Ok, I read some articles online and it's hidden by a rootkit.
"It's caused by a multi-faceted threat variously called TDSS, Alureon, or Tidserv.
The first time I ran into Tidserv it was inflicting exactly the same symptoms on my daughter's laptop. Unlike Lance's security-free test system, her laptop was protected by an up-to-date installation of Norton Internet Security 2010; it didn't help. She worked directly with Symantec technicians to identify and eliminate this then-new variant. Symantec's page on what they call Backdoor.Tidserv now includes a removal tool designed specifically to wipe out this threat.
Tidserv does indeed redirect search result links so you end up visiting web sites associated with the threat's authors, but that's just the most visible effect. According to Symantec it hides itself using advanced rootkit technology, displays advertisements, and opens a back door that further compromises the affected system's security.
Symantec reports that this Trojan is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and tries to fool the victim into paying for useless software. If those tricks don't work it can kick up the threat level by downloading additional malicious or misleading programs.
Pernicious threats like this one, threats that sometimes get past normal security, are precisely the target for Symantec's free Norton Power Eraser tool. I advised Lance to try the beta version of Norton Power Eraser 1.5, released today in conjunction with the Norton 360 Version 5 public beta. This update gives Norton Power Eraser the new ability to draw on Symantec's massive Norton Insight database to help identify threats.
Alas, Norton Power Eraser isn't yet powerful enough to remove this particular threat. Symantec supplied a brand new removal tool and reported that the removal techniques from this tool will eventually be merged into NPE. I predict eventual success, but jury is still out as the removal tool takes quite a while to finish its scan (eight hours on my clean test system).
If you click on a search link and it goes to the wrong place once, that might be a fluke. If it happens multiple times you've got a problem. Update your antivirus and run a full scan, seek a threat-specific removal tool online, or try a free tool like Norton Power Eraser. You don't want to leave a threat like Tidserv running loose on your computer."
"The virus, Go.google.com disables the running firewalls and anti-virus softwares and breaks your security, it records and send the web urls visited on the infected computer to the hacker.
Most common signs of this virus go.google.com browser hijacker is that It corrupt Registry files and it causes “Blue Screen of Death” error in windows
This virus also changes the desktop background
MS IE and mozila Firefox brows the web slow after getting infected by go.google.com and this virus also infects e-mail attachments, messenger and other freeware programs
There are two tools available on the Internet which can remove go.google.com virus from Windows XP and Windows Vista
Note: Both of these tools are Shareware programs classified as spyware and antivirus tools which lets you remove the virus completely free of cost, so you can use them in their trail version time period."
Follow the instructions below:
1: Go to my computer and C:–>Windows–>System32–>Drivers–>etc folder.
2: In this folder, Look for a file named “Hosts”
3: Right click on this file and open it with the notepad
4: Now delete all the lines of IP addresses in the text document except for “127.0.0.1 localhost”.
5: Save the file and close it.
Doing this solvs the problem and Now you should be able to surf Internet without any redirect problem. But remember! you still need to get rid of several infected files from your computer, remote registry entries and un-register the DLL files