Jump to content


Photo
- - - - -

MyWebSearch Infection


  • This topic is locked This topic is locked
6 replies to this topic

#1 Jade11

Jade11

    New Member

  • Members
  • Pip
  • 4 posts

Posted 18 May 2012 - 11:13 PM

Hello everyone,

I am new to the forum. I ran a malwarebytes scan today and it indicated I had many infected files. I've attached a hijack this log and malwarebytes log below. Please advise as to what I should remove and thank you so much in advance.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:46:41 PM, on 5/18/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe
C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe
C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Nola\Desktop\HiJack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.co...inAxControl.CAB
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.5.4.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8337 bytes


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.18.07
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Nola :: NOLA-PC [administrator]
5/18/2012 2:08:35 PM
mbam-log-2012-05-18 (14-08-35).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349022
Time elapsed: 1 hour(s), 1 minute(s), 7 second(s)
Memory Processes Detected: 1
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> No action taken.
Memory Modules Detected: 1
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.
Registry Keys Detected: 69
HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> No action taken.
Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 35
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> No action taken.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> No action taken.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> No action taken.
(end)

#2 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 19 May 2012 - 06:27 AM

Posted Image

Logs will be closed if you haven't replied within 3 days


Please don't attach the scans / logs for these tools, use "copy/paste".


DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.



Please run a new MBAM scan being sure to update before scanning.
Remove whatever it finds.

Post the scan results

Also please describe how your computer behaves at the moment.


Please don't attach the scans / logs, use "copy/paste".
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 Jade11

Jade11

    New Member

  • Members
  • Pip
  • 4 posts

Posted 19 May 2012 - 12:18 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.18.07
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Nola :: NOLA-PC [administrator]
5/19/2012 7:25:11 AM
mbam-log-2012-05-19 (07-25-11).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349496
Time elapsed: 57 minute(s), 30 second(s)
Memory Processes Detected: 3
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5412 -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5512 -> Delete on reboot.
Memory Modules Detected: 11
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot.
Registry Keys Detected: 69
HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 35
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.
C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.
(end)

Rebooted and ran another MWB scan:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.18.07
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Nola :: NOLA-PC [administrator]
5/19/2012 8:51:27 AM
mbam-log-2012-05-19 (08-51-27).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349291
Time elapsed: 1 hour(s), 5 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

My computer wasn't really having any serious issues, but I did not want to delete files without knowing if I was only going to make things worse, if that makes any sense. Thank you so much for your help. It is greatly apprecited.

#4 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 19 May 2012 - 05:21 PM

How's it running now?
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#5 Jade11

Jade11

    New Member

  • Members
  • Pip
  • 4 posts

Posted 19 May 2012 - 07:09 PM

Seems to be running fine. I used the computer some more today and then ran a few subsequent scans using mwb and it did not detect any infections. Thank you again for all of your help.

#6 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 20 May 2012 - 07:32 AM

You're more than welcome.
Glad we were able to help

Peace be with you Posted Image
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook

#7 LDTate

LDTate

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 21,126 posts
  • Gender:Male
  • Location:Missouri, USA

Posted 20 May 2012 - 07:32 AM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Larry Tate
Product Support

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users