Yes, I know what the PirateBay is. Do you?
The Pirate Bay (commonly abbreviated to TPB or tpb) is a Swedish website that indexes BitTorrent (.torrent) files. According to the Los Angeles Times, The Pirate Bay is "one of the world's largest facilitators of illegal downloading", and "the most visible member of a burgeoning international anti-copyright or pro-piracy-movement"
The website is run by Gottfrid Svartholm (anakata) and Fredrik Neij (TiAMO), who have both been charged with "assisting in making copyrighted content available" due to their involvement in The Pirate Bay.
More here:
http://en.wikipedia.org/wiki/The_Pirate_Bay
Please note the type of files it 'lists.' A rose by any other name is still file sharing aka P2P.
Please reopen HijackThis to
'do system scan only.' check each of the following if present. Note:Optional Removals are in green. Read description to decide whether to remove:
C:\Users\Home Office\Downloads\jxpiinstall-rv.exe>> General-Search File Share Search Engine. See Option 2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 91.121.221.171 thepiratebay.org>> See Option 1
O1 - Hosts: 91.121.221.171 www.thepiratebay.org>> See Option 1
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)>> AVG v8 toolbar
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll>> See Option 3
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll>> See Option 3
[O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)>> AVG v8 toolbar
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')>> See Option 2
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
>> See Option 2
O20 - AppInit_DLLs: ???-?,avgrsstx.dll
Option1: P2P or File sharing: Piratebay, File search
Previously explained
Option 2:
Add and Remove Local Packs: mctadmin.exe
http://technet.microsoft.com/en-us/library/dd799277(WS.10).aspx
Option 3: Foistware. Ask toolbar
You have the Ask Toolbar installed, I would recommend you uninstall it - decide after taking a look at this article:
http://www.benedelman.org/spyware/ask-toolbars/
Close all Windows except HijackThis and click on
"Fix Checked."
If you decided to remove the AskToolbar: (this is frequently pre-checked on a download site. If you don't uncheck it, it will download with the program which is unrelated to the toolbar)
I am uncertain as to the exact path on Windows 7, but it should be similar to below:
Uninstall the AskToolbar
1. Close all open Web browsers
2. From the "Start" menu in Windows, select "Control Panel"
3. Under the "Programs" icon, select "Uninstall a program" (use Windows Explorer> Local Drive> Programs)
4. Select the program with the Ask logo and the text "Ask Toolbar" (or our partner’s brand for a custom Toolbar)
5. Click "Uninstall" and then "Continue" to remove the Toolbar
If you reopen your Web browser and still see the Toolbar, you may need to restart your computer for the uninstall process to be completed.
Since you question a Google Redirect, I'd like you to describe what's happening:
1. If you type a word in the Google search box, and then choose one of the sites that comes up, what happens?
2. Does a different site load?
3. Does any site load?
4. Are the sites the same/different?
5. Are you sure you're not seeing a Google page saying DNS server couldn't be contacted?
Do a rescan with HijackThis and attach a new log on next reply- please include the description answers for me.