If you are being redirected to an unwanted website or another search engine, your browser is not only hijacked by a Trojan, but the
computer is also infected with a TDL3 rootkit as well. This threat is also known as the TDSS or Alureon rootkit. Many anti-malware vendors have failed to detect and prevent the infection in the past months, but to date, the latest variant of TDL3 rootkit is possible to remove using several tools and malware removal programs.
The first method to use is to run a scan using an anti-malware removal program that is fast in detecting the TDL3 rootkit. By fast detection, I mean that the security vendors that are able to release a detection and removal in no time. Using anti-malware programs to scan and remove is important, enabling you to find other malware that has resided in your computer as well as the TDL3 rootkit.
- A-squared Free or A-squared Anti-Malware – both versions provide a scanner and remover of Google redirect virus (AKA TDL3 rootkit). A-squared flags the said infection as Rootkit.Win32.TDSS!IK. Note the IK in the threat name which means, the Ikarus detection. Ikarus is another antivirus engine that is integrated in A-squared programs.
- Malwarebytes Anti-malware Free (AKA MBAM) and its paid edition – another anti-malware vendor that is fast in adding detection to latest threats. Free and paid editions of MBAM offer a scan and removal of Google redirect virus.
- SUPERAntiSpyware Free and SUPERAntiSpyware Pro – like A-squared and MBAM, both programs of SUPERAntiSpyware provides a scan and removal options. SUPERAntiSpyware will detect and remove the said Google redirect virus infection as well.
If, for some reason the removal is not successful, this can happen if the infection is a new variant of TDSS rootkit. You should start using standalone removal tool. Choose any of the free tools below to remove the Google redirect virus:
- Win32/Olmarik Removal tool by ESET
- TDSSKiller by Kaspersky Labs.
- Windows Malicious Software Removal Tool by Microsoft
- BlackLight by F-Secure
- Stinger by McAfee
- CureIt! by Dr.Web. The alternative download location is in CNET.com. You need to update the detection to get the latest detection updates.
Note that there are other removal tools for the Google Redirect virus infection such as ComboFix, which is easy to use, but you are better off using it only if you can follow a self-help guide. If not, just use one of the above-mentioned scanners or standalone removal tools or visit the malware removal forum over at Aumha.org or BleepingComputer.com. There are resident malware analysts in these forums to help you remove the Google redirect virus.