Jump to content

Jade11

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Seems to be running fine. I used the computer some more today and then ran a few subsequent scans using mwb and it did not detect any infections. Thank you again for all of your help.
  2. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.18.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Nola :: NOLA-PC [administrator] 5/19/2012 7:25:11 AM mbam-log-2012-05-19 (07-25-11).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 349496 Time elapsed: 57 minute(s), 30 second(s) Memory Processes Detected: 3 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5412 -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> 5512 -> Delete on reboot. Memory Modules Detected: 11 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot. Registry Keys Detected: 69 HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken. HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully. HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Detected: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 35 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> Delete on reboot. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully. (end) Rebooted and ran another MWB scan: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.18.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Nola :: NOLA-PC [administrator] 5/19/2012 8:51:27 AM mbam-log-2012-05-19 (08-51-27).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 349291 Time elapsed: 1 hour(s), 5 minute(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) My computer wasn't really having any serious issues, but I did not want to delete files without knowing if I was only going to make things worse, if that makes any sense. Thank you so much for your help. It is greatly apprecited.
  3. Hello everyone, I am new to the forum. I ran a malwarebytes scan today and it indicated I had many infected files. I've attached a hijack this log and malwarebytes log below. Please advise as to what I should remove and thank you so much in advance. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:46:41 PM, on 5/18/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nola\Desktop\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.co...inAxControl.CAB O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.5.4.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8337 bytes Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.18.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Nola :: NOLA-PC [administrator] 5/18/2012 2:08:35 PM mbam-log-2012-05-18 (14-08-35).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 349022 Time elapsed: 1 hour(s), 1 minute(s), 7 second(s) Memory Processes Detected: 1 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> No action taken. Memory Modules Detected: 1 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken. Registry Keys Detected: 69 HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> No action taken. Registry Values Detected: 3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> No action taken. HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 35 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> No action taken. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> No action taken. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> No action taken. (end)
  4. Hello everyone, I am new to the forum. I ran a malwarebytes scan today and it indicated I had many infected files. I've attached a hijack this log and malwarebytes log below. Please advise as to what I should remove and thank you so much in advance. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:46:41 PM, on 5/18/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Nola\Desktop\HiJack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nola\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8337 bytes Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.18.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Nola :: NOLA-PC [administrator] 5/18/2012 2:08:35 PM mbam-log-2012-05-18 (14-08-35).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 349022 Time elapsed: 1 hour(s), 1 minute(s), 7 second(s) Memory Processes Detected: 1 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> 3188 -> No action taken. Memory Modules Detected: 1 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken. Registry Keys Detected: 69 HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{4f28fa5f-7d15-4753-b4fc-d548a0f02bfb} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{0396d01a-1323-4a15-bd0c-1bc7510f46c6} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{A8168AFE-9F36-49DE-A80A-00D19FB50207} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{f3477e9d-d2f6-49f0-9b23-854d7958d07e} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{bf78452b-f168-4310-9ec0-4b9b66b845f0} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{7A739956-FB82-4379-AF60-E38C48226AA7} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a083c35d-61a9-4625-bbb6-fb54e71b8527} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.DynamicBarButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.DynamicBarButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{c4a25b73-8ef5-4282-9d21-c8920dd577a1} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{15106ae4-6bdf-443e-80b0-3e38b59d26ec} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{9EF88362-131D-48B0-8969-CCC96F897AB8} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.FeedManager.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.FeedManager (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{a35ff019-6dbe-4044-b080-6f3fa78a947f} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{8feeda9e-8f71-45df-a797-468226d1d35b} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{C285FFF4-DE32-402D-B8FD-6F34F1D5920C} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLPanel (PUP.MyWebSearch) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A35FF019-6DBE-4044-B080-6F3FA78A947F} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.HTMLMenu (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{5e1bdcf6-dd5f-4dd3-8783-b1454aef1830} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{d833690c-6e56-46c2-a19f-cf5fd81c9c9a} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{200F1306-1316-473B-90CE-A777144BBDF5} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{cae88e60-cea5-4fcb-b611-54ea6305d8ab} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.MultipleButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.MultipleButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1796ec91-d094-4a5f-b681-e16015d1ceac} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{3141fb47-2f0f-417d-a6fe-7047c5d2bbb4} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{16C7BB64-AC8D-4863-92ED-799D20F001DA} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.XMLSessionPlugin.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.XMLSessionPlugin (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1796EC91-D094-4A5F-B681-E16015D1CEAC} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{37ed966d-4d0e-4d66-9633-bea542c92860} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{87792411-b73a-435e-86f3-ae633a690e84} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{E2DAE1A4-09EE-4209-AD3B-1C96330EDCEF} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.RadioSettings.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.RadioSettings (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{db1384d8-1bda-4c8d-a743-e9ca671feb00} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ScriptButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ScriptButton (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{1241cebd-9777-4bc6-aae5-2a77e25db246} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{64fbf8b6-c770-401a-8b84-f630edaf4448} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{0D8734DB-7110-4CDB-833F-52BC93865AB2} (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{e045df14-bf1d-405c-a37b-a75c1551ad17} (PUP.MyWebSearch) -> No action taken. HKCR\TypeLib\{f9b90065-cd7a-4439-b311-b292299182a9} (PUP.MyWebSearch) -> No action taken. HKCR\Interface\{47A124BA-A6E2-4ED4-AA6F-84FF29E4D7DC} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E045DF14-BF1D-405C-A37B-A75C1551AD17} (PUP.MyWebSearch) -> No action taken. HKCR\CLSID\{b70e008c-967b-4104-bc7b-6f7c77dbc38d} (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken. HKCR\MapsGalaxy_39.UrlAlertButton (PUP.MyWebSearch) -> No action taken. Registry Values Detected: 3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> No action taken. HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 35 C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39auxstb.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39datact.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dlghk.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39dyn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39feedmg.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39highin.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39hkstub.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39html.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39htmlmu.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39httpct.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39idle.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39ieovr.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39impipe.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39medint.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39mlbtn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39msg.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39Plugin.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39radio.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regfft.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39reghk.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39regiet.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39script.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skin.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39skplay.exe (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39tpinst.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39uabtn.dll (PUP.MyWebSearch) -> No action taken. C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (PUP.MyWebSearch) -> No action taken. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34HLYLK2\TotalRecipeSearch.exe (PUP.FunWebProducts) -> No action taken. C:\Users\Nola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83NBX603\MapsGalaxy.exe (PUP.FunWebProducts) -> No action taken. (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.