I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
65HIGHIN.EXE – Adware MyWebSearch removal
File | MD5 | Virus Alias |
---|---|---|
65HIGHIN.EXE | aa82a2d20c3525f0b850ec67dab2a448 | Adware MyWebSearch |
65HIGHIN.EXE size: 12872 bytes
65HIGHIN.EXE hash: AA82A2D20C3525F0B850EC67DAB2A448
Created files:
%Program Files%\FromDocToPDF_65\bar\1.bin\65auxstb.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65auxstb64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65bar.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65barsvc.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65bprtct.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65brmon.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65brmon64.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65brstub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65brstub64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65datact.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65dlghk.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65dlghk64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65feedmg.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65highin.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65hkstub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65htmlmu.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65httpct.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65idle.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65ieovr.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65medint.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65mlbtn.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65Plugin.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65radio.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65regfft.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65reghk.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65regiet.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65script.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65skin.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65skplay.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65SrchMn.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\65srchmr.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\65tpinst.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\FromDocToPDF_65\bar\1.bin\CREXT.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\CrExtP65.exe
%Program Files%\FromDocToPDF_65\bar\1.bin\DPNMNGR.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\EXEMANAGER.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\Hpg64.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\NP65Stub.dll
%Program Files%\FromDocToPDF_65\bar\1.bin\T8EPMSUP.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8EXTEX.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8EXTPEX.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8HTML.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8RES.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\T8TICKER.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\FromDocToPDF_65\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\FromDocToPDF_65\bar\1.bin\VERIFY.DLL
%Temp%\000017b8T8SETUP.EXE
%Temp%\000017b8T8SETUP.EX_
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\DisplayName: FromDocToPDFService
HKLM\System\CurrentControlSet\Services\FromDocToPDF_65Service\ImagePath: %Program Files%\FromDocToPDF_65\bar\1.bin\65barsvc.exe
Detected by UnHackMe:
65HIGHIN.EXE
Default location: %PROGRAM FILES%\FROMDOCTOPDF_65\BAR\1.BIN\65HIGHIN.EXE
Dropper information:
MD5: 09e23cabda38d10588aef9d88f8b3d13
File size: 6072704 bytes