also @ TechSpot: Blizzard talks Diablo 3 facts, nerfing and buffs for legendary items

TechSpot
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync.
Microsoft Office 365. Pay-as-you-go starting at $8/user/month. Begin your free trial now.

[Solved] Google and Yahoo search engine results get redirected

Discussion in 'Virus and Malware Removal' started by sravaka506, Sep 8, 2011.

Thread Status:
Not open for further replies.
Page 3 of 3

  1. sravaka506 Newcomer, in training

    Thanks Broni,

    I went through the 13 steps and installed a bunch of things (Secunia, SpyWareBlaster, etc, etc) and will definitely keep things safe. Here is the output of my latest OTL scan before cleanup:

    All processes killed
    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
    Registry value HKEY_USERS\S-1-5-21-1250386527-3665318005-4005016050-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
    Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
    File/Folder C:\Windows\*.tmp not found.
    File C:\ProgramData\~P1kAlMiG2Kb7Fz not found.
    File C:\ProgramData\~P1kAlMiG2Kb7Fzr not found.
    File C:\ProgramData\P1kAlMiG2Kb7Fz not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: user
    ->Temp folder emptied: 82944 bytes
    ->Temporary Internet Files folder emptied: 39906971 bytes
    ->Java cache emptied: 3993606 bytes
    ->FireFox cache emptied: 7219332 bytes
    ->Flash cache emptied: 1464497 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 6898 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 13999658 bytes

    Total Files Cleaned = 64.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: user
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.27.0 log created on 09112011_142747

    Files\Folders moved on Reboot...
    File\Folder C:\Users\user\AppData\Local\Temp\~DFCD57.tmp not found!
    File\Folder C:\Users\user\AppData\Local\Temp\~DFCD63.tmp not found!
    File\Folder C:\Users\user\AppData\Local\Temp\~DFCDBA.tmp not found!
    File\Folder C:\Users\user\AppData\Local\Temp\~DFCDC5.tmp not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\c=52_rand=808466391_pv=y_rt=ifr[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\click[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\e[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\fan[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\login_status[1].htm moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\m[1].htm not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\redirect_v92_cim_11_12_4[1].html moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\set[2].gif not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\track-home[1].htm moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\20110911212818[1].htm not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\index[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\lgl[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\ad[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[3].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[4].htm moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[5].htm not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\provider[1].htm moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5TLVA1R\e[1].htm not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5TLVA1R\janumet[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KOQ7D9T\detect[1].act moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KOQ7D9T\login_status[3].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\bn[1].htm moved successfully.
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[1] not found!
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[2] not found!
    File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[3] not found!
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ie[1].css moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\jquery-ui[1].css moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\01[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\audmeasure[1].gif moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\visitormatch[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\x1743[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\blank[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\likeCAKCT3D8.htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[10].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[11].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[1].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[2].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[3].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[4].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[5].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[6].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[7].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[8].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[9].htm moved successfully.
    C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\robert-pattinson-reese-witherspoons-australia-arrival-503088[1].htm moved successfully.

    Registry entries deleted on Reboot...


    Many thanks to you!!!!
    sravaka506, Sep 13, 2011
    #41

  2. Broni Malware Annihilator

    You're very welcome [IMG]
    Broni, Sep 13, 2011
    #42
Page 3 of 3
Thread Status:
Not open for further replies.