Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google redirect problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Google redirect problem

Unread postby jbitz » April 8th, 2012, 10:19 pm

No Problems with the instructions.
The browser still redirects occasionally.
For example a google search for baseball
Then I clicked on http://mlb.mlb.com/index.jsp redirected to http://click.get-answers-fast.com/ads-c ... s=baseball
System is otherwise stable.


All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Conduit.Engine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\uTorrentBar\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\AppDataLow\Software\uTorrentBar\ not found.
Registry key HKEY_CURRENT_USER\Software\BitTorrent\uTorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-Felony\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X264-LCHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-MACHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-METiS\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-REVEiLLE\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SceneHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SiNNERS\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-TENEIGHTY\OpenWithList\\a deleted successfully.
Registry key HKEY_CURRENT_USER\Software\uTorrentBar\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\.btsearch\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids\\uTorrent deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\.torrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\uTorrent\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\AppPaths\client not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B336B543-0D1B-47E4-8B5C-E564492ACC2D}\\AppPath deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B336B543-0D1B-47E4-8B5C-E564492ACC2D}\\AppName deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\uTorrentBar\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\AppDataLow\Software\uTorrentBar\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent\uTorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-Felony\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X264-LCHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-MACHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-METiS\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-REVEiLLE\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SceneHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SiNNERS\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-TENEIGHTY\OpenWithList\\a not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\uTorrentBar\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\OpenWithProgids\\uTorrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.torrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Applications\uTorrent.exe\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\uTorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch\OpenWithProgids\\uTorrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.torrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Applications\uTorrent.exe\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\uTorrent not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 242086 bytes
->Temporary Internet Files folder emptied: 5905081 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49057072 bytes
->Google Chrome cache emptied: 6111677 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1517534 bytes

Total Files Cleaned = 60.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04082012_185617

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
SystemLook 30.07.11 by jpshortstuff
Log created at 19:05 on 08/04/2012 by Jbitz
Administrator - Elevation successful

========== regfind ==========

Searching for "conduit"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll"="12/10/2010 8:45 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\IEHelpers]
"Conduit Toolbar"="900"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll"="12/10/2010 8:45 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\IEHelpers]
"Conduit Toolbar"="900"

Searching for "uTorrent"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_CURRENT_USER\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"="WINXPSP2"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""

-= EOF =-
jbitz
Regular Member
 
Posts: 38
Joined: August 12th, 2011, 7:04 pm
Advertisement
Register to Remove

Re: Google redirect problem

Unread postby pgmigg » April 9th, 2012, 1:17 pm

Hello jbitz,
The browser still redirects occasionally.
For example a google search for baseball
Then I clicked on http://mlb.mlb.com/index.jsp redirected to http://click.get-answers-fast.com/ads-c ... s=baseball
I need to know exactly which browser redirected - it was Internet Explorer, Mozilla Firefox or both of them.

Step 0.
Regbak - Backup Windows 7 registry
You should still have regbak64.exe on your desktop.
  1. Unzip or extract all files to your desktop or other convenient place.
  2. Right click regbak64.exe ... choose "Run As Administrator".
  3. Allow the backup location to default to the shown folder.
  4. Make sure the following (default) hives are selected for backup:
    • System
    • Current User
    • Other available hives
  5. Press the "Advanced Options" link.
    In the "Default backup folder" box ...copy and paste the following to the END of the line (no spaces)
    <TIME>\
    It should look like: %SystemRoot%\RegBak\<DATE>\<TIME>\
    This adds the current time to the folder name, allowing multiple backups in one day, without removing previous backups.
    DO NOT change any other options.
  6. Press OK. Reply Yes to any folder creation prompts.
  7. Press Start at the confirmation screen.
  8. When the backup has successfully completed... press Cancel to end the program.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code: Select all
    :Reg
    [-HKEY_CURRENT_USER\Software\Classes\.btsearch]
    [-HKEY_CURRENT_USER\Software\Classes\btdna]
    [HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
    @=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
    "C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
    @=-
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
SystemLook
You should still have SystemLook_x64.exe on your desktop.
  1. Double-click SystemLook_x64.exe to run it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries from Code Box into SystemLook's main text entry window.
    Code: Select all
    :filefind
    *btdna*
    *btsearch*
    
    :regfind
    btdna
    btsearch
    Torrent
    
  3. Press the Look button to start the scan.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Answer for the question about which browsers redirecting.
  2. Do you have any problems executing the instructions?
  3. Contents of C:\_OTL\Moved Files\MMDDYYY_HHMMSS.log file after OTL fix.
  4. Contents of SystemLook.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Google redirect problem

Unread postby jbitz » April 9th, 2012, 7:36 pm

The redirect was in Firefox 11.0.
No Problems with the instructions.
Google search in Firefox for football when I clicked on www.nfl.com/ and went to http://www.happili.com/bc_rus/innerxy.p ... l&xy=10539
Seems better but still an occasional redirect.
Thanks again for your prompt replies.

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\.btsearch\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\btdna\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 150444 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49061067 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04092012_191740

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

SystemLook 30.07.11 by jpshortstuff
Log created at 19:22 on 09/04/2012 by Jbitz
Administrator - Elevation successful

========== filefind ==========

Searching for "*btdna*"
No files found.

Searching for "*btsearch*"
No files found.

========== regfind ==========

Searching for "btdna"
No data found.

Searching for "btsearch"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"

Searching for "Torrent"
[HKEY_CURRENT_USER\Software\7-Zip\FM]
"PanelPath0"="H:\Video\Torrent\The.River.S01.720p.HDTV.x264-SceneHD\The.River.S01E04.720p.HDTV.X264-DIMENSION\"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_CURRENT_USER\Software\BitTorrent]
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 16"="E:\HD Torrent\7lb\s-7pounds.mkv"
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 18"="E:\DAT\Torrent\Party Hardcore-2009\ph2009-03-16\ph2009-03-16hd.wmv"
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 19"="E:\DAT\Torrent\Interview With A Sex Maniac - Sandra Shine Hc.mpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"="WINXPSP2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM]
"PanelPath0"="H:\Video\Torrent\The.River.S01.720p.HDTV.x264-SceneHD\The.River.S01E04.720p.HDTV.X264-DIMENSION\"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 16"="E:\HD Torrent\7lb\s-7pounds.mkv"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 18"="E:\DAT\Torrent\Party Hardcore-2009\ph2009-03-16\ph2009-03-16hd.wmv"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 19"="E:\DAT\Torrent\Interview With A Sex Maniac - Sandra Shine Hc.mpg"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]

-= EOF =-
jbitz
Regular Member
 
Posts: 38
Joined: August 12th, 2011, 7:04 pm

Re: Google redirect problem

Unread postby jbitz » April 10th, 2012, 8:23 am

I tried clicking on about 30 links in several google searches in IE 9 with no problems.
Firefox is still redirecting.
jbitz
Regular Member
 
Posts: 38
Joined: August 12th, 2011, 7:04 pm

Re: Google redirect problem

Unread postby pgmigg » April 10th, 2012, 11:03 am

Hello jbitz,

Good job! :)
The redirect was in Firefox 11.0.
Thank you!
I tried clicking on about 30 links in several google searches in IE 9 with no problems.
Firefox is still redirecting.
Let continue our treatment...

Step 0.
Regbak - Backup Windows 7 registry
You should still have regbak64.exe on your desktop.
  1. Unzip or extract all files to your desktop or other convenient place.
  2. Right click regbak64.exe ... choose "Run As Administrator".
  3. Allow the backup location to default to the shown folder.
  4. Make sure the following (default) hives are selected for backup:
    • System
    • Current User
    • Other available hives
  5. Press the "Advanced Options" link.
    In the "Default backup folder" box ...copy and paste the following to the END of the line (no spaces)
    <TIME>\
    It should look like: %SystemRoot%\RegBak\<DATE>\<TIME>\
    This adds the current time to the folder name, allowing multiple backups in one day, without removing previous backups.
    DO NOT change any other options.
  6. Press OK. Reply Yes to any folder creation prompts.
  7. Press Start at the confirmation screen.
  8. When the backup has successfully completed... press Cancel to end the program.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code: Select all
    :Reg
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [HKEY_CURRENT_USER\Software\7-Zip\FM]
    "PanelPath0"=-
    [-HKEY_CURRENT_USER\Software\BitTorrent]
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 16"=-
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 18"=-
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 19"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
    "C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM]
    "PanelPath0"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 16"=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 18"=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 19"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
Download fresh and latest Firefox
  1. Please open Firefox via any other browser you have.
  2. Click on Firefox Free Download green field and safe Firefox Setup 11.0.exe on the Desktop.

Step 3.
Make a Backup of Firefox Bookmarks
  1. Please open your FireFox browser.
  2. Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  3. In the Library window, click the Import and Backup button and then select Backup....
  4. In the Bookmarks backup filename window that opens, choose a your Desktop as a location to save the file, which is named bookmarks-"date".json by default.
  5. Save the bookmarks json file. The Bookmarks backup filename window will close and you can close the Library window.

Step 4.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Java Auto Updater
    Java(TM) 6 Update 29
    Mozilla Firefox 11.0
  4. Take extra care in answering questions posed by any Uninstaller.
    Note: During FireFox uninstalling process please answer "Yes" for any questions regarding removing anything that may be kept, to be sure that everything will be deleted! <-- it is important!
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 5.
Install fresh Firefox
  1. Right click on Firefox Setup 11.0.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Then follow installation prompts...

Step 6.
Restore your Firefox Bookmarks
  1. Please open your FireFox browser.
  2. Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  3. In the Library window, click the Import and Backup button and then select Restore....
  4. Choose bookmarks .json file you saved on your Desktop.
  5. After choosing a backup, your bookmarks from that file will be restored. Close the Library window.

Now, please make some searching with your fresh installed FireFox browser, and tell me, do you still have redirecting with it?

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of C:\_OTL\Moved Files\MMDDYYY_HHMMSS.log file after OTL fix.
  3. Answer for my question about FireFox browser redirecting.
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Google redirect problem

Unread postby jbitz » April 10th, 2012, 2:15 pm

No Problems with the instructions
I have not experienced any redirects.
System is stable.

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry value HKEY_CURRENT_USER\Software\7-Zip\FM\\PanelPath0 deleted successfully.
Registry key HKEY_CURRENT_USER\Software\BitTorrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 16 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 18 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 19 deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM\\PanelPath0 not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 16 not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 18 not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 19 not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 335028 bytes
->Temporary Internet Files folder emptied: 29143864 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49073208 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2953733262 bytes

Total Files Cleaned = 2,892.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04102012_120730

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
jbitz
Regular Member
 
Posts: 38
Joined: August 12th, 2011, 7:04 pm

Re: Google redirect problem

Unread postby pgmigg » April 10th, 2012, 3:06 pm

Hello jbitz,
I have not experienced any redirects.
System is stable.
Nice job, thank you! :)

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
Latest Java Installation Needed!

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD LATEST VERSION
  1. Get the latest version (7u3) of Java Runtime Environment (JRE)...
    © Sun Microsystems, Inc.
  2. Click the "Download JRE" button to the right.
  3. Check "Accept License Agreement "
  4. Locate the entry for Windows x64 and click on the associated file name, save the file to your Desktop.

INSTALL Java
  1. Close all open applications (standard), especially your browser.
  2. From Desktop please right-click on jre-7u3-windows-x64.exe select "Run As Administrator..." to
    install the newest version.
  3. Follow the on-screen directions. When installation is completed successfully, please reboot your computer normally.
  4. Once the computer has been restarted, you can delete the "downloaded" installation file from your desktop.

OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time...
  1. Go to Control Panel and click on the JAVA icon.
  2. Press the Update tab and UNCHECK "Check for Updates Automatically". (You can check for updates manually.)
      Reply "Never Check" to the warning prompt.
  3. Now press the Advanced tab. Press the [+] to expand the "Miscellaneous" options.
  4. UNCHECK "Java Quick Starter".
  5. Press Apply and OK, then close the Java Control Panel and exit Control Panel.

Step 2.
Uninstall ComboFix
  1. Click on Start -> All programs -> Accessories -> Run.
  2. Copy and paste the value below, into the open text entry box:
    ComboFix /Uninstall
    Image
  3. Click OK.
The above procedure will reset your System Restore and clear out the backups and quarantines created during the course of this fix.

Step 3.
OTL - Run Fix Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code: Select all
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 4.
OTL-Cleanup
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Then please don't forget to enable all your defense software!

Finally, please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3181
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Google redirect problem

Unread postby jbitz » April 11th, 2012, 6:20 am

Thanks again for your help in getting my system rid of those annoying redirects.
It's much appreciated!
jbitz
Regular Member
 
Posts: 38
Joined: August 12th, 2011, 7:04 pm

Re: Google redirect problem

Unread postby deltalima » April 11th, 2012, 1:14 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware