Solved! Use 49IEOVR.DLL (Adware MyWebSearch) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

49IEOVR.DLL – Adware MyWebSearch removal

FileMD5Virus Alias
49IEOVR.DLL aedf3f97b88562ce2d5128c9422718c1 Adware MyWebSearch

49IEOVR.DLL size: 73288 bytes
49IEOVR.DLL hash: AEDF3F97B88562CE2D5128C9422718C1

Created files:

%Program Files%\UtilityChest_49\bar\1.bin\49auxstb.dll
%Program Files%\UtilityChest_49\bar\1.bin\49auxstb64.dll
%Program Files%\UtilityChest_49\bar\1.bin\49bar.dll
%Program Files%\UtilityChest_49\bar\1.bin\49barsvc.exe
%Program Files%\UtilityChest_49\bar\1.bin\49bprtct.dll
%Program Files%\UtilityChest_49\bar\1.bin\49brmon.exe
%Program Files%\UtilityChest_49\bar\1.bin\49brmon64.exe
%Program Files%\UtilityChest_49\bar\1.bin\49brstub.dll
%Program Files%\UtilityChest_49\bar\1.bin\49brstub64.dll
%Program Files%\UtilityChest_49\bar\1.bin\49datact.dll
%Program Files%\UtilityChest_49\bar\1.bin\49dlghk.dll
%Program Files%\UtilityChest_49\bar\1.bin\49dlghk64.dll
%Program Files%\UtilityChest_49\bar\1.bin\49feedmg.dll
%Program Files%\UtilityChest_49\bar\1.bin\49highin.exe
%Program Files%\UtilityChest_49\bar\1.bin\49hkstub.dll
%Program Files%\UtilityChest_49\bar\1.bin\49htmlmu.dll
%Program Files%\UtilityChest_49\bar\1.bin\49httpct.dll
%Program Files%\UtilityChest_49\bar\1.bin\49idle.dll
%Program Files%\UtilityChest_49\bar\1.bin\49ieovr.dll
%Program Files%\UtilityChest_49\bar\1.bin\49medint.exe
%Program Files%\UtilityChest_49\bar\1.bin\49mlbtn.dll
%Program Files%\UtilityChest_49\bar\1.bin\49Plugin.dll
%Program Files%\UtilityChest_49\bar\1.bin\49radio.dll
%Program Files%\UtilityChest_49\bar\1.bin\49regfft.dll
%Program Files%\UtilityChest_49\bar\1.bin\49reghk.dll
%Program Files%\UtilityChest_49\bar\1.bin\49regiet.dll
%Program Files%\UtilityChest_49\bar\1.bin\49script.dll
%Program Files%\UtilityChest_49\bar\1.bin\49skin.dll
%Program Files%\UtilityChest_49\bar\1.bin\49skplay.exe
%Program Files%\UtilityChest_49\bar\1.bin\49SrcAs.dll
%Program Files%\UtilityChest_49\bar\1.bin\49SrchMn.exe
%Program Files%\UtilityChest_49\bar\1.bin\49srchmr.dll
%Program Files%\UtilityChest_49\bar\1.bin\49tpinst.dll
%Program Files%\UtilityChest_49\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
%Program Files%\UtilityChest_49\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\UtilityChest_49\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\UtilityChest_49\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\UtilityChest_49\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\UtilityChest_49\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\UtilityChest_49\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\UtilityChest_49\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\UtilityChest_49\bar\1.bin\CREXT.DLL
%Program Files%\UtilityChest_49\bar\1.bin\CrExtP49.exe
%Program Files%\UtilityChest_49\bar\1.bin\DPNMNGR.DLL
%Program Files%\UtilityChest_49\bar\1.bin\EXEMANAGER.DLL
%Program Files%\UtilityChest_49\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\UtilityChest_49\bar\1.bin\Hpg64.dll
%Program Files%\UtilityChest_49\bar\1.bin\NP49Stub.dll
%Program Files%\UtilityChest_49\bar\1.bin\T8EPMSUP.DLL
%Program Files%\UtilityChest_49\bar\1.bin\T8EXTEX.DLL
%Program Files%\UtilityChest_49\bar\1.bin\T8EXTPEX.DLL
%Program Files%\UtilityChest_49\bar\1.bin\T8HTML.DLL
%Program Files%\UtilityChest_49\bar\1.bin\T8RES.DLL
%Program Files%\UtilityChest_49\bar\1.bin\T8TICKER.DLL
%Program Files%\UtilityChest_49\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\UtilityChest_49\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\UtilityChest_49\bar\1.bin\VERIFY.DLL
%Temp%\000021dcT8SETUP.EXE
%Temp%\000021dcT8SETUP.EX_

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Utility Chest Home Page Guard 32 bit: “C:\PROGRA~1\UTILIT~1\bar\1.bin\AppIntegrator.exe”
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Utility Chest Search Scope Monitor: “C:\PROGRA~1\UTILIT~1\bar\1.bin\49srchmn.exe” /m=2 /w /h
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\UtilityChest_49 Browser Plugin Loader: C:\PROGRA~1\UTILIT~1\bar\1.bin\49brmon.exe
HKLM\System\CurrentControlSet\Services\UtilityChest_49Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\UtilityChest_49Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\UtilityChest_49Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\UtilityChest_49Service\DisplayName: Utility ChestService
HKLM\System\CurrentControlSet\Services\UtilityChest_49Service\ImagePath: %Program Files%\UtilityChest_49\bar\1.bin\49barsvc.exe

Detected by UnHackMe:

49IEOVR.DLL
Default location: %PROGRAM FILES%\UTILITYCHEST_49\BAR\1.BIN\49IEOVR.DLL

Dropper information:
MD5: 5a68603c9398c6e21f12d344c9de2fb2
File size: 6072712 bytes

Leave a Reply