Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Browser redirection problem

  • Please log in to reply
5 replies to this topic

#1 Corvax


  • Members
  • 3 posts
  • Local time:12:11 AM

Posted 24 March 2013 - 12:06 PM

Hello everyone,


About 4 days ago when I would try to access a specific site I kept getting redirected to "http://www.wildtangent.com/?dp=wildgames".  I'm not sure what would have triggered this constant redirection as I do not recall doing anything out of the ordinary.  This problem only occured when I was using Firefox as I could access the site with Internet Explorer.  I ran Malwarebytes as well as McAfee Stinger and nothing was found by either of them.  I also preformed virus scans with Bell Internet Security Services and also once more after switching to Microsoft Security Essentials and both times nothing came up.  Yesterday I was recommended by a friend to restore my computer to earlier settings but this did not solve the problem.  Oddly enough, as I was getting ready to type up this post, I went to verify that the problem was still persisting and I was actually not being redirected anymore even though I have not tried anything else to resolve the issue.  Although it seems to be gone at the moment, I'd love to know if anyone would have an idea as to what this is and how I could possibly stop it if it were to happen again.  I'm running Windows 7 and, in case it's relevant, I do not have Wildtangent installed on my computer.


Thanks in advance,


BC AdBot (Login to Remove)


#2 narenxp


  • BC Advisor
  • 16,371 posts
  • Gender:Male
  • Location:India
  • Local time:11:11 PM

Posted 24 March 2013 - 12:09 PM

AdwCleaner by Xplode - Search for Adware


  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


Junkware Removal Tooll by thisisu

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


Restart the PC and  test your browser.

#3 Corvax

  • Topic Starter

  • Members
  • 3 posts
  • Local time:12:11 AM

Posted 24 March 2013 - 12:55 PM

Thanks for the quick reply.  The problem has not resurfaced so I'm still able to access the site.  Here are the logs.




# AdwCleaner v2.115 - Logfile created 03/24/2013 at 13:13:23

# Updated 17/03/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Corvax - MINET

# Boot Mode : Normal

# Running from : C:\Users\Corvax\Desktop\AdwCleaner.exe

# Option [Delete]



***** [Services] *****



***** [Files / Folders] *****


File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Dan\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Dan\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Corvax\AppData\Local\Babylon

Folder Deleted : C:\Users\Corvax\AppData\Local\Zoom_Downloader

Folder Deleted : C:\Users\Corvax\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Corvax\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\Corvax\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Corvax\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Corvax\AppData\Roaming\Mozilla\Firefox\Profiles\v4qnr5ca.default\jetpack


***** [Registry] *****


Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Software

Key Deleted : HKLM\SOFTWARE\Tarma Installer


***** [Internet Browsers] *****


-\\ Internet Explorer v9.0.8112.16470


[OK] Registry is clean.


-\\ Mozilla Firefox v19.0.2 (en-US)


File : C:\Users\Corvax\AppData\Roaming\Mozilla\Firefox\Profiles\v4qnr5ca.default\prefs.js


C:\Users\Corvax\AppData\Roaming\Mozilla\Firefox\Profiles\v4qnr5ca.default\user.js ... Deleted !


[OK] File is clean.


File : C:\Users\Wendy\AppData\Roaming\Mozilla\Firefox\Profiles\nzw4g8uu.default\prefs.js


[OK] File is clean.


File : C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\9m9qrhp5.default\prefs.js


[OK] File is clean.




AdwCleaner[R1].txt - [2514 octets] - [24/03/2013 13:13:01]

AdwCleaner[S1].txt - [2459 octets] - [24/03/2013 13:13:23]


########## EOF - C:\AdwCleaner[S1].txt - [2519 octets] ##########






Junkware Removal Tool



Junkware Removal Tool (JRT) by Thisisu

Version: 4.7.3 (03.23.2013:1)

OS: Windows 7 Home Premium x64

Ran by Corvax on 24/03/2013 at 13:25:51.78






~~~ Services




~~~ Registry Values


Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}




~~~ Registry Keys


Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\utorrentbar




~~~ Files


Successfully deleted: [File] C:\eula.1028.txt

Successfully deleted: [File] C:\eula.1031.txt

Successfully deleted: [File] C:\eula.1033.txt

Successfully deleted: [File] C:\eula.1036.txt

Successfully deleted: [File] C:\eula.1040.txt

Successfully deleted: [File] C:\eula.1041.txt

Successfully deleted: [File] C:\eula.1042.txt

Successfully deleted: [File] C:\eula.2052.txt

Successfully deleted: [File] C:\install.res.1028.dll

Successfully deleted: [File] C:\install.res.1031.dll

Successfully deleted: [File] C:\install.res.1033.dll

Successfully deleted: [File] C:\install.res.1036.dll

Successfully deleted: [File] C:\install.res.1040.dll

Successfully deleted: [File] C:\install.res.1041.dll

Successfully deleted: [File] C:\install.res.1042.dll

Successfully deleted: [File] C:\install.res.2052.dll

Successfully deleted: [File] C:\install.res.3082.dll




~~~ Folders


Successfully deleted: [Folder] "C:\Users\Corvax\appdata\locallow\utorrentbar"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"




~~~ FireFox


Successfully deleted: [File] "C:\Users\Corvax\AppData\Roaming\mozilla\firefox\profiles\v4qnr5ca.default\extensions\jid0-0PGffAcVvhUBieFYkRVVc5w6lIU@jetpack.xpi"

Emptied folder: C:\Users\Corvax\AppData\Roaming\mozilla\firefox\profiles\v4qnr5ca.default\minidumps [229 files]




~~~ Event Viewer Logs were cleared







Scan was completed on 24/03/2013 at 13:31:56.53

End of JRT log


#4 narenxp


  • BC Advisor
  • 16,371 posts
  • Gender:Male
  • Location:India
  • Local time:11:11 PM

Posted 24 March 2013 - 08:59 PM

Remove temporary and junk files

Download Temp file cleaner from HERE.Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Create a new restore point

Follow this guide to turn off and turn on your restore points

Windows XP

Vista & windows 7

Windows 8

Turn off your system restore-It deletes old infected restore points.Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old versions of java and flash player from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/ & http://www.adobe.com/support/flashplayer/downloads.html

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

Best Practices for Safe Computing - Prevention of Malware Infection

Simple and easy ways to keep your computer safe and secure on the Internet

Safe surfing :)

#5 Corvax

  • Topic Starter

  • Members
  • 3 posts
  • Local time:12:11 AM

Posted 25 March 2013 - 06:08 PM

Thank you very much narenxp, I really appreciated you taking the time to help me!

#6 narenxp


  • BC Advisor
  • 16,371 posts
  • Gender:Male
  • Location:India
  • Local time:11:11 PM

Posted 25 March 2013 - 06:35 PM


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users