Forum Home |  MWR University |  New to the Board? |  IRC Chatroom |  Who Runs This Site? |  ASAP Members |  Microsoft MVP Members |  Downloads |  Good & Bad P2P Programs |  Our Rules

MalWare Removal Forum

Malware Removal University - Teaching people how to support those with infected computers - Teaching them to never give up untill your computer is clean and secure.

Tutorials (etc.) : Boot to Safe Mode - Safely - What to do if your Computer's running slowly
It is currently Mon 20 May, 2013 4:14 am

View unanswered posts | View active topics


Board index » Malware Removal » Malware Removal

All times are UTC [ DST ]

Forum rules


Please read > >THIS ANNOUNCEMENT< < before posting your NEW topic about your problem.

Please do NOT reply to your topic until a staff member has responded as they are looking for topics that have ZERO replies.

Paste your logs into your post. DO NOT USE ATTACHMENTS! Logs posted as attachments will be ignored and the topic will be closed.

If no expert has replied after 3 days, and you still require assistance, please post in our 72 hour bump room > > CLICK HERE < < Please do NOT reply to your own topic in an attempt to "bump" it. Bumped topics will be closed, requiring you to start again from the beginning.

If you are being helped and you haven't replied to your helper within 3 days of their last post, your topic will be closed as inactive. If that happens, you will need to start a new topic when you have the time available to promptly complete all instructions.

If your topic has been closed due to inactivity, do NOT request that your topic be reopened - we do NOT reopen topics unless they have been closed in error - you will need to start a NEW topic with NEW DDS logs. Do NOT attempt to start a new topic with a post that is essentially a reply to your closed topic.



Post new topic This topic is locked, you cannot edit posts or make further replies.  Page 2 of 2
  [ 24 posts ]  Go to page Previous  1, 2
  Previous topic | First unread post | Next topic 
Author Message
jbitz
 Post subject: Re: Google redirect problem
New postPosted: Mon 09 Apr, 2012 3:19 am 
Offline
Regular Member

Joined: Sat 13 Aug, 2011 12:04 am
Posts: 38
No Problems with the instructions.
The browser still redirects occasionally.
For example a google search for baseball
Then I clicked on http://mlb.mlb.com/index.jsp redirected to http://click.get-answers-fast.com/ads-c ... s=baseball
System is otherwise stable.


All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Conduit.Engine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\uTorrentBar\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\AppDataLow\Software\uTorrentBar\ not found.
Registry key HKEY_CURRENT_USER\Software\BitTorrent\uTorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-Felony\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X264-LCHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-MACHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-METiS\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-REVEiLLE\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SceneHD\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SiNNERS\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-TENEIGHTY\OpenWithList\\a deleted successfully.
Registry key HKEY_CURRENT_USER\Software\uTorrentBar\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\.btsearch\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids\\uTorrent deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\.torrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\uTorrent\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit\AppPaths\client not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B336B543-0D1B-47E4-8B5C-E564492ACC2D}\\AppPath deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B336B543-0D1B-47E4-8B5C-E564492ACC2D}\\AppName deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\uTorrentBar\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{917CEF3E-D6FB-4A1F-BEE9-88186A9F972B}C:\program files (x86)\utorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{908745EE-5570-43EF-A62E-4866B158C6CE}C:\program files (x86)\utorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDE412C-4AC5-45A1-AD9F-DCA7AFE1102F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04DE8F85-7A55-4107-84DB-4F69B35BE424} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DE8F85-7A55-4107-84DB-4F69B35BE424}\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\AppDataLow\Software\uTorrentBar\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent\uTorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-Felony\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X264-LCHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-MACHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-METiS\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-REVEiLLE\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SceneHD\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-SiNNERS\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x264-TENEIGHTY\OpenWithList\\a not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\uTorrentBar\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\OpenWithProgids\\uTorrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.torrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Applications\uTorrent.exe\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\uTorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch\OpenWithProgids\\uTorrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.torrent not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Applications\uTorrent.exe\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\shell\open\command\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\E:\Program Files (x86)\uTorrent\uTorrent.exe not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\uTorrent not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 242086 bytes
->Temporary Internet Files folder emptied: 5905081 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49057072 bytes
->Google Chrome cache emptied: 6111677 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1517534 bytes

Total Files Cleaned = 60.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04082012_185617

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
SystemLook 30.07.11 by jpshortstuff
Log created at 19:05 on 08/04/2012 by Jbitz
Administrator - Elevation successful

========== regfind ==========

Searching for "conduit"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll"="12/10/2010 8:45 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\IEHelpers]
"Conduit Toolbar"="900"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll"="12/10/2010 8:45 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\IEHelpers]
"Conduit Toolbar"="900"

Searching for "uTorrent"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_CURRENT_USER\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"="WINXPSP2"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" ",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "/DNA""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""

-= EOF =-

Top
 Profile E-mail  
 
pgmigg
 Post subject: Re: Google redirect problem
New postPosted: Mon 09 Apr, 2012 6:17 pm 
Offline
MRU Honors Graduate
MRU Honors Graduate
User avatar

Joined: Tue 08 Jul, 2008 6:25 pm
Posts: 1679
Location: GMT-05:00
Hello jbitz,
Quote:
The browser still redirects occasionally.
For example a google search for baseball
Then I clicked on http://mlb.mlb.com/index.jsp redirected to http://click.get-answers-fast.com/ads-c ... s=baseball
I need to know exactly which browser redirected - it was Internet Explorer, Mozilla Firefox or both of them.

Step 0.
Regbak - Backup Windows 7 registry
You should still have regbak64.exe on your desktop.
  1. Unzip or extract all files to your desktop or other convenient place.
  2. Right click regbak64.exe ... choose "Run As Administrator".
  3. Allow the backup location to default to the shown folder.
  4. Make sure the following (default) hives are selected for backup:
    • System
    • Current User
    • Other available hives
  5. Press the "Advanced Options" link.
    In the "Default backup folder" box ...copy and paste the following to the END of the line (no spaces)
    <TIME>\
    It should look like: %SystemRoot%\RegBak\<DATE>\<TIME>\
    This adds the current time to the folder name, allowing multiple backups in one day, without removing previous backups.
    DO NOT change any other options.
  6. Press OK. Reply Yes to any folder creation prompts.
  7. Press Start at the confirmation screen.
  8. When the backup has successfully completed... press Cancel to end the program.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code:
    :Reg
    [-HKEY_CURRENT_USER\Software\Classes\.btsearch]
    [-HKEY_CURRENT_USER\Software\Classes\btdna]
    [HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
    @=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
    "C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
    @=-

    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
SystemLook
You should still have SystemLook_x64.exe on your desktop.
  1. Double-click SystemLook_x64.exe to run it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries from Code Box into SystemLook's main text entry window.
    Code:
    :filefind
    *btdna*
    *btsearch*

    :regfind
    btdna
    btsearch
    Torrent
  3. Press the Look button to start the scan.
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Answer for the question about which browsers redirecting.
  2. Do you have any problems executing the instructions?
  3. Contents of C:\_OTL\Moved Files\MMDDYYY_HHMMSS.log file after OTL fix.
  4. Contents of SystemLook.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg
_________________

Top
 Profile E-mail  
 
jbitz
 Post subject: Re: Google redirect problem
New postPosted: Tue 10 Apr, 2012 12:36 am 
Offline
Regular Member

Joined: Sat 13 Aug, 2011 12:04 am
Posts: 38
The redirect was in Firefox 11.0.
No Problems with the instructions.
Google search in Firefox for football when I clicked on www.nfl.com/ and went to http://www.happili.com/bc_rus/innerxy.p ... l&xy=10539
Seems better but still an occasional redirect.
Thanks again for your prompt replies.

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\.btsearch\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\btdna\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\.btsearch\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\btdna\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\.btsearch not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\btdna not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 150444 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49061067 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 47.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04092012_191740

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

SystemLook 30.07.11 by jpshortstuff
Log created at 19:22 on 09/04/2012 by Jbitz
Administrator - Elevation successful

========== filefind ==========

Searching for "*btdna*"
No files found.

Searching for "*btsearch*"
No files found.

========== regfind ==========

Searching for "btdna"
No data found.

Searching for "btsearch"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
"Extension"=".btsearch"

Searching for "Torrent"
[HKEY_CURRENT_USER\Software\7-Zip\FM]
"PanelPath0"="H:\Video\Torrent\The.River.S01.720p.HDTV.x264-SceneHD\The.River.S01E04.720p.HDTV.X264-DIMENSION\"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_CURRENT_USER\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_CURRENT_USER\Software\BitTorrent]
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 16"="E:\HD Torrent\7lb\s-7pounds.mkv"
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 18"="E:\DAT\Torrent\Party Hardcore-2009\ph2009-03-16\ph2009-03-16hd.wmv"
[HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
"File Name 19"="E:\DAT\Torrent\Interview With A Sex Maniac - Sandra Shine Hc.mpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"="WINXPSP2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM]
"PanelPath0"="H:\Video\Torrent\The.River.S01.720p.HDTV.x264-SceneHD\The.River.S01E04.720p.HDTV.X264-DIMENSION\"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\ActiveTasks]
"E:\PROGRAM FILES (X86)\uTorrent\uTorrent.exe"="09/06/2011 10:15 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar\tbuTor.dll"="12/10/2010 8:46 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\IEHelper]
"C:\Program Files (x86)\uTorrentBar2\prxtbuTor.dll"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="10/10/2010 8:39 AM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="08/27/2011 1:24 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\Detected\Startup]
"E:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE"="03/06/2012 10:30 PM"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"C:\Program Files (x86)\uTorrent\uTorrent.exe"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BillP Studios\WinPatrol\Run]
"e:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED"="11"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 16"="E:\HD Torrent\7lb\s-7pounds.mkv"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 18"="E:\DAT\Torrent\Party Hardcore-2009\ph2009-03-16\ph2009-03-16hd.wmv"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
"File Name 19"="E:\DAT\Torrent\Interview With A Sex Maniac - Sandra Shine Hc.mpg"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe",0"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
@=""E:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
"Extension"=".torrent"
[HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]

-= EOF =-

Top
 Profile E-mail  
 
jbitz
 Post subject: Re: Google redirect problem
New postPosted: Tue 10 Apr, 2012 1:23 pm 
Offline
Regular Member

Joined: Sat 13 Aug, 2011 12:04 am
Posts: 38
I tried clicking on about 30 links in several google searches in IE 9 with no problems.
Firefox is still redirecting.
_________________

Top
 Profile E-mail  
 
pgmigg
 Post subject: Re: Google redirect problem
New postPosted: Tue 10 Apr, 2012 4:03 pm 
Offline
MRU Honors Graduate
MRU Honors Graduate
User avatar

Joined: Tue 08 Jul, 2008 6:25 pm
Posts: 1679
Location: GMT-05:00
Hello jbitz,

Good job! :)
Quote:
The redirect was in Firefox 11.0.
Thank you!
Quote:
I tried clicking on about 30 links in several google searches in IE 9 with no problems.
Firefox is still redirecting.
Let continue our treatment...

Step 0.
Regbak - Backup Windows 7 registry
You should still have regbak64.exe on your desktop.
  1. Unzip or extract all files to your desktop or other convenient place.
  2. Right click regbak64.exe ... choose "Run As Administrator".
  3. Allow the backup location to default to the shown folder.
  4. Make sure the following (default) hives are selected for backup:
    • System
    • Current User
    • Other available hives
  5. Press the "Advanced Options" link.
    In the "Default backup folder" box ...copy and paste the following to the END of the line (no spaces)
    <TIME>\
    It should look like: %SystemRoot%\RegBak\<DATE>\<TIME>\
    This adds the current time to the folder name, allowing multiple backups in one day, without removing previous backups.
    DO NOT change any other options.
  6. Press OK. Reply Yes to any folder creation prompts.
  7. Press Start at the confirmation screen.
  8. When the backup has successfully completed... press Cancel to end the program.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code:
    :Reg
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [HKEY_CURRENT_USER\Software\7-Zip\FM]
    "PanelPath0"=-
    [-HKEY_CURRENT_USER\Software\BitTorrent]
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 16"=-
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 18"=-
    [HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings]
    "File Name 19"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
    "C:\Program Files (x86)\uTorrentBar\UNWISE.EXE"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM]
    "PanelPath0"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 16"=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 18"=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings]
    "File Name 19"=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon]
    @=-
    [HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command]
    @=-
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent]
    [-HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent]
    [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent]

    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 2.
Download fresh and latest Firefox
  1. Please open Firefox via any other browser you have.
  2. Click on Firefox Free Download green field and safe Firefox Setup 11.0.exe on the Desktop.

Step 3.
Make a Backup of Firefox Bookmarks
  1. Please open your FireFox browser.
  2. Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  3. In the Library window, click the Import and Backup button and then select Backup....
  4. In the Bookmarks backup filename window that opens, choose a your Desktop as a location to save the file, which is named bookmarks-"date".json by default.
  5. Save the bookmarks json file. The Bookmarks backup filename window will close and you can close the Library window.

Step 4.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code:
    appwiz.cpl
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Java Auto Updater
    Java(TM) 6 Update 29
    Mozilla Firefox 11.0
  4. Take extra care in answering questions posed by any Uninstaller.
    Note: During FireFox uninstalling process please answer "Yes" for any questions regarding removing anything that may be kept, to be sure that everything will be deleted! <-- it is important!
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 5.
Install fresh Firefox
  1. Right click on Firefox Setup 11.0.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Then follow installation prompts...

Step 6.
Restore your Firefox Bookmarks
  1. Please open your FireFox browser.
  2. Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
  3. In the Library window, click the Import and Backup button and then select Restore....
  4. Choose bookmarks .json file you saved on your Desktop.
  5. After choosing a backup, your bookmarks from that file will be restored. Close the Library window.

Now, please make some searching with your fresh installed FireFox browser, and tell me, do you still have redirecting with it?

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of C:\_OTL\Moved Files\MMDDYYY_HHMMSS.log file after OTL fix.
  3. Answer for my question about FireFox browser redirecting.
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Top
 Profile E-mail  
 
jbitz
 Post subject: Re: Google redirect problem
New postPosted: Tue 10 Apr, 2012 7:15 pm 
Offline
Regular Member

Joined: Sat 13 Aug, 2011 12:04 am
Posts: 38
No Problems with the instructions
I have not experienced any redirects.
System is stable.

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry value HKEY_CURRENT_USER\Software\7-Zip\FM\\PanelPath0 deleted successfully.
Registry key HKEY_CURRENT_USER\Software\BitTorrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 16 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 18 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Gabest\Media Player Classic\Settings\\File Name 19 deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\uTorrentBar\UNWISE.EXE not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\7-Zip\FM\\PanelPath0 not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\BitTorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 16 not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 18 not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Gabest\Media Player Classic\Settings\\File Name 19 not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000\Software\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\DefaultIcon\\@ not found.
Registry value HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\Magnet\shell\open\command\\@ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-21-2428319956-2832503307-2180716793-1000_Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\www.bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\all-bittorrent.com\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\bittorrent\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\www.bittorrent\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jbitz
->Temp folder emptied: 335028 bytes
->Temporary Internet Files folder emptied: 29143864 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49073208 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 388 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2953733262 bytes

Total Files Cleaned = 2,892.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04102012_120730

Files\Folders moved on Reboot...
C:\Users\Jbitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Top
 Profile E-mail  
 
pgmigg
 Post subject: Re: Google redirect problem
New postPosted: Tue 10 Apr, 2012 8:06 pm 
Offline
MRU Honors Graduate
MRU Honors Graduate
User avatar

Joined: Tue 08 Jul, 2008 6:25 pm
Posts: 1679
Location: GMT-05:00
Hello jbitz,
Quote:
I have not experienced any redirects.
System is stable.
Nice job, thank you! :)

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
Latest Java Installation Needed!

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD LATEST VERSION
  1. Get the latest version (7u3) of Java Runtime Environment (JRE)...
    © Sun Microsystems, Inc.
  2. Click the "Download JRE" button to the right.
  3. Check "Accept License Agreement "
  4. Locate the entry for Windows x64 and click on the associated file name, save the file to your Desktop.

INSTALL Java
  1. Close all open applications (standard), especially your browser.
  2. From Desktop please right-click on jre-7u3-windows-x64.exe select "Run As Administrator..." to
    install the newest version.
  3. Follow the on-screen directions. When installation is completed successfully, please reboot your computer normally.
  4. Once the computer has been restarted, you can delete the "downloaded" installation file from your desktop.

OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time...
  1. Go to Control Panel and click on the JAVA icon.
  2. Press the Update tab and UNCHECK "Check for Updates Automatically". (You can check for updates manually.)
      Reply "Never Check" to the warning prompt.
  3. Now press the Advanced tab. Press the [+] to expand the "Miscellaneous" options.
  4. UNCHECK "Java Quick Starter".
  5. Press Apply and OK, then close the Java Control Panel and exit Control Panel.

Step 2.
Uninstall ComboFix
  1. Click on Start -> All programs -> Accessories -> Run.
  2. Copy and paste the value below, into the open text entry box:
    ComboFix /Uninstall
    Image
  3. Click OK.
The above procedure will reset your System Restore and clear out the backups and quarantines created during the course of this fix.

Step 3.
OTL - Run Fix Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image
    text box. Do not include the word Code
    Code:
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 4.
OTL-Cleanup
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Then please don't forget to enable all your defense software!

Finally, please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg

Top
 Profile E-mail  
 
jbitz
 Post subject: Re: Google redirect problem
New postPosted: Wed 11 Apr, 2012 11:20 am 
Offline
Regular Member

Joined: Sat 13 Aug, 2011 12:04 am
Posts: 38
Thanks again for your help in getting my system rid of those annoying redirects.
It's much appreciated!

Top
 Profile E-mail  
 
deltalima
 Post subject: Re: Google redirect problem
New postPosted: Wed 11 Apr, 2012 6:14 pm 
Offline
Admin/Teacher
Admin/Teacher
User avatar

Joined: Sat 28 Feb, 2009 9:38 pm
Posts: 7364
Location: UK
As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.

Top
 Profile E-mail  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  Page 2 of 2
  [ 24 posts ]  Go to page Previous  1, 2

Board index » Malware Removal » Malware Removal

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 8 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.

Member site: Alliance of Security Analysis Professionals | UNITE Against Malware

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group