TechSpot

keep getting redirected

By smoke157
Mar 21, 2007
  1. When I click a link after doing a google search I get redirected to a sansujo site of some sort. This only seems to happen when searching for things. I did all of the preliminary cleaning and will attach a cf and hjt log. Thank you for your help. This problem is very annoying.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Download Vundofix from HERE.

    Double click the Vundofix.exe to run it.

    Right click in the vundofix window and click add files.

    Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.

    These are the filepaths you need to enter into Vundofix.

    C:\WINDOWS\system32\soxiokl.dll
    C:\WINDOWS\system32\qicnvei.dll

    Post a fresh HJT log as well as an AVG Antispyware log.

    Regards Howard :)

    This thread is for the use of smoke157 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. smoke157

    smoke157 TS Rookie Topic Starter

    here are my new logs. thank you.
     
  4. mr. sparkle

    mr. sparkle TS Rookie

    You might want to check your Host files and see if there were any modifications made,
    Some adaware etc. use this to redirect.
     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    Bodog Poker

    Close control panel.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    BPGame.exe

    Close task manager.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - {5579B1C1-F9AE-9C92-4CEE-000381433AC5} - C:\WINDOWS\system32\soxiokl.dll (file missing)

    O2 - BHO: (no name) - {74C11DEB-B706-8EAA-8E5B-05046181A53F} - C:\WINDOWS\system32\qicnvei.dll (file missing)

    O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe

    O16 - DPF: WMP10ctrl - http://www.cinemanow.com/WMP10ctrl.CAB

    O16 - DPF: {B0781EB7-16EA-49F1-9C1D-9716D88206CF} (CSQ Object) - http://169.254.0.1/view.cab

    O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} (dlControl.UserControl1) - http://www.cinemanow.com/dlControl_3_3.CAB

    O20 - Winlogon Notify: winxtx32 - winxtx32.dll (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\Bodog Poker<Delete the entire folder.

    Reboot your computer.

    Run the Ccleaner programme as per the instructions in step9 of this thread HERE.

    Post a fresh HJT log and let me know how your system is running.

    Regards Howard :)

    This thread is for the use of smoke157 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  6. smoke157

    smoke157 TS Rookie Topic Starter

    seems to be fixed. thank you very much. greatly appriciated.
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of smoke157 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. smoke157

    smoke157 TS Rookie Topic Starter

    thank you.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...