I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
65DYN.DLL – Adware MyWebSearch removal
| File | MD5 | Virus Alias |
|---|---|---|
| 65DYN.DLL | 8d721a2bc356a862ac8b2349bbeb614c | Adware MyWebSearch |
| 65DYN.DLL | 8d721a2bc356a862ac8b2349bbeb614c | Adware FunWeb |
65DYN.DLL size: 54672 bytes
65DYN.DLL hash: 8D721A2BC356A862AC8B2349BBEB614C
Created files:
%Program Files%\FromDocToPDF_65\bar\1.bin\65auxstb.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65bar.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65barsvc.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65bprtct.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65brmon.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65brstub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65datact.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65dlghk.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65dyn.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65feedmg.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65highin.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65hkstub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65htmlmu.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65httpct.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65idle.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65ieovr.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65impipe.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65medint.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65mlbtn.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65msg.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65Plugin.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65radio.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65regfft.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65reghk.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65regiet.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65script.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65skin.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65sknlcr.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65skplay.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65SrchMn.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65tpinst.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65uabtn.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\CREXT.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\CrExtP65.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\DPNMNGR.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\EXEMANAGER.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\Hpg64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\NP65Stub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\T8EXTEX.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8EXTPEX.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8HTML.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8RES.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8TICKER.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\VERIFY.DLL
%Temp%\000009b8T8SETUP.EXE
%Temp%\000009b8T8SETUP.EX_
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\FromDocToPDF Search Scope Monitor: “C:\PROGRA~1\FROMDO~1\bar\1.bin\65srchmn.exe” /m=2 /w /h
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\FromDocToPDF_65 Browser Plugin Loader: C:\PROGRA~1\FROMDO~1\bar\1.bin\65brmon.exe
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\DisplayName: FromDocToPDFService
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\ImagePath: %Program Files%\FromDocToPDF_65\bar\1.bin\65barsvc.exe
Detected by UnHackMe:
65DYN.DLL
Default location: %PROGRAM FILES%\FROMDOCTOPDF_65\BAR\1.BIN\65DYN.DLL
Dropper information:
MD5: 26530dc94e336d407c84057635292841
File size: 4123008 bytes