Monday, May 7, 2012

How to remove search redirecting virus

I dont know about you but I have been around too many viruses for my liking lately. The latest one I have come into contact and battled and dominated is a search redirecting virus. Essentially you go to use google search engine. When your such comes up with the links the user would click on the link like normal.  But instead of being directed to the site, the user is redirected to random sites. For example, direct tv and other random pages.

So here is what I did. Go to the files that contain the data C:\WINDOWS\System32\drivers\etc

Here you will find a file called Hosts and lm hosts. Right click each of the files and open with Notepad for editing purposes.

From here there should only be two entries in “For Example”.

102.54.99.98   rhino.acme.com           #source server

38.25.63.10     x.acme.com                 # x client host

If there are more entries than that go ahead and delete the additional entries. In my case I had to do this for both the Hosts and lm hosts files.

While this took care of most of the problem, my user still noticed certain search links would work fine while others were still direct to random websites. So I decided to clear out his cookies and browser history and for good measure restart. That was the final trick. Editing the host files and clearing the browser history and cookies seemed to give the user his ability to click on a link again.

As always, make sure to run Malware bytes before and after this process along with your favorite virus protection program.

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Affiliate Network Reviews