Some of the information on this page is from personal experience and much was found on the Internet. Thank you to whoever posted the info I copied, including Juicer54 from the Google Sites help forum.
See Google's Article here.
If you think your computer is infected with malware try running malwarebytes.
- Download Malwarebytes' Anti-Malware from the link below. Get the free version. Make sure you get mbam-setup.exe, not one of the other advertised programs.
- Double Click mbam-setup.exe to install the application. If your computer is infected the install may be blocked and you will have to boot into safe mode in order to install it.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Another anti-malware program you can use is SUPERAntiSpyware Portable Scanner. Download it and put it on a flash drive and run it from there whenever you think you have malware on your system. Get it from the download page here.
Then follow these steps (from a posting on the Google Sites Help Forum):
Steps to remove the Google redirect virus, search redirect virus problem
1. run MBAM, Hitman Pro to remove all viruses (so that could the virus may not corrupt the DNS/routers again). Restart computer
2. remove DNS resolver cache (use ipconfig /flushdns )
3. Hardware Reset your home router (preferably change password to something other than the default). This is an easy step -
- remove power for 20seconds
- Turn on power
- remove "Internet" input LAN connection
- Use a pin or ballpen to hardware reset your Router.
- Turn power on and off.
Sometimes malware will return because it has infected system restore or is contained in temp files, browser cache or DNS cache. I often use CCleaner to clean up temp files. Read on for cleaning System Restore points, resetting your router and flushing the dns cache.
Removing malware from System Restore points
To remove the malware, you must first disable System Restore, then scan the system with up-to-date antivirus software - allowing it to clean, delete, or quarantine any viruses found. After the system has been disinfected, you may then re-enable System Restore. The steps for disabling System Restore vary, depending on whether the default Start Menu or the Classic Start Menu is being used.
Default Start Menu
If using the default Start Menu, click Start | Control Panel | Performance and Maintenance | System. Select the System Restore tab and check "Turn off System Restore".
Classic Start Menu
If using the Classic Start Menu, click Start | Settings | Control Panel and double-click the System icon. Select the System Restore tab and check "Turn off System Restore".
After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps, this time removing the check from "Turn off System Restore".
More from About.com
If you are using a router you may also reset it
This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
You also need to reconfigure any security settings you had in place prior to the reset.
You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.
Also flush the dns cache (whether using a router or not) as follows:
Start > All Programs > Accessories > Command Prompt
Right-click on the command prompt and choose to 'Run As Administrator'
Now type the following bolded command and hit enter: ipconfig /flushdns
You should now see a confirmation dialog window:
Windows IP Configuration. Successfully flushed the DNS Resolver Cache
I found this note:
You can disable the XUL cache through Prefs -> Debug -> Networking -> Cacrhe -> Disable XUL cache
More information from the Help Forum:
On my system I ran every thing I could and it still came back. I found that the network card had rogue DNS servers. one was 126.96.36.199. Click to get your DNS from DHCP and do an ipconfig /release and ipconfig /renew and bingo. Problem solved.
Another tool you can use is the Windows Malicious Software Removal Tool. It is installed and run automatically on most Windows computers each month. You can run a scan with it whenever you want by entering "mrt" in a command prompt or Run command box or in Start Search in Vista. More information on the Microsoft page.
Suspicious results and strange behavior: Strange pop-ups and other malware...More info here. Sometimes you may find new unwanted toolbars have been added to your Web browser. Rather than having been infected with malware you may have had those toolbars foisted on you when you installed a new program. Read about this "foistware" here.
What if I have no internet access after malware is removed?
Check your Internet Explorer settings, even if IE is not your default browser. Tools, Internet options, Connections, LAN Settings. Make sure that nothing is checked, especially "Use a proxy...".
If this doesen't solve the problem do a Google search for the question and try the solutions you find, such as Winsock fixes.