using these in-depth Google Chrome reset instructions.
For Microsoft Edge:
- Click on three dots in the upper-right corner of Microsoft Edge window. Click Extensions and remove any suspicious extensions you can find.
- Consider resettings Microsoft Edge settings to default. You can use a full-length guide on how to reset Microsoft Edge provided by us.
- Open Safari. Go to Preferences and then access Extensions tab. Here, get rid of every suspicious extension installed without your consent.
- After removing unwanted extensions, reset Safari. Safari reset instructions are already prepared by our support team.
Besides, Zondervirus.nl experts advise that you may also need to change the settings of your default search engine/start page on each of these browsers. However, resetting the browser usually fixes this problem.
Final step: fix modified browser shortcuts
This simple guide explains how to fix shortcuts altered by browser redirect viruses. Whichever web browser you use, the same method can be used to fix each of them. Here is what you need to do:
- Right-click on browser's shortcut and go to Properties. Then access Shortcut tab.
- Here, find Target option. You need to check whether there is a suspicious link inserted after the location of browser's executive file. Delete it if you can find it. Depending on the browser you use, correct line in the Target field should look like this:
- “C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe”;
- “C:\\Program Files\\Mozilla Firefox\\firefox.exe”;
- “C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe”;
- “C:\\Program Files (x86)\\Safari\\”.
- Keep in mind that you might need to switch Program Files to Program Files (x86) if you use 64-bit Windows.
If after completing all given steps you still experience redirects, it is likely that a malicious software is running on your computer. Usually, such programs use advanced obfuscation techniques to root into computer system and stay undetected. Therefore, we highly recommend scanning your computer with an up-to-date anti-malware software to remove Google redirect virus for good.