Danger level 8
Type: Malware
Common infection symptoms:
  • Connects to the internet without permission
  • Strange toolbar installed without Your permission
  • Slow internet connection
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Google Redirect Virus

The Google Redirect Virus is a real and serious threat to PCs everywhere. The main symptom of this virus is that users’ Google search results will be hijacked, and instead of being directed to legitimate sites they will be redirect to malicious spyware distribution websites selling rogue security tools and distributing viruses and infections. The Google Redirect Virus will sneak onto a PC, and once activated will make it nearly impossible for the user to use any search engine.

Download Spyware Removal Tool to Remove* Google Redirect Virus
  • Quick & tested solution for Google Redirect Virus removal.
  • 100% Free Scan for Windows

What makes Google Redirect Virus even more dangerous than standard search engine hijackers is the fact that it can use up to 100% of the system’s resources, making the system nearly impossible to operate. Google Redirect Virus will also create a backdoor on the system which other types of malware will exploit for easy entry into the system.

Despite being popularly referred to by its virus title, the Google Redirect Virus is more adeptly classified as a Rootkit or Trojan. This threat is caused by numerous types of TDSS Rootkits, some of which goes by the names of:

Alureon
Tidserv
Backdoor.Tidserv
Trojan:WinNT/Alureon.D
TrojanSpy:Win32/Chadem.A and many others

Google Redirect Virus blocks Google’s search listings and will show random pages which contain dubious listings and links from spammers and malware sites. In effect Google’s search results are hijacked, which makes it impossible for the user to conduct a search online.

After the user is redirected to a website unrelated to their initial search, some websites may use the user to generate fake traffic to boost their affiliate marketing payments, while others will try to trick the user into buying harmful rogue security tools such as:

Fast Windows Antivirus 2011 and
Windows Necessary Firewall

Another big problem with Google Redirect Virus is that it can hide from installed security tools. It will not be picked up by many security tools and thus the user may find it difficult to detect and remove Google Redirect Virus from the system. It does this by injecting itself into running memory processes and adding / deleting entries and values inside the registry, HOSTS file and DNS.

Some of the websites this virus redirects its victims to have been reported to include the following:

Clearask.com
Web-analytics.google.com
Brittaniasearch.com
Go.google.com

Google Redirect Virus will also hijack the browser to prevent the user from visiting certain security related websites and prevent the user from downloading malware removal applications. Users should not attempt to manually remove Google Redirect Virus as this may very well cause permanent damage to the system. Instead employ the removal power of a powerful and genuine security tool which will also protect the system against future attacks of a similar kind.

Download Spyware Removal Tool to Remove* Google Redirect Virus
  • Quick & tested solution for Google Redirect Virus removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Google Redirect Virus

Files associated with Google Redirect Virus infection:

%LOCALAPPDATA%\Babylon\ATI
%UserProfile%\Local Settings\Application Data\Netscape
%LOCALAPPDATA%\Tific
%LOCALAPPDATA%\Downloaded Installations\Apple Computer
%LOCALAPPDATA%\Sony Corporation
%LOCALAPPDATA%\assembly\Adobe
%LOCALAPPDATA%\AlwaysNeat\Adobe
%LOCALAPPDATA%\Spotify
%AppData%\????
%LOCALAPPDATA%\SSPrint
%LOCALAPPDATA%\Sonic
%LOCALAPPDATA%\CyberLink
%LOCALAPPDATA%\Adobe\Acer
%LOCALAPPDATA%\Diagnostics\Dell
%LOCALAPPDATA%\EasyBits
%AppData%\?????
%LOCALAPPDATA%\LeaderTech
NOTEPAD.EXE
%LOCALAPPDATA%\Unity
%LOCALAPPDATA%\Conduit\Babylon
%LOCALAPPDATA%\CyberLink\CutePDF Writer
%LOCALAPPDATA%\Realtek
%LOCALAPPDATA%\Paint.NET
%LOCALAPPDATA%\CamfrogWEB
%LOCALAPPDATA%\Blizzard Entertainment
%AppData%\???
%LOCALAPPDATA%\NPE\Microsoft Help
%AppData%\??????
%LOCALAPPDATA%\Savings Bond Wizard
%LOCALAPPDATA%\Macromedia
%LOCALAPPDATA%\MainConcept
%LOCALAPPDATA%\7-Zip
%LOCALAPPDATA%\NVIDIA Corporation
%LOCALAPPDATA%\Microsoft Games\Google
%LOCALAPPDATA%\Snapfish
%LOCALAPPDATA%\ClassesB
%LOCALAPPDATA%\VirtualDJ
%LOCALAPPDATA%\Lenovo
%LOCALAPPDATA%\Dell
%LOCALAPPDATA%\Affinix
%LOCALAPPDATA%\Ask.com
%LOCALAPPDATA%\Widcomm
%LOCALAPPDATA%\MainBoss
kbd101V.dll
%UserProfile%\Local Settings\Application Data\Apple Computer\Apple
%LOCALAPPDATA%\DeviceVM
%APPDATA%\Bitrix Security
%LOCALAPPDATA%\Full Tilt Poker
%LOCALAPPDATA%\Logitech
%LOCALAPPDATA%\GNU
%LOCALAPPDATA%\Apple Computer\Apple
%LOCALAPPDATA%\Apple\Ancestry.com
%LOCALAPPDATA%\Conduit\Adobe
%LOCALAPPDATA%\Red Storm Entertainment
%LOCALAPPDATA%\MainConcept (Adobe2)
%UserProfile%\Local Settings\Application Data\Microsoft
%LOCALAPPDATA%\Diagnostics\Apple Computer
%LOCALAPPDATA%\ATI\Adobe
%LOCALAPPDATA%\Simutronics
%LOCALAPPDATA%\ScanSoft
%LOCALAPPDATA%\Comical
%LOCALAPPDATA%\CrashDumps\Apps
%LOCALAPPDATA%\DT Soft
%LOCALAPPDATA%\Hewlett-Packard
%LOCALAPPDATA%\HP
%LOCALAPPDATA%\bProtector
%LOCALAPPDATA%\JavaSoft
%LOCALAPPDATA%\IM
%LOCALAPPDATA%\Bodog Poker
%LOCALAPPDATA%\AhnLab
%LOCALAPPDATA%\Aimersoft\Adobe
%LOCALAPPDATA%\Flux
%LOCALAPPDATA%\GSpot Appliance Corp
%LOCALAPPDATA%\AIM Toolbar
%LOCALAPPDATA%\VidSoft
%LOCALAPPDATA%\Apps\Adobe
%LOCALAPPDATA%\MainConcept (Muvee)
%LOCALAPPDATA%\Softonic
%LOCALAPPDATA%\Apple\Adobe
%LOCALAPPDATA%\Conduit\Avg2013
%LOCALAPPDATA%\Macrovision
%LOCALAPPDATA%\NDS
%LOCALAPPDATA%\Vodafone
%LOCALAPPDATA%\Google
%LOCALAPPDATA%\Corel
%LOCALAPPDATA%\Search Settings
%LOCALAPPDATA%\Valve
%LOCALAPPDATA%\Microsoft
%LOCALAPPDATA%\Logos4\Google
%LOCALAPPDATA%\Apple Computer
%LOCALAPPDATA%\Downloaded Installations\Dell Edoc Viewer
%LOCALAPPDATA%\LogMeIn
%LOCALAPPDATA%\AIM\Adobe
%LOCALAPPDATA%\Apple Computer\Adobe
%LOCALAPPDATA%\VB and VBA Program Settings
%LOCALAPPDATA%\Apple\AOL
%LOCALAPPDATA%\Mozilla
%LOCALAPPDATA%\SupportSoft
%LOCALAPPDATA%\Enterbrain
%LOCALAPPDATA%\PTP
%LOCALAPPDATA%\McAfee Personal Vault
%LOCALAPPDATA%\Intel
%LOCALAPPDATA%\Apple Computer\Ahead
%LOCALAPPDATA%\Askcom
%LOCALAPPDATA%\LDM
%LOCALAPPDATA%\WinRAR SFX
%LOCALAPPDATA%\Bitberry
%LOCALAPPDATA%\ProtectStar
%LOCALAPPDATA%\Ahead
%LOCALAPPDATA%\Avg2013\AVG Secure Search
%LOCALAPPDATA%\Dell\Adobe
%LOCALAPPDATA%\Foxit Software
%LOCALAPPDATA%\IADirectShow
%LOCALAPPDATA%\RuneScape
%LOCALAPPDATA%\Intuit
%LOCALAPPDATA%\Move Media Player
KBDSL1B.dll
xriotabb.dll
%LOCALAPPDATA%\Adobe
%LOCALAPPDATA%\Adobe\ActiveState
%LOCALAPPDATA%\ArcSoft\Apple
%UserProfile%\Local Settings\Application Data\RealNetworks
%LOCALAPPDATA%\Winferno
%LOCALAPPDATA%\Akamai
%LOCALAPPDATA%\RealNetworks
msdeltam.dll
%LOCALAPPDATA%\Roxio
%LOCALAPPDATA%\Netscape
%LOCALAPPDATA%\AVS4YOU
%LOCALAPPDATA%\APN\Adobe
%LOCALAPPDATA%\BitTorrent
%LOCALAPPDATA%\Zugo
%LOCALAPPDATA%\Amazon
%LOCALAPPDATA%\Apple
%LOCALAPPDATA%\Gabest
%LOCALAPPDATA%\Apps\APN
%LOCALAPPDATA%\FreeCDRIP
%LOCALAPPDATA%\Chromium\Apple Computer
%LOCALAPPDATA%\SkypeRS
%LOCALAPPDATA%\Google\Apps
%LOCALAPPDATA%\Tibo Software
%LOCALAPPDATA%\Synaptics
%LOCALAPPDATA%\Nico Mak Computing
%LOCALAPPDATA%\Inbox Toolbar
%LOCALAPPDATA%\Motive
%LOCALAPPDATA%\MFAData\Deployment
%LOCALAPPDATA%\DataMngr
%LOCALAPPDATA%\Highway
%LOCALAPPDATA%\SpeedyPC Software
_VOIDmainqt.dll
_VOID.tmp
UAC.tmp
_VOIDtmp
4DW4R3.sys
UAC.sys
_VOID.sys
4DW4R3.dll
4DW4R3sv.dat
4DW4R3c.dll
_VOID.dat
_VOID.dll
uactmp.db
UAC.dat
UAC.db
uacinit.dll
UAC.dll
wdmaud.sys

Google Redirect Virus DLL's to remove:

KBDSL1B.dll
kbd101V.dll
msdeltam.dll
4DW4R3.dll
_VOID.dll
4DW4R3c.dll
uacinit.dll
_VOIDmainqt.dll
xriotabb.dll
Disclaimer

Comments

  1. davy jones Jan 15, 2010

    this is just daft talk, why are they not telling you what files to remove. complete wallies............

  2. Whoever May 21, 2010

    it can be called a different name every time. its not made by the same person for every computer and its not got the same filename. so they cannot know what files to remove

  3. Me Jun 27, 2010

    Waste of time.

  4. bob bobbington Jul 10, 2010

    this info is awful, microsoft do a free virus program anyway which is good enough for this kind of stuff. And yes, it detects and removes for free,not just detects like this crap.

  5. blah blahington Jul 28, 2010

    listen to that yo yo,he dont know. i went back to my old router and surfs up

  6. Gnagnagno Oct 26, 2010

    Well, since you need my opinion...
    Why don't you find some serious job instead of wasting your and our time with this crap.
    Here you go with my opinion.

  7. joe Feb 6, 2011

    just scan for new files after each browser session
    2 html's
    1 cookie
    1 gif thats really a text file

  8. useless Apr 4, 2011

    wtf? im none the wiser?

  9. pierre Oct 8, 2011

    Worked perfectly – thank you so

  10. MONI Jun 13, 2014

    download it for free, but when scan my pc and found all virus said: O YOU PAY OR NOT CLEAN ANYTHING, and stare at me as my effort behind this bad attitude is going to recommend something for free when it is not, lost much time!!!!!

  11. MONI Jun 13, 2014

    download it for free, but when scan my pc and found all virus said: O YOU PAY OR NOT CLEAN ANYTHING, and stare at me as my effort behind this bad attitude is going to recommend something for free when it is not, lost much time!!!!!

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.