Google Redirect Virus Removal
Google redirect virus removal is not difficult to do if the computer infected with the virus is equipped with antivirus software capable of detecting this trojan. Removing the Google redirect virus gets a bit more complicated when trying to manually remove this annoying malware. The Google redirect virus is aptly named. It manipulates Google search results to redirect Web searchers to malicious money making websites affiliated with the authors of the virus.
- Highlight and copy the following command line: SET DEVMGR_SHOW_NONPRESENT_DEVICES=1
- Open the “Start” menu. Go to “All Programs.” Point to “Accessories.” Right-click “Command Prompt” and select “Run as…” Click “The following user” radio button and enter credentials for a user account with administrator rights. Click “OK” to open the MS-DOS Command Prompt.
- Right-click on the prompt and select “Paste” from the shortcut menu to insert the line copied in step 1. Press “Enter.”
- Type “devmgmt.msc” at the next prompt. Press “Enter” to launch the Device Manager Console.
- Go to the “View” menu and select “Show Hidden Devices.”
- Click the Plus Sign next to “Non-plug and Play Drivers” to expand the branch. Locate and right-click on “TDSSserv.sys” or "Alureon.sys" Select “Disable” from the shortcut menu to disable the Google Redirect virus malware. (Do not select “Uninstall.”)
- Restart the computer if prompted to do so.
- Launch the computer’s antivirus software and conduct a full scan. Hopefully the antivirus software being used has the ability to detect and permanently remove the Google Redirect virus. If the computer is not equipped with antivirus software, Trend Micro has a free on-demand online virus scanner that may be utilized. Or download and install the free edition of an antivirus program. No computer should be without active, real-time virus protection.
If the antivirus program fails to isolate and remove the Google Redirect virus, try manually deleting the files associated with this malware. Log into the system using an administrator account. Open Windows Explorer. Navigate to the “C:\Windows\System32\drivers” folder and delete the “TDSSserv.sys” and “TDSSl.dll” files. Check the Temporary Internet Files folder and delete the “_jerken.exe” and “install(2).exe” files if they’re listed. The Temporary Internet Files folder is located at "C:\Documents and Settings\USER_NAME\Local Settings\Temp" in Windows XP. In Windows 7 the location is “C:\Users\USER_NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files.”
If all else fails try using the Windows “System Restore” tool to reset the computer’s system setting to a time before the Google Redirect virus infected the computer.