Since google is the most visited website, and most users have it set as their startup page, it's the most targeted by hackers who tend to create more and more redirects, that make the users have their nasty pages as the startup page instead of google's.
But google is not the only one. Sometimes Microsoft websites, Antivirus or anti-malware scanners' websites are redirected or just blocked.
This procedure is usually intended to prevent the user from going to websites that could help him to disinfect his machine.How does the redirect work?
There are several ways to make a domain redirect. The most used is the hosts file. One single line added to this file can make several domains redirect to a specific IP address.
But redirects can also be done through other means, like the DNS or the group policies.Does UVK show the redirects?
Yes, in the Startup entries and services
section and in the log created with the Scan & create log
feature, but only the ones in the hosts file.
But UVK provides fixes that disable the redirects through the DNS and the group policies: Clear Hosts and DNS cache
and Reset group policies
, in the UVK fixes
section. The fixes Reset IP, winsock and proxy
and Reset IE and internet settings
are also recommended in a redirect situation.
The picture below shows a google redirect in the Startup entries and services
Note that I've chosen an unsigned Ip, to avoid mess up. In a case like this one, it would be too easy, all you had to do is click Delete entry
, and the line in the hosts file that contains the redirect would be deleted, which would slove the problem.
Note that if there are no redirecting/blocking lines in the hosts file, the header <BlockedHosts>
will not be shown.
Also note that if you have more than 100 redirects in the hosts file, UVK will only show the first 100 ones, and display a message box (only once) warning you about the number of redirects and asking if you want to reset the hosts file to the defaults. If you answer No
, the message box won’t be displayed again.Remove the redirect using the Automatic anti-malware scans section
This can also be easily done trough the section Automatic antimalware scans
Select the scans you want to perform, ensure that Automatically delete threats found
is checked, click Repair script options
, and check the boxes corresponding to the fixes above.
Also check Reboot computer after all done
Click Start scan(s)
and try not to do anything on the machine while the tool works. Usually no user interaction will be needed.
Hopefuly, after all the work is done, the google redirect should be gone along with other possible infections.Remove the redirection using the Run UVK fixes section
Another even easier way is to paste the following code to the text box in the Run UVK
scripts section: <ResetHostsAndDns>
Ensure that ALL
your internet browsers are closed.
Then just click Run / Fix listed
, confirm and let UVK do all the work for you.
Those of you who are techs or forum helpers may find useful to create a UVK script with the code above.
Just remember a UVK script's first line must always be <UVKCommandsScript>
or UVK won't run it!Some more tips:
To view the contents of the hosts file paste the code of the line below in the run bar of the UVK fixes section and hit Enter
To view the DNS settings use this one:cmd /k ipconfig /displaydns
What is the hardest thing to develop? A good application? A good website? Nope. A good reputation.