Google Redirect virus – how to get rid of website & search redirect virus manually

Keep Getting redirected to other websites when searching Google?
We Help you how to remove the Google Redirect virus in easy step by step instructions, a manual guide. Google redirect Virus is a virus being discussed too much over Internet for more then 3 years because this malicious virus has infected hundreds of thousands computers around the world. Google redirect virus is actually a browser hijacking tool which leads your search queries to spam websites containing advertisements. Although this virus may redirect your other website links to unwanted webpages and it can do more annoying things with your computer, however it is called GoogleRedirect Virus because it mostly attacks on google search links. This Google Redirect virus thing is mostly caused by an infection of a Trojan known as Tdssserv or Tdsserv-.sys and Trojan Alureon.

Czytaj po polsku – Read in Polish language

How did you get this nasty virus:
You might be wondering how come this google redirect virus thing got into your computer. The answer is; this virus may come to your computer through Peer-to-peer sharing, through an infected USB pen drive, downloading untrusted email attachments or even from a bad website that uses trojans to inject the viruses into a computer with security vulnerabilities.

What dose it do with your computer:
The google redirect virus may bother you in several ways, like;
It can reduce your system performance speed so you,ll experience a slow computer performance.
It displays annoying and unwanted popup advertisements on infected PCs.
It display scary warnings and alerts in Taskbar.
It redirects your web browser address and google search results to wrong websites.
It causes system crashes.
It uses rogue tactics to trick you into buying full versions of some non-working and useless softwares.
You may see some fake alerts on your screen like “Spyware Alert! Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of Google Redirect Virus and remove spyware threats from your PC.”
See the example of google redirect virus` fake task bar alert:
fake google redirect virus alert taskbar Google Redirect virus   how to get rid of website & search redirect virus manually

Now take a look at the google redirect virus` browser hijacking and redirection:
google redirect virus browser hijacker tdssserv Google Redirect virus   how to get rid of website & search redirect virus manually

In the image above, Look at the address bar of internet explorer, you want to go to a google search result page. (no matter you are using another browser like opera or mozile firefox etc, google search redirecting virus can hijack and redirect them too). Now look at the status bar pointed by the gree arrow, the browser is loading another page from instead of the results page. This is because the computer is infected with a google redirect virus which is redirecting the google search query to another unwanted website link. So now you,ll be redirected to an unwanted page.

Ok, now lets talk about how to get rid of this google redirect virus.
I,ll show you manual and automatic removal both methods. At first, try this manual tip.

Disabling the virus hook:
Google redirect virus will mostly install itself on an infected computer as a system service, so to remove this virus, you should disable its service first and make sure to stop it from running. Now see how to block its service from running.

Right click on your MY COMPUTER icon and get its PROPERTIES, click on HARDWARE tab and then open DEVICE MANAGER, OR
go to Start Menu > Control Panel > System > Hardware > Device Manager.
how to check system properties open device manager Google Redirect virus   how to get rid of website & search redirect virus manually

Now the device manager opens, click at the VIEW and select SHOWN HIDDEN DEVICES then go to Non-Plug and Play Drivers, expand the list by clicking at the “+” mark and if you see there TDSSERV.SYS or Alureon.SYS, right click at it and select DISABLE. Make sure not to click Uninstall because it will reactivate itself when you reboot your PC.
how to disable tdssserv alureon tdsserb.sys process google redirect virus Google Redirect virus   how to get rid of website & search redirect virus manually

Check and Reset windows Hosts file:
Theres a file name “hosts” in windows which contains directions for browser. Google redirect virus may write malicious links to this websites that cause redirection. You should check weather your Hosts file is infected or not. It is a simple text document file that you have to “Open With” the “notepad”. To check this file, go to C:/ > Windows > System32 > Drivers > ETC
in the ETC folder, you,ll find the HOSTS file, open it with the notepad. The default HOSTS file should look like the one below:
edit windows hosts file block unblock websites browser commands Google Redirect virus   how to get rid of website & search redirect virus manually

If your hosts file appears to have more ip addresses and websites, it might be infected by Google Redirect Virus. You should not remove all the ips and web addresses except localhost which is the default value set by windows. Now SAVE this file.

Now find and delete the Google Redirect Virus components:
Log into your computer as administrator, go to My computer > C:/ > Windows > System32 > Drivers
in the drivers folder, look for the following files and delete them if found.

Also go to the Temporary Internet Files folder, find and delete the following files:
Note: Temporary Internet Files folder can be found in windows xp at this location “”C:\Documents and Settings\USER_NAME\Local Settings\Temp” and in the windows-7 at this location “C:\Users\USER_NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files”


Now scan your computer with Malware Bytes anti-malware

Malware Bytes Anti-Malware (Download)



  1. wilson says:

    Could not find TDSSserv folders in drivers folder
    _jerken.exe or install in Temp files.

    Are there other names I need to delete

  2. kenya says:

    My list didnt show TDSSERV.SYS or Alureon.SYS

  3. dif says:

    No TDSSERV or Aleuron either like kenya. Please help. Notepad file is normal like you show, but I am getting redirected to click.get answers fast all the time! Please help!

  4. Qasim Dar says:

    @ dif, run Malware Bytes or Super anti spyware on your PC. these tools would remove the malware, or at least they will show the infected files that you should delete.