Jump to content


Photo

Please Help - PUP.MyWebSearch


  • Please log in to reply
1 reply to this topic

#1 Jade11

Jade11

    New Member

  • Members
  • Pip
  • 4 posts

Posted 18 May 2012 - 08:58 PM

Hello everyone,

I am new to the forum. I ran a malwarebytes scan today and it indicated I had many infected files. I've attached a hijack this log and malwarebytes log below. Please advise as to what I should remove and thank you so much in advance.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:46:41 PM, on 5/18/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe
C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe
C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Nola\Desktop\HiJack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.co...inAxControl.CAB
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.5.4.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8337 bytes


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.18.07
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Nola :: NOLA-PC [administrator]
5/18/2012 2:08:35 PM
mbam-log-2012-05-18 (14-08-35).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349022
Time elapsed: 1 hour(s), 1 minute(s), 7 second(s)
Memory Processes Detected: 1
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> No action taken.
Memory Modules Detected: 1
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.
Registry Keys Detected: 69
HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> No action taken.
Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 35
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> No action taken.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> No action taken.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> No action taken.
(end)

#2 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,101 posts
  • Gender:Male
  • Location:US

Posted 18 May 2012 - 11:06 PM

Hello and welcome to Malwarebytes

If you think you are infected, here are the steps needed to get your computer cleaned....
Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:
  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support
OPTION 1


As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the
Malware Removal forum so a qualified helper can help you fix any malware related problems or infections you may have.

  • Please read and follow the directions here, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Follow this topic and choose Instantly,
    so that you're alerted when someone has replied to your post.
NOTE: Please do not post back to (bump) your topic within the first 48 hours.
Replying to your own posts changes the post count and helpers are looking for topics with zero replies.
If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

  • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    Or
  • You may send a Private Message to a Moderator asking for assistance.
OPTION 2


Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or here.


OPTION 3


If you would like to use our Malwarebytes Premium Consumer Services partner, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site.


Please be patient, someone will assist you as soon as possible.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users