Solved! Use T8EPMSUP.DLL (Adware MyWebSearch) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

T8EPMSUP.DLL – Adware MyWebSearch removal

FileMD5Virus Alias
T8EPMSUP.DLL fd7ee723718078825bc79e360e4f04d3 Adware MyWebSearch

T8EPMSUP.DLL size: 77896 bytes
T8EPMSUP.DLL hash: FD7EE723718078825BC79E360E4F04D3

Created files:

%Program Files%\Motitags_94\bar\1.bin\94auxstb.dll
%Program Files%\Motitags_94\bar\1.bin\94auxstb64.dll
%Program Files%\Motitags_94\bar\1.bin\94bar.dll
%Program Files%\Motitags_94\bar\1.bin\94barsvc.exe
%Program Files%\Motitags_94\bar\1.bin\94bprtct.dll
%Program Files%\Motitags_94\bar\1.bin\94brmon.exe
%Program Files%\Motitags_94\bar\1.bin\94brmon64.exe
%Program Files%\Motitags_94\bar\1.bin\94brstub.dll
%Program Files%\Motitags_94\bar\1.bin\94brstub64.dll
%Program Files%\Motitags_94\bar\1.bin\94datact.dll
%Program Files%\Motitags_94\bar\1.bin\94dlghk.dll
%Program Files%\Motitags_94\bar\1.bin\94dlghk64.dll
%Program Files%\Motitags_94\bar\1.bin\94feedmg.dll
%Program Files%\Motitags_94\bar\1.bin\94highin.exe
%Program Files%\Motitags_94\bar\1.bin\94hkstub.dll
%Program Files%\Motitags_94\bar\1.bin\94htmlmu.dll
%Program Files%\Motitags_94\bar\1.bin\94httpct.dll
%Program Files%\Motitags_94\bar\1.bin\94idle.dll
%Program Files%\Motitags_94\bar\1.bin\94ieovr.dll
%Program Files%\Motitags_94\bar\1.bin\94medint.exe
%Program Files%\Motitags_94\bar\1.bin\94mlbtn.dll
%Program Files%\Motitags_94\bar\1.bin\94Plugin.dll
%Program Files%\Motitags_94\bar\1.bin\94radio.dll
%Program Files%\Motitags_94\bar\1.bin\94regfft.dll
%Program Files%\Motitags_94\bar\1.bin\94reghk.dll
%Program Files%\Motitags_94\bar\1.bin\94regiet.dll
%Program Files%\Motitags_94\bar\1.bin\94script.dll
%Program Files%\Motitags_94\bar\1.bin\94skin.dll
%Program Files%\Motitags_94\bar\1.bin\94skplay.exe
%Program Files%\Motitags_94\bar\1.bin\94SrcAs.dll
%Program Files%\Motitags_94\bar\1.bin\94SrchMn.exe
%Program Files%\Motitags_94\bar\1.bin\94srchmr.dll
%Program Files%\Motitags_94\bar\1.bin\94tpinst.dll
%Program Files%\Motitags_94\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\Motitags_94\bar\1.bin\AppIntegrator64.exe
%Program Files%\Motitags_94\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\Motitags_94\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\Motitags_94\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\Motitags_94\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\Motitags_94\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\Motitags_94\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\Motitags_94\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\Motitags_94\bar\1.bin\CREXT.DLL
%Program Files%\Motitags_94\bar\1.bin\CrExtP94.exe
%Program Files%\Motitags_94\bar\1.bin\DPNMNGR.DLL
%Program Files%\Motitags_94\bar\1.bin\EXEMANAGER.DLL
%Program Files%\Motitags_94\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\Motitags_94\bar\1.bin\Hpg64.dll
%Program Files%\Motitags_94\bar\1.bin\NP94Stub.dll
%Program Files%\Motitags_94\bar\1.bin\T8EPMSUP.DLL
%Program Files%\Motitags_94\bar\1.bin\T8EXTEX.DLL
%Program Files%\Motitags_94\bar\1.bin\T8EXTPEX.DLL
%Program Files%\Motitags_94\bar\1.bin\T8HTML.DLL
%Program Files%\Motitags_94\bar\1.bin\T8RES.DLL
%Program Files%\Motitags_94\bar\1.bin\T8TICKER.DLL
%Program Files%\Motitags_94\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\Motitags_94\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\Motitags_94\bar\1.bin\VERIFY.DLL
%Temp%\00001bdcT8SETUP.EXE
%Temp%\00001bdcT8SETUP.EX_

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Motitags_94Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\Motitags_94Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\Motitags_94Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Motitags_94Service\DisplayName: MotitagsService
HKLM\System\CurrentControlSet\Services\Motitags_94Service\ImagePath: %Program Files%\Motitags_94\bar\1.bin\94barsvc.exe

Detected by UnHackMe:

T8EPMSUP.DLL
Default location: %PROGRAM FILES%\MOTITAGS_94\BAR\1.BIN\T8EPMSUP.DLL

Dropper information:
MD5: 6d23a258a2844b8aac93c6e76dbb1c48
File size: 6072696 bytes

Leave a Reply