Redirect Virus Windows 10

It's happened to you, or to somebody you know. An annoying and dangerous virus or bit of malware has wormed its way onto your computer, and it is wreaking havoc. When these type of malicious codes install themselves on your computer, they can rapidly take control of your PC and cause irreversible damage.

Remove Redirect Virus Windows 10

How to remove a browser redirect virus Why it is that your web browser redirects to an unwanted web page, and how to stop it doing so. Here's how to remove a web browser redirect virus.

Even if you have an up-to-date antivirus running on your computer, sometimes these threats are very hard to find and remove, often masquerading as part of the operating system. For this reason, Microsoft offers Windows Defender Offline, which is a version of its antivirus that you can run from a USB drive to help you remove malicious code that is infecting Windows 10.

In this Windows 10 guide, we'll walk you through the process of downloading and creating a bootable USB drive with the stand-alone version of Microsoft's free antivirus app, and we'll show you how to use it to clean up your computer from malicious and unwanted programs.

Making a bootable version of Windows Defender Offline

Before proceeding with this guide, you will need external media, preferably a USB flash drive with at least 1GB of capacity, but you can also use a CD/DVD, or you can create an ISO image. This process will wipe and reformat the drive, so make sure you back up any content on if you want to keep to another location.

Quick Tip: You will need to download the correct version of Windows Defender Offline for the computer you wish to scan. If you don't know which version of Windows 10 is running on your PC, you can easily check by using the Windows Key + I keyboard shortcut to open the Settings app, go to System > About, and you will find the version of Windows 10 under 'System type'.

  1. Download the Windows Defender Offline installer:
  2. Once the download completes, double-click the mssstool32.exe or mssstool64.exe depending on your version.
  3. The Windows Defender Offline Tool wizard will open, and then click Next to continue.

  4. After accepting the license agreement, select the type of bootable media you want to create. For this guide, we'll choose the On a USB flash drive that is not password protected option, and click Next.

  5. If you have more than one USB storage device connected to your computer, you'll be given a drop-down menu to select the drive you want to use. Pick the drive you want to use and click Next.

  6. Click Next to confirm that the wizard will reformat the USB flash drive.

  7. Now the necessary files will download, and the wizard will complete creating the Windows Defender Offline bootable media. Then simply click Finish to close the wizard.

Booting your Windows 10 PC using Windows Defender Offline

Before you can use the USB flash drive to perform a scan, you have to make sure your computer is configured to boot from removable media. Typically, this requires hitting the one of the keyboard's function keys (F1, F2, F3, F10, or F12), ESC, or the Delete key during boot to access the BIOS and change the boot order.

If you have a computer using a UEFI BIOS, the steps are a little different. In this case, in Windows 10, you'll need to go to Settings > Update & recovery > Recovery under Advanced startup, click Restart now. Then in the boot menu, click Troubleshoot > Advanced Options > UEFI Firmware Settings > Restart. Your computer will then boot into its BIOS, where you can then change the boot order.

Google Redirect Virus Windows 10

Note that instructions will vary depending on your computer manufacturer. Always check your PC manufacturer's support website for details.

Finally, connect the USB flash drive on the infected computer and restart. Then Windows Defender Offline will start automatically performing a full scan of any virus, rootkit, or a piece of bad software that can be recognized using the latest definition update, just like it would happen when you're running Windows.

Once the scan completes, close the program, remove the USB flash drive, and your computer will automatically reboot.

While you can create Windows Defender Offline media at any time, it's recommended that you do this at the time you need to clean an infected computer, this way you will have the latest definition update.

It's important to note that Windows Defender Offline not only works with Windows 10, but you can also use this version of the antivirus on the previous version of the operating system.

Futher reading

For more tips and tricks on Windows 10, and get the latest news, you can visit the following resources:

Free

We may earn a commission for purchases using our links. Learn more.

You ran a search in Google, but somehow, for some reason, you didn’t get the result you wanted after clicking a link.

Again, and again, and again.

This is the frustration of browser redirect viruses, insipid malware designed not only to annoy you, but also to fleece you.

These days you would have to be pretty lax with PC security to end up with one, but these viruses persist in the wild. Let’s take a look at how you might end infected with, and what you need to do to remove, a browser redirect virus.

How The Browser Redirect Virus Works

You’ll know if you have the browser virus. For a start: it will annoy your socks off. Once you’ve got over the regular inconvenience of the pages you want loading, you’ll probably find that upon closer examination, there is something familiar on the page that keeps loading, such as a Google search box.

The URL might be something like:

  • icityfind.com
  • scour.com
  • fastsfind.com
  • amusede.in
  • 1freefiledownload.com
  • find-quick-results.com
  • bidvertiser.com

Rootkits, bootkits and even malicious browser extensions can be held responsible for these viruses infecting your system, and their sole aim to make money and gather information about you.

How do they make money? Through your searches. Rather than, say, a standard Google search resulting in a couple of sponsored results that you select, the browser redirect virus has monetised every search result and link. Furthermore, data about you is being gathered, and recorded for use later on. This might be anything from your website favourites to personal information that can be used in identity theft.

Basically, if you have a browser redirect virus, don’t share any personal information with any browsers on your computer until it is removed.

The Rewritten Hosts File

Windows users should know about the Hosts file, a text file stored on the C: drive where a list of blocked website URLs can be stored. As well as blocking URLs with the Hosts file, you can also add lines that specify what websites should appear when a particular IP address is visited.

All you would need to do is find the Hosts file (WindowsSystem32Driversetc) and open it with Notepad (right-click, then Open with…). Scroll down to the blank space, add a URL or IP address and save the Hosts file; the address is now blocked.

You can also use the same principle to create shortcuts to certain websites to save time typing. The browser redirect virus uses it too, rewriting or replacing the original hosts file with its own data. Chris Hoffman’s guide to the Windows Hosts fileWhat Is the Windows Host File? And 6 Surprising Ways to Use ItWhat Is the Windows Host File? And 6 Surprising Ways to Use ItThe Windows Hosts file allows you to define which domain names (websites) are linked to which IP addresses. It takes precedence over your DNS servers, so your DNS servers may say facebook.com is linked to...Read More explains how this works in far more detail.

Removing a Browser Redirect Virus? Switch to Safe Mode First

The process of removal for a browser redirect virus is generally the same across all versions of Windows from XP to Windows 8. To start with, it is necessary to reboot the computer into Safe Mode.

For Windows XP to Windows 7, this is done by rebooting the computer and repeatedly tapping F8 as soon as the boot disk summary screen appears. If the Windows loading screen appears, you’re too late, and will have to repeat the process. Note that if you use a wireless keyboard, you’ll have little success here, so switch to a USB keyboard.

When the Advanced Boot Options screen appears, use the arrows on your keyboard to select the second option, Safe Mode with Networking, and tap Enter.

Windows 8 users can switch to Safe Mode by opening Settings and Power. Hold the Shift key before you do anything else, then select Restart, keeping your finger on Shift. When the restart menu appears click Troubleshoot then Advanced options, and from here choose Startup Settings, then Restart. Finally, press 5 on your keyboard to Enable Safe Mode with Networking, prompting Windows to start in Safe Mode, but with an internet connection.

Check Your Proxy Settings

Next, check your system’s proxy settings. Browser redirect viruses can use a remote server that isn’t the one you normally connect to the Internet through. By disabling this, you can make a big step towards removing the virus.

In the Control Panel, open Internet Options. In Windows 8, you can type “internet options” to quickly launch this screen. Click the Connections tab and look for LAN Settings. You’ll probably find that the Proxy Server option is checked, with or without an address. Clear the check box and click Automatically detect settings instead, then click OK to confirm and exit.

Manage Your Browsers

At this stage it will be unclear as to where the browser redirect virus originates, and this will be the case until you check the reports from the removal tools. So, it is advisable to remove add-ons and extensions and toolbars from your browsers, and reset your home page.

Once this is done, download and install a copy of CCleaner (although beware the frustrating attempt to install bloatware likeBegin The Fight Back Against Toolbar Installer Bloatware! [Opinion]Begin The Fight Back Against Toolbar Installer Bloatware! [Opinion]Recently I had cause to install some free video conversion software and was amazed to find so many attempts to fool me into installing additional software, not to mention attempts to upsell at the end...Read More Google Toolbar) and use this to scan your computer for junk data in the temporary internet files. Select the Cleaner tab, then check all options under Windows for Internet Explorer and repeat this in the Applications view for any other browsers you have installed. Click Run Cleaner, and wait while this completes.

With everything cleaned up (see our guide for using CCleanerOptimize Your System To Run At Its Best With CCleanerOptimize Your System To Run At Its Best With CCleanerOver the last two years, CCleaner has changed quite a bit in terms of version numbers...up now to version 3.10 at the time of this writing. While visually the program actually hasn't changed much (it's...Read More to give you more idea of the options you need to select here) and then proceed to the next section.

3 Top Tools for Removing the Browser Redirect Virus

Several tools are currently available that can be used against a browser redirect virus. Some experts suggest running all of these, sometimes in order, whereas others recommend just running a couple.

The optimum path would be to download and run Kaspersky’s rootkit remover, TDSSKiller, followed by the reliable Malwarebytes . For extra checks, use HitmanPro.

Kaspersky TDSSKiller

This utility doesn’t require installing, so simply double-click the tdsskiller.exe file then click on the Change Parameters button. In the resulting screen, enable Detect TDLFS file system, and click OK to proceed; next, click Start Scan. Upon completion, if threats are found a summary page will be displayed, along with some recommended actions. Click Continue to accept these actions and allow TDSSKiller to deal with the viruses. Complete removal will necessitate a reboot, so keep this in mind as you will need to boot back into Safe Mode with Networking (as above) before proceeding.

MalwareBytes’ Anti-Malware Free

This will run automatically once installed, and a message will be displayed advising you to update. Click Fix Now to run the first scan. When this is complete (the software may ask you to click the Update button first) you should be shown a screen listing the threats that have been found. Click Quarantine All, then Apply Actions.

HitmanPro

Following installation (a one-time run option, without istallation, is also available), HitmanPro will scan your computer for stubborn rootkits, malware and any related files. Files will be displayed as they are discovered, and when the scan is complete click Next to remove them. You’ll need to click Activate free license to get the free 30 day trial for HitmanPro, unless you plan to purchase.

With these scans complete, finish off by running your usual virus scanning software, which might be a free anti-virus/anti-malware utility such as Avira, AVG or Kaspersky, or a premium suite such as BitDefender Internet SecurityBitdefender Internet Security 2015: The Ideal Choice For Home PCs [Giveaway]Bitdefender Internet Security 2015: The Ideal Choice For Home PCs [Giveaway]Offering anti-virus, privacy protection, safe banking, firewall and parental control for just $79.95, Bitdefender Internet Security 2015 would seem to be the optimum choice for anyone looking to give their home computer security a boost.Read More.

Finally, Reset Your Browser

With your scans completed, and the removal tools’ work done, there is one final step. To remove the last vestiges of the threat, you will need to reset your browser. Depending upon which browser you’re using, this will differ.

  • Internet Explorer: click the Settings button, then Internet Options > Advanced, where you’ll find the Reset button. Ensure you select Delete personal settings before clicking Reset, then click Close when the process has completed and restart your browser.
  • Mozilla Firefox: open Menu > Help > Troubleshooting Information, where you’ll find the Reset Firefox… button. Click this and confirm to reset the browser.
  • Google Chrome: in the hamburger menu, choose Settings or enter the chrome://settings URL in the address bar. From here, click Show advanced settings… and scroll down to the Reset settings button. Click this, then confirm in the following box to reset the browser.

Now you’re done, it’s time to play safer online. Browser redirect viruses can be traced back to a relaxed attitude to security, so make sure you follow our guide on how to never get a virus10 Easy Ways to Never Get a Virus10 Easy Ways to Never Get a VirusWith a little basic training, you can completely avoid the problem of viruses and malware on your computers and mobile devices. Now you can calm down and enjoy the internet!Read More, keep your browsers up to date and, most importantly, regularly check for operating system security updates to iron out loopholes and vulnerabilitiesFive Tips For Managing Your Security In Windows 8.1Five Tips For Managing Your Security In Windows 8.1Read More.

Your browser redirect virus should now be removed, and you should now be able to continue with your life without the inconvenience malware presents. Let me know in the comments below if you have any questions.

Featured Image Credit: URL Phishing via Shutterstock

Explore more about: Google Chrome, Internet Explorer, Mozilla Firefox, Online Privacy, Online Security.

  1. Really wished to stress I am pleased that i stumbled onto your webpage ,
    cost of dental implants in bangalore !

  2. It's crazy and mad malware, So You write so good but can't help me. It's difficult for removes. First I install unknown program and I cancel but the malware install automatically. My antivirus as a disable and can't open because error. and second that open many browser url pages. I so comfortable for this action. I try for install same antivirus but the services not running as disable. But I resolve my PC and come back fine.

  3. Thanks ever ever so much for this. You have totally sorted out this redirection virus on Google. I rarely leave comments on places, but you who ever you may be 100 percent deserve credit here.
    Thanks and have a great 2017.
    Scoop.

  4. Hey guys !

    I hv having this same issue since last one week, i tried doing each n everything thats available on the internet, but MalwareBytes’ Anti-Malware Free seems to have worked like a magic! Truely love this free software. Makers of d software, u guys rock !!!

    Thanks.

  5. I have a situation I'm not sure if this is what it is. For instance, I click on something in my email, and it usually opens that link in a new tab. But when I click on something in THAT tab, instead of going where I directed it, a new tab opens up that is obviously wrong. I did a scan with Kaspersky TDSSKILLER, but they found nothing. I have new laptop using Windows 10. Any help or ideas? I have this problem mostly in Chrome. Anne

    • i tried this...
      WindowsSystem32Driversetc
      then i opened 'hosts' in notepad then i added there address which often redirect my page and it help... now am free

      'All you would need to do is find the Hosts file (WindowsSystem32Driversetc) and open it with Notepad (right-click, then Open with…). Scroll down to the blank space, add a URL or IP address and save the Hosts file; the address is now blocked.

      You can also use the same principle to create shortcuts to certain websites to save time typing. The browser redirect virus uses it too, rewriting or replacing the original hosts file with its own data'

      • Thank you so much for your help. This was posted almost a year ago, and I no longer have the problem, so I must have done something to fix it. Anne

  6. h
    i for mobrevflwms redirect virus dosent work

  7. IDIOOT!

  8. How to proceed in an android phone?

  9. I use all these listed, usually I try to get clients to buy Malwarebytes, I buy them for family as stocking stuffers, it keeps the family free cleaning down before it happens. I also added JRT (Google search junk removal tool) to my USB rescue drive, along with Allister suggestion of Adwcleaner, very nice program. It never hurts to scan with other programs to verify that a PC is clean, they can get infected easily with deceptive notices that you need to update and toolbars.

  10. Adwcleaner also works well.

  11. Those sketchy re-directed search engines can also be removed manually by going into the settings of your browser and deleting them.

    • repariere sound for free