Help with websearch.pu-results.info

Posted 3/8/2013 4:37 PM
#95204
User avatar

Brimstone Advanced member

Date Joined Nov 2016
Total Posts: 75
Looks like I've been hijacked with this websearch.pu-results.info. <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware 1.70.0.1100 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.03.08.11 <br/> <br/>Windows Vista Service Pack 2 x86 NTFS <br/>Internet Explorer 7.0.6002.18005 <br/>Owner :: OWNER-PC [administrator] <br/> <br/>3/8/2013 8:59:51 PM <br/>mbam-log-2013-03-08 (20-59-51).txt <br/> <br/>Scan type: Full scan (C:\|D:\|E:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 346813 <br/>Time elapsed: 2 hour(s), 47 minute(s), 11 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/> <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 10:42:42 PM, on 12/3/2012 <br/>Platform: Windows Vista SP2 (WinNT 6.00.1906) <br/>MSIE: Internet Explorer v7.00 (7.00.6002.18005) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files\Windows Sidebar\sidebar.exe <br/>C:\Users\Owner\Program Files\DNA\btdna.exe <br/>C:\Program Files\Windows Media Player\wmpnscfg.exe <br/>C:\Program Files\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files\OpenOffice.org 3\program\soffice.bin <br/>C:\Windows\system32\wbem\unsecapp.exe <br/>C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <br/> <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) <br/>O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll <br/>O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll <br/>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKCU\..\Run: [Windows Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun <br/>O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun <br/>O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Owner\Program Files\DNA\btdna.exe" <br/>O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet <br/>O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe <br/>O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 <br/>O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) <br/>O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL <br/>O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing) <br/>O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/> <br/>-- <br/>End of file - 5937 bytes <br/> <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_x86 <br/>Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 10.17.2 <br/>Run by Owner at 0:25:26 on 2013-03-09 <br/>Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.957.415 [GMT 8:00] <br/>. <br/>. <br/>============== Running Processes ================ <br/>. <br/>C:\Windows\system32\wininit.exe <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\Ati2evxx.exe <br/>C:\Windows\system32\SLsvc.exe <br/>C:\Windows\system32\Ati2evxx.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\DivX\DivX Update\DivXUpdate.exe <br/>C:\Users\Owner\Program Files\DNA\btdna.exe <br/>C:\Program Files\Windows Media Player\wmpnscfg.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Windows\system32\wbem\unsecapp.exe <br/>C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files\Windows Sidebar\sidebar.exe <br/>C:\Program Files\Windows Sidebar\sidebar.exe <br/>C:\Windows\system32\msiexec.exe <br/>C:\Windows\system32\vssvc.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k rpcss <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Windows\System32\svchost.exe -k WerSvcGroup <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Windows\System32\svchost.exe -k swprv <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://websearch.pu-results.info/?pid=320&r=2013/03/07&hid=1337005119&lg=EN&cc=PH <br/>mStart Page = hxxp://websearch.pu-results.info/?pid=320&r=2013/03/07&hid=1337005119&lg=EN&cc=PH <br/>uProxyOverride = <local> <br/>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll <br/>BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll <br/>BHO: Searrch-NewTab: {86420F49-D598-E877-D553-70F5E7202BD9} - c:\programdata\searrch-newtab\5138ce104febb.dll <br/>BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll <br/>TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll <br/>TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll <br/>TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll <br/>uRun: [Windows Sidebar] "c:\program files\windows sidebar\Sidebar.exe" /autorun <br/>uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun <br/>uRun: [BitTorrent DNA] "c:\users\owner\program files\dna\btdna.exe" <br/>uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet <br/>uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe <br/>mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe <br/>mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe <br/>mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" <br/>mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW <br/>mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui <br/>mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" <br/>mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:36 <br/>uPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 <br/>mPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe <br/>IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} <br/>TCP: NameServer = 202.78.117.7 210.4.2.61 <br/>TCP: Interfaces\{26F2A457-84DA-4EFF-BA9F-A7217391F6C6} : DHCPNameServer = 202.78.117.7 210.4.2.61 <br/>TCP: Interfaces\{DD255404-D55C-48BB-B63E-5A5270A8A967} : DHCPNameServer = 202.78.117.7 210.4.2.61 <br/>LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.152\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\inv9kh01.default\ <br/>FF - prefs.js: browser.search.defaulturl - hxxp://websearch.pu-results.info/?pid=320&r=2013/03/07&hid=1337005119&lg=EN&cc=PH&l=1&q= <br/>FF - prefs.js: browser.search.selectedEngine - Google <br/>FF - prefs.js: browser.startup.homepage - about:home <br/>FF - prefs.js: keyword.URL - hxxp://websearch.pu-results.info/?pid=320&r=2013/03/07&hid=1337005119&lg=EN&cc=PH&l=1&q= <br/>FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll <br/>FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll <br/>FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll <br/>FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll <br/>FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll <br/>FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll <br/>FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll <br/>FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npatgpc.dll <br/>FF - plugin: c:\users\owner\program files\dna\plugins\npbtdna.dll <br/>FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_171.dll <br/>FF - plugin: c:\windows\system32\npdeployJava1.dll <br/>FF - plugin: c:\windows\system32\npmproxy.dll <br/>FF - ExtSQL: 2013-03-08 01:28; w7a@kkeaiaayoy.net; c:\users\owner\appdata\roaming\mozilla\firefox\profiles\inv9kh01.default\extensions\w7a@kkeaiaayoy.net <br/>FF - ExtSQL: 2013-03-08 01:28; iiexc@auuoyg-jck.com; c:\users\owner\appdata\roaming\mozilla\firefox\profiles\inv9kh01.default\extensions\iiexc@auuoyg-jck.com <br/>FF - ExtSQL: 2013-03-08 16:58; wrc@avast.com; c:\program files\avast software\avast\webrep\FF <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-8 164736] <br/>R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-3-8 765736] <br/>R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-3-8 368176] <br/>R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-3-8 29816] <br/>R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-8 66336] <br/>R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-3-8 45248] <br/>R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-22 21504] <br/>R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\drivers\RTL85n86.sys [2006-11-2 311808] <br/>S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-8 49248] <br/>S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184] <br/>. <br/>=============== File Associations =============== <br/>. <br/>ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1" <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-03-08 16:23:51 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll <br/>2013-03-08 09:01:27 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys <br/>2013-03-08 09:01:26 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys <br/>2013-03-08 09:01:24 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys <br/>2013-03-08 09:01:20 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys <br/>2013-03-08 08:56:57 41664 ----a-w- c:\windows\avastSS.scr <br/>2013-03-07 21:16:47 -------- d-----w- c:\users\owner\appdata\local\temp <br/>2013-03-07 21:15:34 -------- d-sh--w- C:\$RECYCLE.BIN <br/>2013-03-07 20:56:34 98816 ----a-w- c:\windows\sed.exe <br/>2013-03-07 20:56:34 256000 ----a-w- c:\windows\PEV.exe <br/>2013-03-07 20:56:34 208896 ----a-w- c:\windows\MBR.exe <br/>2013-03-07 17:28:22 -------- d-----w- c:\programdata\SoftSafe <br/>2013-03-07 17:28:06 -------- d-----w- c:\programdata\BetterSoft <br/>2013-03-07 17:27:28 -------- d-----w- c:\programdata\Searrch-NewTab <br/>2013-03-07 17:27:23 -------- d-----w- c:\program files\WebSearch <br/>2013-03-07 17:27:04 -------- d-----w- c:\program files\VaudiX <br/>2013-03-07 17:26:49 -------- d-----w- c:\programdata\VAudix <br/>2013-03-07 17:26:08 -------- d-----w- c:\programdata\InstallMate <br/>2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-03-08 16:22:40 861088 ----a-w- c:\windows\system32\npdeployJava1.dll <br/>2013-03-08 16:22:39 782240 ----a-w- c:\windows\system32\deployJava1.dll <br/>2013-03-04 21:02:19 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2013-03-04 21:02:18 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2012-12-20 20:03:51 12872 ----a-w- c:\windows\system32\bootdelete.exe <br/>2012-12-14 08:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>. <br/>============= FINISH: 0:26:39.84 =============== <br/> <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft® Windows Vista™ Home Premium <br/>Boot Device: \Device\HarddiskVolume2 <br/>Install Date: 2/28/2007 12:42:08 PM <br/>System Uptime: 3/8/2013 4:34:37 PM (8 hours ago) <br/>. <br/>Motherboard: Gateway | | <br/>Processor: Genuine Intel(R) CPU T2060 @ 1.60GHz | U23 | 800/mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 139 GiB total, 99.175 GiB free. <br/>D: is FIXED (NTFS) - 10 GiB total, 4.424 GiB free. <br/>E: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP285: 12/23/2012 2:24:38 AM - Removed Java(TM) 6 Update 37 <br/>RP286: 12/23/2012 2:39:56 AM - Installed Java 7 Update 10 <br/>RP287: 12/23/2012 2:50:21 AM - evillante <br/>RP288: 12/25/2012 11:43:54 PM - Installed Chinese Traditional Fonts Support For Adobe Reader X. <br/>RP289: 1/20/2013 9:11:14 PM - Installed Java 7 Update 11 <br/>RP290: 2/3/2013 11:01:21 PM - Installed Java 7 Update 13 <br/>RP291: 2/27/2013 4:23:59 AM - Installed Java 7 Update 15 <br/>RP292: 3/8/2013 4:53:13 PM - avast! Free Antivirus Setup <br/>RP293: 3/9/2013 12:14:04 AM - Removed Java 7 Update 15 <br/>RP294: 3/9/2013 12:21:35 AM - Installed Java 7 Update 17 <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Activation Assistant for the 2007 Microsoft Office suites <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Flash Player 11 Plugin <br/>Adobe Reader X (10.1.6) <br/>Agere Systems HDA Modem <br/>ATI Catalyst Control Center Ex <br/>avast! Free Antivirus <br/>Bejeweled 2 Deluxe <br/>BigFix <br/>Blasterball 3 <br/>CCleaner <br/>Chinese Traditional Fonts Support For Adobe Reader X <br/>Compatibility Pack for the 2007 Office system <br/>Diner Dash <br/>DivX Setup <br/>DNA <br/>FATE <br/>Garmin Trip and Waypoint Manager v3 <br/>Gateway Recovery Center Installer <br/>Google Chrome <br/>Google Toolbar for Internet Explorer <br/>Google Update Helper <br/>Google Updater <br/>HijackThis 2.0.2 <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) <br/>Java 7 Update 17 <br/>Java Auto Updater <br/>Linkit_eBay <br/>Malwarebytes Anti-Malware version 1.70.0.1100 <br/>Microsoft .NET Framework 3.5 SP1 <br/>Microsoft Digital Image Library 9 - Blocker <br/>Microsoft Digital Image Starter Edition 2006 <br/>Microsoft Digital Image Starter Edition 2006 Editor <br/>Microsoft Digital Image Starter Edition 2006 Library <br/>Microsoft Money 2006 <br/>Microsoft Office Excel Viewer <br/>Microsoft Office Professional Edition 2003 <br/>Microsoft Office Project Professional 2003 <br/>Microsoft Silverlight <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>Microsoft Works <br/>Mozilla Firefox 19.0.2 (x86 en-US) <br/>Mozilla Maintenance Service <br/>MSXML 4.0 SP2 (KB936181) <br/>MSXML 4.0 SP2 (KB941833) <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>MSXML 4.0 SP2 Parser and SDK <br/>Napster <br/>Napster Burn Engine <br/>OGA Notifier 2.0.0048.0 <br/>OptimizerPro <br/>PCSWMM 2005 <br/>Penguins! <br/>Polar Bowler <br/>Polar Golfer <br/>Power2Go 5.0 <br/>Real Alternative 1.9.0 <br/>SCRABBLE <br/>Search Assistant WebSearch 1.74 <br/>Searrch-NewTab <br/>SigmaTel Audio <br/>Synaptics Pointing Device Driver <br/>Tradewinds <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707) <br/>VaudiX 1.74 <br/>VC80CRTRedist - 8.0.50727.6195 <br/>WebEx <br/>WildTangent Web Driver <br/>Windows Media Player Firefox Plugin <br/>WinRAR archiver <br/>Xvid 1.2.1 final uninstall <br/>Yahoo! Browser Services <br/>Yahoo! Install Manager <br/>Yahoo! Internet Mail <br/>Yahoo! Messenger <br/>Yahoo! Software Update <br/>. <br/>==== End Of File =========================== <br/> <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end)
Posted 3/8/2013 6:52 PM
#95206
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi there, <br/> <br/> <br/>Please follow this guide to remove the search engine and (if any) the associated toolbar. <br/> <br/>Next, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ and delete the entry associated with websearch.pu-results.info. <br/> <br/>Let me know the result. <br/> <br/>Cheers!
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 3/8/2013 9:20 PM
#95211
User avatar

Brimstone Advanced member

Date Joined Nov 2016
Total Posts: 75
Everything seems to be back to normal. <br/> <br/>Thanks!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, December 5, 2016, 9:47 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 2 new threads and 3 reply posts.

Who's online

This forum has 37,965 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.