Jade11

MyWebSearch Infection

7 posts in this topic

Hello everyone,

I am new to the forum. I ran a malwarebytes scan today and it indicated I had many infected files. I've attached a hijack this log and malwarebytes log below. Please advise as to what I should remove and thank you so much in advance.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:46:41 PM, on 5/18/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe

C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe

C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Nola\Desktop\HiJack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: Logitech SetPoint.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.co...inAxControl.CAB

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.5.4.cab

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 8337 bytes

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.18.07

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Nola :: NOLA-PC [administrator]

5/18/2012 2:08:35 PM

mbam-log-2012-05-18 (14-08-35).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 349022

Time elapsed: 1 hour(s), 1 minute(s), 7 second(s)

Memory Processes Detected: 1

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> No action taken.

Memory Modules Detected: 1

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.

Registry Keys Detected: 69

HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> No action taken.

Registry Values Detected: 3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 35

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> No action taken.

C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> No action taken.

C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> No action taken.

(end)

Share this post


Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Remove whatever it finds.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.18.07

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Nola :: NOLA-PC [administrator]

5/19/2012 7:25:11 AM

mbam-log-2012-05-19 (07-25-11).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 349496

Time elapsed: 57 minute(s), 30 second(s)

Memory Processes Detected: 3

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5412 -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5512 -> Delete on reboot.

Memory Modules Detected: 11

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot.

Registry Keys Detected: 69

HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken.

HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 3

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 35

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

(end)

Rebooted and ran another MWB scan:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.18.07

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Nola :: NOLA-PC [administrator]

5/19/2012 8:51:27 AM

mbam-log-2012-05-19 (08-51-27).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 349291

Time elapsed: 1 hour(s), 5 minute(s), 58 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

My computer wasn't really having any serious issues, but I did not want to delete files without knowing if I was only going to make things worse, if that makes any sense. Thank you so much for your help. It is greatly apprecited.

Share this post


Link to post
Share on other sites

Seems to be running fine. I used the computer some more today and then ran a few subsequent scans using mwb and it did not detect any infections. Thank you again for all of your help.

Share this post


Link to post
Share on other sites

You're more than welcome.

Glad we were able to help

Peace be with you wavey.gif

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.