Help with websearch.pu-results.info

Posted 3/8/2013 4:37 PM
#95204
User avatar

Brimstone Advanced member

Date Joined Nov 2016
Total Posts: 75
Looks like I've been hijacked with this websearch.pu-results.info.



Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.08.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Owner :: OWNER-PC [administrator]

3/8/2013 8:59:51 PM
mbam-log-2013-03-08 (20-59-51).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 346813
Time elapsed: 2 hour(s), 47 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:42 PM, on 12/3/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Owner\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5
Posted 3/8/2013 6:52 PM
#95206
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi there,


Please follow this guide to remove the search engine and (if any) the associated toolbar.

Next, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ and delete the entry associated with websearch.pu-results.info.

Let me know the result.

Cheers!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 3/8/2013 9:20 PM
#95211
User avatar

Brimstone Advanced member

Date Joined Nov 2016
Total Posts: 75
Everything seems to be back to normal.

Thanks!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, May 27, 2017, 4:29 AM (GMT +2)
There are a total of 61,213 posts in 13,467 threads.
In the last 3 days there were 1 new threads and 2 reply posts.

Who's online

This forum has 38,033 registered members. Please welcome our newest member, shaynahamilton.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.