Thursday, February 28, 2013

snap.do browser hijacker that causes redirect

snap.do (search.snap.do) is a contemporary form of browser redirection. It gets installed onto attacked computers through downloads and installs of other applications. Their installers are generally bundled with snap.do toolbar that is responsible for browser redirecting issues. Having all your search queries permanently rerouted via snap.do is surely annoying. Snap.do promises to optimize search results, whereas in reality the things turn out to be totally opposite. Fixing the problem of browser redirection via snap.do site is the challenge for many security blogs. This problem, however, can’t be fixed using only security software.

If your browser has been attacked by snap.do then you need to immediately search for the correct solution that will help you fix this problem. It is worthy of mentioning that in this case you must first of all perform some manual steps that will help you resolve this problem.

The most contemporary versions of browser redirecting applications often promote some goods or services. Thus, these hijackers pursue the goal of attracting traffic to some products. There’s nothing wrong with this, but users must themselves decide whether they want to see snap.do on their PCs or not. So, if snap.do attacked your system, please follow the browser redirection fixing guide below.

search.snap.do screenshot:

Browser redirection removal milestones:

  • Check the Local Area Network (LAN) settings of your system
  • Check whether DNS settings have been changed by Redirect Virus
  • Check your Windows HOSTS file contents
  • Check Internet Explorer add-ons. Get rid of unknown or suspicious add-ons contained there
  • Use Kaspersky TDSSKiller (TDSS Killer) application to get rid of malware belonging to the clan of Rootkit.Win32.TDSS
  • Scan your system with decent anti-virus program and malware killer
  • Consider using CCleaner to delete unwanted system/temp files and browser cache
  • The last but not the least, reset your Router back to the factory default settings
  1. Check the Local Area Network (LAN) settings of your system
  2. a) Open Internet Explorer. In Internet Explorer go to: Tools->Internet Options.

    Windows XP Example:

    Windows Vista / Windows 7 Example:

    b) Click on “Connections” tab, then click “LAN settings” button.
    c) Uncheck (untick) the checkbox under “Proxy server” option and hit OK.
  3. Check whether DNS settings have been changed by Redirect Virus:
  4. a) Open Control Panel (Start->Control Panel).
    b) Double-click “Network Connections” icon to open it.
    c) Right-click on “Local Area Connection” icon and select “Properties”.

    d) Select “Internet Protocol (TCP/IP)” and click “Properties” button.
    e) Choose “Obtain DNS server address automatically” and click OK.
  5. Check your Windows HOSTS file contents
  6. a) Go to: C:\WINDOWS\system32\drivers\etc.
    b) Double-click “hosts” file to open it. Choose to open with Notepad.

    c) The “hosts” file should look the same as in the image below. There should be only one line: 127.0.0.1 localhost in Windows XP and 127.0.0.1 localhost ::1 in Windows Vista. If there are more, then remove them and save changes. Read more about Windows Hosts file here: http://support.microsoft.com/kb/972034
  7. Check Internet Explorer add-ons. Get rid of unknown or suspicious add-ons contained there

  8. a) Open Internet Explorer. In Internet Explorer go to: Tools->Manage Add-ons.

    b) Uninstall unknown or suspicious Toolbars or Search Providers.
  9. Use Kaspersky TDSSKiller (TDSS Killer) application to get rid of malware belonging to the clan of Rootkit.Win32.TDSS
  10. a) Download the file TDSSKiller.zip and extract it into a folder
    b) Execute the file TDSSKiller.exe.
    c) Wait for the scan and disinfection process to be over. Close all programs and press “Y” key to restart your computer.

    More detailed TDSSKiller tutorial: http://support.kaspersky.com/viruses/solutions?qid=208280684

  11. Scan your system with decent anti-virus program and malware killer
  12. Consider using CCleaner to delete unwanted system/temp files and browser cache
  13. CCleaner is a freeware system optimization. It’s not a malware removal tool. However, it’s always a good idea to get rid of unnecessary internet/system files or corrupter Windows registry values that may cause various problems to your computer. Download CCleaner free application.
  14. The last but not the least, reset your Router back to the factory default settings
  15. Keep in mind that this step is optional and should be completed only if you have followed all the above recommendations and you still have the redirect virus on your computer. First of all, please follow this guide: How to Reset a Router Back to the Factory Default Settings. Then you should flush DNS cache: a)Go to Start->Run (or WinKey+R) and type in "cmd" without quotation marks.


    b) In a new window please type "ipconfig /flushdns" without quotation marks and press Enter.

Please do not hesitate to contact us at any time if you require any help on our part of if you experience any difficulties. We hope that this information has been helpful to you and remain

Yours faithfully,
Restore Point Blog

No comments:

Post a Comment