On the Internet, especially recently, a virus has become very popular, which blocks the search engines Yandex and Google, replaces the pages of social networks with its own. When trying to access these sites, the user sees an unusual picture for himself: he is informed that he cannot enter, he needs to send an SMS to recover the password (and the like). Not only is the money being debited from the mobile phone account after the SMS is sent, but also the computer's work is not restored and the user will not get access to the sites …
In this article, I would like to analyze in detail the question of how to remove such a blocking social. networks and search engines virus. So, let's begin…
STEP 1: Restoring the hosts file
How does a virus block certain websites? Everything is very simple: most often the system file Windows is used – hosts. It is used to associate the domain name of the site (its address, like https://pcpro100.info) with the ip address at which this site can be opened.
The hosts file is a plain text file (although it has no extension + hidden attributes). First you need to restore it, we will consider several ways.
1) Through Total Commander
Total commander (link to the office. Site) – a convenient replacement for the explorer in Windows, allows you to quickly work with multiple folders and files. You can also quickly view archives, extract files from them, etc. We are interested in it, thanks to the 'show hidden files and folders' checkbox.
In general, we do the following:
– run the program;
– click on the icon showing hidden files;
– then go to the address: C: \ WINDOWS \ system32 \ drivers \ etc (valid for OS Windows 7, 8);
– select the hosts file and press the F4 button (in the total commander, by default, this is file editing).
In the hosts file, you need to delete all lines related to search engines and social networks. Anyway, you can delete all lines from it. The normal view of the file is shown in the figure below.
By the way, please note that some viruses write their codes at the very end (at the very bottom of the file) and you won't notice these lines without scrolling. So notice if there are a lot of blank lines in your file …
2) Via antivirus utility AVZ
AVZ (link to the official site: http://z-oleg.com/secur/avz/download.php) is an excellent antivirus program that can clean your computer from viruses, ad modules, etc. What are the main advantages (within of this article): no need to install, you can quickly restore the hosts file.
1. After starting AVZ, you need to click the file / system restore menu (see screenshot below).
2. Then put a tick in front of 'clear the hosts file' and perform the marked operations.
This will quickly restore the hosts file.
STEP 2: Reinstall Browser
The second thing I recommend to do after clearing the hosts file is to completely remove the infected browser from the OS (unless we are talking about Internet Explorer). The point is, is it not always easy to understand and remove the required browser plug-in that has infected the virus? so it's easier to reinstall the browser.
1. Complete browser removal
1) First, copy all bookmarks from the browser (or synchronize them so that later they can be easily restored).
2) Next, go to Control Panel \ Programs \ Programs and Features and remove the required browser.
3) Then you need to check the following folders:
- Program Files (x86)
- Program Files
- Users \ Alex \ AppData \ Roaming \
- Users \ Alex \ AppData \ Local
In them, you need to delete all the folders of the same name with the name of our browser (Opera, Firefox, Mozilla Firefox). By the way, it is convenient to do this using the same Total Commader.
2. Browser installation
To select a browser, I recommend looking at the following article: https://pcpro100.info/luchshie-brauzeryi-2016/
By the way, it is still recommended to install a clean browser after a full anti-virus scan of your computer. More about this below in the article.
STEP 3: Anti-virus scan of the computer, check for mailware
Scanning a computer for viruses should take place in two stages: it is a PC run by an antivirus program + a mailware check run (since a regular antivirus cannot find such ad modules).
1. Antivirus scan
I recommend using one of the popular antivirus programs, for example: Kaspersky, Doctor-Web, Avast, etc. (see the full list: https://pcpro100.info/luchshie-antivirusyi-2016/).
For those who do not want to install an antivirus on their PC, the check can also be done online. More details here: https://pcpro100.info/kak-proverit-kompyuter-na-virusyi-onlayn/#i
2. Checking for mailware
In order not to rush, I will give a link to an article on removing adware from browsers: https://pcpro100.info/kak-udalit-iz-brauzera-tulbaryi-reklamnoe-po-poiskoviki-webalta-delta-homes-i-pr/# 3
Removing viruses from the OS Windows (Mailwarebytes).
The computer must be completely checked with one of the utilities: ADW Cleaner or Mailwarebytes. They clean the computer of all mailware in about the same way.
After that, you can install a clean browser on your computer, and most likely there is nothing and no one to block the Yandex and Google search engines in your OS Windows. Good luck!