How to Fix a Google Redirecting Virus
A Google redirect virus is installed through a Trojan horse and executed once a web browser is opened. The virus affects Google search results by showing advertisements or affiliate links instead of real search links. The redirect virus can also affect web browsing as advertisements pop up or pages suddenly redirect to a spam or ad website. Several steps are necessary to remove this type of virus and create a working virus fix. Updating the computer's antivirus and anti-spyware is the best way to protect yourself from future infestations.
Click on "Start," "Computer," "Local Disk" (or "C:"), "Windows," and "System32." Find regedit.exe in this folder and right click on it. Rename to a made up name (one that you can remember). Disable regedit.exe, which will disable Google Redirect Virus from executing.
Download and install Anti-Malware by Malwarebytes (see link in References below). Run the Anti-Malware complete scan and select to search all drivers, folders and files. Complete the scan and remove any Trojan horses found.
Go back to the "System32" folder and rename the file "regedit.exe."
Click on "Start." Select "Run" and type in "regedit" or type "regedit" in the "Start Search" box. A new window will open called "Registry Editor."
Click on the arrow to expand "HKEY_LOCAL_MACHINE". Click on "Software," "Microsoft," "Windows," "CurrentVersion," "Run." Look for an entry in the right-hand window called "RegSvr32=%System%msmsgs.exe". Right-click and delete the file. Restart the computer.
Tips & Warnings
- Run a complete antivirus and anti-spyware scan after the registry key has been removed. Run separate programs for antivirus and anti-spyware. Some viruses are written to bypass antivirus program checks but are recognized and deleted by anti-spyware programs.
- Delete registry keys only if there is a match. Do not remove any registry keys that do not say "RegSvr32=%System%msmsgs.exe" specifically.