Getting redirected from google search results

You did not post an AVG Antispyware log as requested. Please do so in your next reply.

Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.


Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

sysvx.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {36645342-9475-2663-166A-466739207346} - C:\WINDOWS\System32\ipv6mote.dll

O2 - BHO: ASP.NET Helper - {42031715-09B2-3B51-A93F-56C308E48F38} - C:\WINDOWS\system\ctlvxd32.dll (file missing)

O4 - HKLM\..\Run: [sysvx.exe] C:\WINDOWS\System32\sysvx.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O20 - AppInit_DLLs:

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\System32\sysvx.exe

Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.

This is the filepath you need to enter into killbox.

C:\WINDOWS\System32\ipv6mote.dll

Once your system has rebooted, rehide your protected OS files.

Post fresh HJT and AVG Antispyware logs.

Regards Howard

This thread is for the use of lochieg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

How you ask google is important.
So be sure to search with exact words.
Tip and example :
Title:New York Hotels
Type all the above.or
utilities+system tools.
google doesn't care what browser it is.

lochieg said:

when I search for something in google and click one of the links to one of the results, 2/3rds of the time it redirects me to one of quite a few "websites", such as sestat.com.

Click to expand...

zipperman:

lochieg`s problem is not caused by him typing in the wrong words into Google, but rather when he gets the Google results from doing a search and clicks on a link, he gets taken to a completely different website from the one he`s trying to access. I.E he`s getting redirected. I believe this is caused by the malware on his system.

Regards Howard

This thread is for the use of lochieg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Apologies...here it is

Options

lochieg said:

Apologies...here it is

Click to expand...

What where your options besides "No action" ?
Name one of your search words and reported links and i'll report my results.

It only says that because I don't have an option to save a logfile AFTER I've taken the action. I quarantined one and deleted another, but can't remember which was which. I'm not sure what you mean by "name your search words"...you mean what I've searched for in google? One of them was stylus (an online magazine I couldn't remember the URL for), and that resulted in http://oldhetaira.com/.cfm?pt=2&rpt=1&kt=1 once, and a different each time I clicked on the link...I hope that's the info you wanted?

Anywya, here's the latest logs...

Your HJT log is now clean, are you still having the same problem with Google?

please do the following, only if your problem is still there.

Download combofix.exe. Double click combofix.exe & follow the prompts. A window will open with a warning. Type "Y" (and Enter) to start the fix. When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log. Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Regards Howard

This thread is for the use of lochieg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Yes

lochieg said:

It only says that because I don't have an option to save a logfile AFTER I've taken the action. I quarantined one and deleted another, but can't remember which was which. I'm not sure what you mean by "name your search words"...you mean what I've searched for in google? One of them was stylus (an online magazine I couldn't remember the URL for), and that resulted in http://oldhetaira.com/.cfm?pt=2&rpt=1&kt=1 once, and a different each time I clicked on the link...I hope that's the info you wanted?

Anywya, here's the latest logs...

Click to expand...

http://www.stylusmagazine.com/

Search : stylus+magazine
That found it. Thats what i meant.

Nope no more problems. Thanks a lot Howard and everyone: I should say again that you guys do an amazing job.

That`s good news and thanks for letting us know.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of lochieg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

google search result getting redirected to different sites in IE

Hi All,

I am not sure if this is the right place to post my issue. Whenever i search in google for something and get the results, i am taken to different website when i click the link. This happens only in internet explorer. Few days back i had lots of spyware, tracking, malware and adware on my pc but i was able to clean most of the things using spybot search and destory. Can someone help me.

thanks.

Follow the pinned post 8 step malware removal guide

Use found upper left corner of this forum

Post 3 logs as directed.

Rookie User - Posting Logs

I followed the "8 step malware removal guide" and so far so good. I am not being redirected to any sites and pop up ads have stopped.

I attached my logs per your instructions. Let me know if you see anything that should be corrected.

Thanks, I really appreciate this guidance.


Train