ItsGeekToMe.co

The official home of It's Geek to Me on the web!

Issue #698: December 6-12, 2020

Q: When I try to search with Google it switches to Yahoo search. I’ve searched on line about this and it is caused by a virus that I downloaded. I tried to follow some instructions on getting rid of it but I can’t. Can you help please? Thank you.

– John S.
Niceville, Florida

A: When you click on a link, or enter a URL into your browser’s address bar, but wind up someplace else, that behavior is typically called a redirect or more specifically, a browser redirect.  In your case, the behavior is undesired, and even a little underhanded, but there are many legitimate uses for redirects.  One that I can think of right off the top of my head is the URL-shortening service TinyURL that I use here in the column to pass along website links to my readers.  Many links are far too long to be reproduced in print without breaking across multiple lines, usually with the automatic insertion of a hyphen at the break. It’s also very difficult to accurately type-in long URLs that have sequences of random letters and numbers in them.  The TinyURL service takes in a URL regardless of length, and provides a much shorter one in return.  The short links are intended to be easy to type, and do not require more than one line in a printed page.  When you enter a TinyURL link, or click on one on my website, your browser takes you to the TinyURL website, which looks-up the link, and then redirects your browser to the appropriate site.

Your own research and analysis of what’s happening on your computer seems to be spot-on, John.  It is very likely being caused by something akin to a virus, although more technically, it’s what’s called a potentially unwanted program, or PUP.  A virus is a type of malware that propagates itself from system to system.  While what you have is indeed malware, it probably isn’t going to replicate itself like a virus.  You likely picked it up in a type of malware attack called a drive-by download which occurred when you accessed a carrier site online.  Either that, or it was embedded in a software distribution package, and it came along for the ride when you installed it.  As you can see, there are many so-called attack vectors through which you can get malware.  That’s why it’s so important to educate yourself and know what you should and shouldn’t do online.

But, your question was on removal of this unwelcome redirector.  Well, this is a rather complex removal, as you probably saw when you tried to research it on your own.  I doubt I could do justice to the process in the limited space I have during a weekly column.  But, I do want to help you, so I did some scouting around to try to find a site that provides steps that are easy to follow, and has a lot of screenshots to help guide you along.  I found a very comprehensive one at TinyURL.com/IGTM-0698.  Now, I crafted this redirect for John, so that it skirts the part on cleaning it off of a Mac, and automatically scrolls your browser down to the portion of the page that deals with Windows.  But, if you’re a Mac user, or if you just want to learn more, feel free to scroll up and do some reading.  When you’re ready to proceed, follow all of the steps carefully.  They will take you through everything, including booting your computer into Safe Mode, removing the PUP from the list of programs that run at startup, removing the malware itself, and removing the registry entries it made.  It then has you install a malware scanner to clean out all of the remnants of this now well-squashed bug.  Read carefully, and don’t skip anything.  If you do, you may discover that you removed the problem only to find that it re-installs itself upon your next reboot.

 As always, “Good Luck, and Happy Computing!”


Leave a Reply

November 2024
S M T W T F S
 12
3456789
10111213141516
17181920212223
24252627282930

Search the site

Archives

Copyright Notice

All content on this site is Copyright © 2007-2024 by Jeff Werner – All rights reserved.