- Check Local Area Network (LAN) settings
- Make sure that DNS settings are not changed
- Check Windows HOSTS file
- Manage Internet Explorer add-ons. Remove unknown or suspicious add-ons
- Use TDSSKiller tool to remove malware belonging to the family Rootkit.Win32.TDSS
- Scan your computer with legitimate anti-malware software (ComboFix)
- Use CCleaner to remove unnecessary system/temp files and browser cache
- Reset your Router back to the factory default settings
1. Check Local Area Network (LAN) settings
a) Open Internet Explorer. In Internet Explorer go to: Tools->Internet Options.
b) Click on “Connections” tab, then click “LAN settings” button.
c) Uncheck the checkbox under “Proxy server” option and click OK.
2. Make sure that DNS settings are not changed
a) Open Control Panel (Start->Control Panel).
b) Double-click “Network Connections” icon to open it.
c) Right click on “Local Area Connection” icon and select “Properties”.
d) Select “Internet Protocol (TCP/IP)” and click “Properties” button.
e) Choose “Obtain DNS server address automatically” and click OK.
3. Check Windows HOSTS file
a) Go to: C:\WINDOWS\system32\drivers\etc.
b) Double-click “hosts” file to open it. Choose to open with Notepad.
c) The “hosts” file should look the same as in the image below. There should be only one line: 127.0.0.1 localhost in Windows XP and 127.0.0.1 localhost ::1 in Windows Vista. If there are more, then remove them and save changes. Read more about Windows Hosts file here: http://support.microsoft.com/kb/972034
4. Manage Internet Explorer add-ons. Remove unknown or suspicious add-ons
a) Open Internet Explorer. In Internet Explorer go to: Tools->Manage Add-ons.
b) Uninstall unknown or suspicious Toolbars or Search Providers.
5. Scan your computer with legitimate anti-malware software.
Download at least one anti-malware software from the list below and scan your computer. Don’t forget to update it before scanning.
Download recommended anti-malware software and run a full system scan to remove this virus from your computer.
It's possible that an infection is blocking anti-malware software from properly installing. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe. Don't forget to update the installed program before scanning.
Alternate malware removal tools can be used in case recommended anti-malware software has missed a threat:
a) Download the file TDSSKiller.exe
b) Execute the file TDSSKiller.exe.
c) Wait for the scan and disinfection process to be over.
More detailed TDSSKiller tutorial: http://support.kaspersky.com/viruses/solutions?qid=208280684
7. Use CCleaner to remove unnecessary system/temp files and browser cache
CCleaner is a freeware system optimization. It’s not a malware removal tool. However, it’s always a good idea to get rid of unnecessary internet/system files or corrupter Windows registry values that may cause various problems to your computer. Downlaod CCleaner.
8. Reset your Router back to the factory default settings
This step is optional and should be completed only if you have followed all the above recommendations and you still have the redirect virus on your computer. First of all, please follow this guide: How to Reset a Router Back to the Factory Default Settings. Then you should flush DNS cache:
1. Go to Start->Run (or WinKey+R) and type in "cmd" without quotes.
2. In a new window please type "ipconfig /flushdns" without quotes and hit Enter. And that's it!
These recommendations shouldn’t be too complicated. I hope this article was helpful. If you have any questions don’t hesitate and ask. Comments are always welcome.
Share this information with other people: