Blog

The Removal Guide for How to Remove Any Browser Redirect Virus

Browser Redirect Virus

Forced browser redirects happen for a variety of reasons, but they are often caused by a computer virus. Browser redirect viruses are not a new problem. A redirect virus is an old technique used by malware developers to generate traffic for their websites, manipulate search engines, or redirect users to websites to generate revenue or other compensation.

Your browser may be redirected while you search Google, Bing, Yahoo, or other search engines. The redirect virus program may hijack your search engine results pages to send you to other websites. In other cases, the virus will redirect you while a web page is loading. It will send you to a tracking websites that try to steal your personal information before allowing you to go to yo7ur desired site.

What types of malicious infections are the source of these browser redirects?
• TDL4 Rootkits
• Bot Kits which affect your Master Boot Record
• Malicious Browser Add-ons or Extensions
You may be asking: what is the purpose of these viruses? They are designed specifically to make money. They generate website traffic, use misdirection to collect sales leads for other questionable websites, and ultimately trick victims into paying for worthless software. If you don’t fall into the traps these programs set, they will download additional viruses and misleading programs to threaten you.

Browser Redirect Virus Removal Instructions

This is the comprehensive guide to remove any browser redirect virus infections on your computer.
If you are struggling with the redirect virus symptoms described above, we strongly encourage you to follow this guide. Check and remove any infection that may be on your computer.
Note: The malware infecting your computer may not allow you to start some of these utilities and on-demand scanners while running Windows in Normal mode. If this is the case for you, restart your computer in Safe Mode with Networking, and try to perform the scan.

Here’s how you can start your computer in safe mode:
1. Eject all CDs, DVDs, and floppy disks from your computer, and restart your computer.
2. If you are using Windows XP, Vista, or 7, press and hold the F8 key as your computer restarts.
a. You must press the F8 key before the Windows start-up logo appears.
b. If you get a stuck key message when you press and hold the F8 key:
i. Instead of pressing & holding the F8 key, tap the F8 key continuously until you reach the ‘Advanced Boot Options’ screen.
c. In the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking, then press ENTER.
3. If you are using Windows 8, press the Windows key + C, and then click Settings.
a. Click Power, hold down the Shift key, click Restart, then click Troubleshoot and select Advanced Options.
b. In the Advanced Options Screen, select Startup Settings, then click Restart.
c. Press 5 on your keyboard as your computer restarts to enable Safe Mode with Networking.
4. Windows will start in Safe Mode with Networking.
Next, we’ll remove any bootkits and Trojan viruses using Kaspersky TDSSKiller.

How to remove bootkits and Trojans with Kaspersky TDSSKiller

First, we will run a complete system scan with Kaspersky TDSSKiller to detect and remove harmful and malicious software from your system.
1. Download the current official version of Kaspersky TDSSKiller.
a. DOWNLOAD LINK (opens a new page) (http://support.kaspersky.com/viruses/utility#TDSSKiller)
2. Double click the file “tdsskiller.exe” to open the utility, and click Change Parameters
3. A window will open. In that window, enable Detect TDLFS File System and click OK.
4. Kaspersky is ready to start the scan. Press the Start Scan button.
a. Kaspersky will now scan your computer for malware, bootkits, and Trojans. (oh, my!)
5. When the scan is complete, it will open a results screen. This will state whether or not the infection was detected.
a. If the detection was discovered, it will show a screen similar to the image below. (add image)
6. To remove the infection, click Continue and TDSSKiller will attempt to remove the infection.
a. You will be prompted to reboot your computer to completely remove any malware from your system.
Now, we are ready to use Rkill to terminate harmful and malicious processes running on your computer.

How to stop malicious processes on your computer using RKill

RKill is a useful program that tries to terminate all harmful or malicious processes running on your computer. This will enable us to complete the next steps without being blocked or interrupted by the malicious software.
Do not reboot your computer after running this utility, because this utility only stops the actively running process, and does not delete any files from your computer. A reboot will cause any malware program processes configured to start automatically to begin again.

**You will want to be in Safe Mode with Networking before completing these steps.**
1. Download the current official version of RKill.
a. DOWNLOAD LINK (opens a new page) (http://www.bleepingcomputer.com/download/rkill/)
2. Double click on the RKill program.
a. RKill works to stop malicious programs from running.
3. While RKill is working, please wait patiently while it looks for malicious processes and tries to stop them.
4. Once RKill has completed its task, a log file is created.
a. Do not reboot your computer after running RKill or malware programs will restart.

Now that we’ve used RKill to stop malicious processes on your computer, it is time to remove Trojan Horse viruses with Malwarebytes Anti-Malware, a malware removal tool often referred to as ‘MBAM.’

How to remove Trojan Horse Viruses using Malwarebytes Anti-Malware

Malwarebytes Anti-Malware Free (MBAM Free) is an industry-leading software program used to detect and remove all malware. It is able to find and eliminate spyware, rogues, dialers, Trojans, worms, and more. This software tool is incredibly powerful and works well. It should not conflict with your antivirus software.
1. Download the current version of Malwarebytes Anti-Malware Free.
a. DOWNLOAD LINK (opens a new page) (https://www.malwarebytes.com/mwb-download/)
2. When the download is complete, close all open programs and files. Then double click on the icon on your desktop named “mbam-setup” to begin the setup of Malwarebytes Anti-Malware.
a. If a User Account Control dialog box appears asking you if you want to run this file, click “Yes” to continue installation.
3. Follow the prompts by clicking the “Next” button to install Malwarebytes Anti-Malware on your computer.
4. After installation is complete, Malwarebytes Anti-Malware will automatically open, and you will see a message asking you to update the program. You will also be notified that a scan has never been run on your system. Begin a scan of your computer by clicking the “Scan Now” button.
5. Malwarebytes Anti-Malware will scan your computer for malware and viruses. Here is an image of the scanning progress window:
6. When the scan is complete, you will see the results, showing how many threats have been detected on your system. To remove the malicious programs found by Malwarebytes Anti-Malware, click the “Remove Selected” button.
a. Your infections may be different from the ones shown in the example.
7. Malwarebytes Anti-Malware will quarantine all of the detected malicious files and registry entries.
a. If Malwarebytes Anti-Malware displays a message requesting a reboot in order to remove files, allow it to do so.
8. Once your computer restarts, open Malwarebytes Anti-Malware and perform another scan to confirm no threats remain.
Your system should now be free of malware. Next, we’ll learn to remove rootkits using HitmanPro, a second-opinion scanning tool.

How to Remove Rootkits and other malware with HitmanPro

HitmanPro is a second-opinion malware scanning tool. It is designed to find and eliminate malware, viruses, trojans, rootkits, and other malicious software that continues to infect your computer despite your existing security measures (antivirus programs, firewalls, etc.). HitmanPro works alongside existing security software without conflicts. It scans your computer quickly (often less than five minutes) and will not slow down your computer.
1. Download the current version of HitmanPro.
a. DOWNLOAD LINK (opens a new page) (http://www.surfright.nl/en/hitmanpro)
2. Double click “HitmanPro.exe” (32-bit Windows) or “HitmanPro_x64.exe” (64-bit Windows). Once the program opens, you will see the start window. Click the “Next” button to install HitmanPro on your computer.
3. HitmanPro will scan your computer for malicious files.
4. When the scan is complete, HitmanPro will show you a list of all the malware programs found on your computer. Click “Next” to remove malware.
5. Click “Activate Free License” to being the Free 30-Day Trial, and remove all malicious programs found on your computer.
Now that HitmanPro has completed its task, your computer should be free of malware, spyware, rootkits, and viruses. Now, we can remove adware and browser hijacker software using Zemana AntiMalware.

How to remove adware and browser hijackers with Zemana AntiMalware

Zemana AntiMalware is a useful program that eliminates malicious browser extensions and other unwanted, harmful programs from Windows. Let’s use it to remove browser hijacking software and adware from your computer system.
1. Download the current version of Zemana AntiMalware.
a. DOWNLOAD LINK (opens a new page) (https://www.zemana.com/AntiMalware)
2. Double click the file “Zemana.AntiMalware.Setup.exe” to start installing Zemana AntiMalware on your computer. The installation window will appear and you will be prompted to continue. Click the “Next” button to begin installing Zemana AntiMalware on your computer.
3. When Zemana AntiMalware starts, click “Scan” to begin a scan of your system.
a. Zemana AntiMalware will scan your computer for any malicious files. This may take up to 10 minutes.
4. When the scan is complete, it will show you a list of all the harmful files found. Click “Next” to remove the dangerous files from your system.
5. Finally, Zemana AntiMalware will remove all found malicious files. You may be prompted to reboot your computer to remove all traces of the files.
You can rest easier knowing Zemana AntiMalware has removed threatening browser hijacking programs and adware. If you would like to take additional measures to eliminate adware from any browser, keep reading to learn about AdwCleaner.

How to remove adware from any browser with AdwCleaner

Make sure your computer is free of all adware from any browser using AdwCleaner. This program will scan your computer system and web browser for threatening and malicious files, browser extensions, registry entries, and adware that may have been installed on your computer without your knowledge.
1. Download the current version of AdwCleaner.
a. DOWNLOAD LINK (opens a new page) (https://toolslib.net/downloads/viewdownload/1-adwcleaner/)
2. Before starting AdwCleaner, close all open internet browser windows and programs. Then, double click the AdwCleaner icon.
a. If Windows prompts you to decide if you’d like to run AdwCleaner, allow it to run.
3. When AdwCleaner opens, click the “Scan” button to begin the scanning process.
a. AdwCleaner will begin to search for malicious files installed on your computer system.
4. Once the search is complete, click “Clean” to begin removing malicious files from your computer.
5. AdwCleaner will ask you to save open documents and files because the program needs to reboot your computer to complete its task. Please save all your open files, and then click “OK.”
That’s all it takes to remove malicious files from your computer using AdwCleaner. Next, we’ll make sure you don’t have any more issues with browser hijacking by resetting your web browser to its default settings. This only needs to be completed if you are still experiencing problems after completing the rest of the steps in this guide.

How to Reset your Internet Browser to Default Settings to Remove Redirects

How to Reset Mozilla Firefox to Default Settings

Having trouble with Mozilla Firefox? Resetting the browser to its default settings may help. A reset can fix many issues. Firefox will be restored to its factory state, while saving your bookmarks, passwords, web form autofill data, browsing history, and open tabs.
1. With Firefox open, click the Firefox Menu Button (ICON HERE), then click the Help Button (ICON HERE).
2. Choose Troubleshooting Information from the Help Menu.
a. If you cannot access the Help Menu, type about:support in your address bar to reach the Troubleshooting Information page.
3. In the top-right corner of the Troubleshooting Information page, click Refresh Firefox.
4. A second confirmation window should open. Click the Refresh Firefox button in that window to continue.
5. Firefox will close and restore itself to the default factory settings. When it is finished, a window will show the information that was imported. Click Finish.
An important note: Your old Firefox data will be saved on your desktop in a folder named Old Firefox Data. If you are still experiencing issues after the reset, you can restore old Firefox profile information by copying the files to your new Firefox profile. If you do not need this folder, it should be deleted. Now, Mozilla Firefox should be free of any remaining issues you were experiencing.

How to Reset Google Chrome to Default Settings

Google Chrome’s Cleanup Tool scans and removes software that causes conflicts with Google Chrome. This includes crashing, unusual starting pages and toolbars, unexpected ads you can’t remove, or other disruptions to your internet browsing.
1. Download the latest version of the Google Chrome Cleanup Tool.
a. DOWNLOAD LINK (Opens a new page) (https://www.google.com/chrome/cleanup-tool/)
2. When the download is complete, double click the chrome_cleanup_tool icon to start the program.
a. The Chrome Cleanup Tool scans Google Chrome for browser hijackers and adware programs. The scan usually takes less than a minute, and reports its findings in a confirmation window.
3. If any malicious programs are caught, you should click Remove Suspicious Programs and wait for the tool to complete its task. If nothing suspicious is detected, click Continue to move on.
4. Google Chrome will open a new tab, and prompt you to reset Chrome to its default settings. We suggest you perform this reset, as it often removes any browser hijacking software that is affecting your internet browser.
Your Google Chrome internet browser software should now be free of browser hijackers, adware, and other malicious files.

How to Reset Internet Explorer to Default Settings

It’s easy to reset Internet Explorer to its default settings. A reset can help remove malicious redirects, adware, and browser hijackers from your internet browser.
1. In Internet Explorer, look in the top right corner to find and click the Gear Icon (ICON HERE), then click Internet Options.
a. The Internet Options box should appear.
2. Click the Advanced tab of the Internet Options box.
3. Click the Reset button to bring up the Reset Internet Explorer Settings box.
4. Select the checkbox for Delete Personal Settings, then click Reset.
5. Once Internet Explorer has completed the reset, click the Close button in the confirmation box. Now, close your browser.
When you open Internet Explorer again, it will be restored to default factory settings. It should be free of browser hijackers, adware, or malicious redirects.

How to Reset Microsoft Edge to Default Settings

Resetting Microsoft Edge can help remove adware, browser hijackers, and malicious redirects from Microsoft Edge. Learn how with these directions from MalwareMedic:
1. Click the More Actions icon (ICON HERE) in the top right corner of your Microsoft Edge window. Then, click the Settings option.
2. Select the option Start Page found in the Open With section.
This will reset your Microsoft Edge browser to ensure no malicious redirects are disrupting your browser experience.

No More Browser Redirect Viruses!

If you’ve followed these steps closely, then your computer should be completely free of malware. If that is not the case, feel free to keep searching MalwareMedic for solutions to your computer issues. Thanks!

You Might Also Like

No Comments

Leave a Reply