Antivirus, Browsers, Download Managers, Developer Tools, Graphics, Firewall, Multimedia, Networking, OS, System Tweaks, Utilities

When you’re looking for something in Google and clicking on the results, if they take you to other page that has nothing to do with what you’re looking for, you probably have the Google Redirect Virus. This is a browser hijacking virus that manages to infect browsers like Internet Explorer and Firefox and then redirects users to different malicious websites, advertisement and pop-ups, concealing Google results.

What are the symptoms to consider when looking for implementing a Google redirect virus solution?

• A change of desktop background
• Change to browser homepage
• Browsers like IE and Firefox is slowing down significantly
• The corruption of log files which leads to the dreaded “Blue Screen of Death”

This virus may also cause to the following errors:

• Internet Explorer cannot open the web page
• filename.exe is not a valid win32 application
• If you download setup files of different programs, it will tell you that these files are corrupted and you need to download a fresh copy of these files

So, to protect your privacy and confidential information, it is very important that you remove Google Redirect Virus as soon as possible. You need to follow these steps:

• Start > Run > Devmgmt.msc > OK/Enter
• In Device Manager, Click on View and then “Show Hidden Devices”.

• Scroll down and try to find “TDSSserv.sys” in Non-plug and Play Drivers.

• Right click and disable it. Don’t uninstall otherwise the infection will reappear after you restart the computer.
• Restart your computer.

Now scan your entire computer after updating your Antivirus and Google Redirect Virus will cease to exist on your machine. Please note that you also need to use a good registry cleaner such as CCleaner to remove obsolete registry entries.

You can also use following free standalone removal tools to get rid of this virus:

• Win32/Olmarik Removal tool by ESET
• TDSSKiller by Kaspersky Labs.
• Windows Malicious Software Removal Tool by Microsoft
• BlackLight by F-Secure
• Stinger by McAfee
• CureIt! by Dr.Web.

Technical Details:

• Common Names: gogoogle, goyahoo
• O20 – AppInit_DLLs: karna.dat is apparent in HJT log
• Detected in various scanning programs:
  • C:\WINDOWS\system32\wini10894.exe
  • C:\WINDOWS\brastk.exe
  • C:\WINDOWS\system32\brastk.exe
  • C:\WINDOWS\karna.dat
  • C:\WINDOWS\system32\karna.dat
  • TDSSserv.sys
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | brastk
• All software updates redirected to 127.0.0.1 (your own computer) so they won’t update.