Solved! Use TPIMANAGERCONSOLE.EXE (Adware MyWebSearch) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TPIMANAGERCONSOLE.EXE – Adware MyWebSearch removal

FileMD5Virus Alias
TPIMANAGERCONSOLE.EXE a5a66e055e98c232db816bba2d388a3c Adware MyWebSearch
TPIMANAGERCONSOLE.EXE a5a66e055e98c232db816bba2d388a3c Trojan SuspiciousFile

TPIMANAGERCONSOLE.EXE size: 78224 bytes
TPIMANAGERCONSOLE.EXE hash: A5A66E055E98C232DB816BBA2D388A3C

Created files:

%Program Files%\TotalRecipeSearch_14\bar\1.bin\14auxstb.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14auxstb64.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14bar.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14bprtct.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14brmon.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14brmon64.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14brstub.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14brstub64.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14datact.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14dlghk.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14dlghk64.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14feedmg.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14highin.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14hkstub.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14htmlmu.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14httpct.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14idle.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14ieovr.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14medint.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14mlbtn.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14Plugin.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14radio.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14regfft.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14reghk.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14regiet.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14script.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14skin.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14skplay.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14SrcAs.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14SrchMn.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14srchmr.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\14tpinst.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\TotalRecipeSearch_14\bar\1.bin\AppIntegrator64.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\TotalRecipeSearch_14\bar\1.bin\CREXT.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\CrExtP14.exe
%Program Files%\TotalRecipeSearch_14\bar\1.bin\DPNMNGR.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\EXEMANAGER.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\Hpg64.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8EPMSUP.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8EXTEX.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8EXTPEX.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8HTML.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8RES.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\T8TICKER.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\TotalRecipeSearch_14\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\TotalRecipeSearch_14\bar\1.bin\VERIFY.DLL
%Temp%\00001474T8SETUP.EXE
%Temp%\00001474T8SETUP.EX_

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\TotalRecipeSearch_14Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\TotalRecipeSearch_14Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\TotalRecipeSearch_14Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\TotalRecipeSearch_14Service\DisplayName: TotalRecipeSearchService
HKLM\System\CurrentControlSet\Services\TotalRecipeSearch_14Service\ImagePath: %Program Files%\TotalRecipeSearch_14\bar\1.bin\14barsvc.exe

Detected by UnHackMe:

TPIMANAGERCONSOLE.EXE
Default location: %PROGRAM FILES%\TOTALRECIPESEARCH_14\BAR\1.BIN\TPIMANAGERCONSOLE.EXE

Dropper information:
MD5: 0a801e42bbf4935cc5d74d47ac06687f
File size: 6072720 bytes

Leave a Reply