How to remove the Google Redirect Virus? (Microsoft Security Essentials Disabled by Virus)

I have been infected with the Google Redirect Virus, the virus disabled Microsoft Security Essentials and prevented me from using the Malicious Software Removal tool.

The Problem:
Whenever I type something into any web browser (Chrome, IE9 and Firefox) it displays the search results, however whenever I click on any of the links, it redirects to a pharmaceutical website or other malicious websites.

What I've tried so far:
I went into Safe Mode, and scanned using the MSR Tool and it didn't find anything, I tried Malwareblaster and checked the DNS is checked to Automatic, it isn't using a Proxy Server. I checked the registry for known Google Redirect entries, and could not find anything.

I uninstalled Microsoft Security Essentials and tried reinstalling it, the installation failed (probably because of the Virus), so I tried AVG, this didn't find anything either. I tried the ESET Online Scanner, and the McAfee Scan Tool. I uninstalled any freeware/shareware programs & toolbars and disabled all browser add-ons.

This Virus is becoming a massive headache, what can I try to remove this virus???

Thanks in advance.
 

Question Info


Last updated August 9, 2019 Views 4,186 Applies to:
Answer
Answer

Excellent post - you did a great job telling us about your issue and what you have done to try to resolve it. 

Remember that some redirects are caused by Alureon which is a rootkit.  Have you seen any evidence of this type infection?  If so, I'm sure you know that you may have very serious issues and need to reformat/reinstall.

 

Once your computer is clean you need to completely remove these other programs you mentioned if you wish to install MSE.  

Microsoft Security Essentials – Installation Checklist and Frequently Asked Questions

 

Malwarebytes and Eset scanner are good products which are usually effective on browser redirect malware - sounds like you have a bad malware infection.

 

Try these “free” on demand scanners which will not interfere with your resident AV program - you might need to run them in Safe Mode or Safe Mode With Networking:

 

Try Superantispyware Portable at: http://www.superantispyware.com/portablescanner.html

SuperAntiSpyware  Portable is "designed" to be downloaded onto a flash drive (or CD) and you could then insert the drive into your computer and run it from there.  If you do that you may need to scan the flash drive for malware after using it on the infected computer.  Superantispyware is a very good scanner but will also identify and remove cookies which are not considered to be malware.

And/or

Try Hitman Pro Trial Version: http://www.surfright.nl/en/hitmanpro   This can be run from a flash drive.

And/or

Try TDSS Killer: http://support.kaspersky.com/faq/?qid=208283363   This can be run from a flash drive.

 

OR

 

If you can install it try: http://www.safer-networking.org/en/spybotsd/index.html

 

OR

 

You may be able to remove the infection using one of the following offline scanners:

http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

http://www.bitdefender.com/support/How-to-create-a-BitDefender-Rescue-CD-627.html

http://www.freedrweb.com/livecd/

http://support.kaspersky.com/viruses/rescuedisk?level=2

 

OR

 

You can also seek assistance from MS Support:

 

Start here - https://support.microsoftsecurityessentials.com/  and select the link that says - I think my computer is infected. Options will vary by region, but phone support leads you to Microsoft Answer Desk (http://www.answerdesk.com/) in the US at this time. After an initial free consultation, a fee may be charged for assistance, based on the details of the case.

In other regions not served by the link above, go here:   http://Support.microsoft.com/security and go to the “assisted support” or contact us menu.   For international information, see your local subsidiary Support site.

 

If you'd like some free options, consider this web site - http://www.bleepingcomputer.com -  which contains details for many of the common infections, often immediately after they began to appear in the wild, and instructions are provided for how to remove the infections using their malware removal guides. They also have forums where you can seek help from people who specialize in malware removal.

 

Regards...

 

http://voices.washingtonpost.com/securityfix/2009/09/what_to_do_when_rogue_anti-vir.html#more

 

 

http://ask-leo.com/i_run_antivirus_software_why_do_i_still_sometimes_get_infected.html

 

 
MVP Consumer Security 2014-2016
Windows Insider MVP 2016-2018

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.