Solved! Use NPB0STUB.DLL (Adware MyWebSearch) Removal Guide

Adware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

NPB0STUB.DLL – Adware MyWebSearch removal

File MD5 Virus Alias
NPB0STUB.DLL 19027e226a73e1de67b224995d1dae44 Adware MyWebSearch
NPB0STUB.DLL 19027e226a73e1de67b224995d1dae44 Trojan SuspiciousFile
NPB0STUB.DLL 19027e226a73e1de67b224995d1dae44 Trojan Generic
NPB0STUB.DLL 19027e226a73e1de67b224995d1dae44 Trojan Graftor
NPB0STUB.DLL 19027e226a73e1de67b224995d1dae44 Trojan Agent

NPB0STUB.DLL size: 48520 bytes
NPB0STUB.DLL hash: 19027E226A73E1DE67B224995D1DAE44

Created files:

%Program Files%\RingtoneFanatic_b0\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\RingtoneFanatic_b0\bar\1.bin\AppIntegrator64.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0auxstb.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0auxstb64.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0bar.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0barsvc.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0bprtct.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0brmon.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0brmon64.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0brstub.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0brstub64.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0datact.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0dlghk.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0dlghk64.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0feedmg.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0highin.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0hkstub.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0htmlmu.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0httpct.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0idle.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0ieovr.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0medint.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0mlbtn.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0Plugin.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0radio.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0regfft.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0reghk.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0regiet.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0script.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0skin.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0skplay.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0SrcAs.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0SrchMn.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0srchmr.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\b0tpinst.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\CREXT.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\CrExtPb0.exe
%Program Files%\RingtoneFanatic_b0\bar\1.bin\DPNMNGR.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\EXEMANAGER.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\Hpg64.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\NPb0Stub.dll
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8EPMSUP.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8EXTEX.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8EXTPEX.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8HTML.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8RES.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\T8TICKER.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\RingtoneFanatic_b0\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\RingtoneFanatic_b0\bar\1.bin\VERIFY.DLL
%Temp%\000005f4T8SETUP.EXE
%Temp%\000005f4T8SETUP.EX_

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\RingtoneFanatic_b0Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\RingtoneFanatic_b0Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\RingtoneFanatic_b0Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\RingtoneFanatic_b0Service\DisplayName: RingtoneFanaticService
HKLM\System\CurrentControlSet\Services\RingtoneFanatic_b0Service\ImagePath: %Program Files%\RingtoneFanatic_b0\bar\1.bin\b0barsvc.exe

Detected by UnHackMe:

NPB0STUB.DLL
Default location: %PROGRAM FILES%\RINGTONEFANATIC_B0\BAR\1.BIN\NPB0STUB.DLL

Dropper information:
MD5: 017461e85293ff086c24625dd0317f7d
File size: 6072712 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images