Solved! Use TPIMANAGERCONSOLE.EXE (Adware MyWebSearch) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TPIMANAGERCONSOLE.EXE – Adware MyWebSearch removal

FileMD5Virus Alias
TPIMANAGERCONSOLE.EXE b7bb7f470116feb2e9539575d64988db Adware MyWebSearch
TPIMANAGERCONSOLE.EXE b7bb7f470116feb2e9539575d64988db Trojan SuspiciousFile

TPIMANAGERCONSOLE.EXE size: 78200 bytes
TPIMANAGERCONSOLE.EXE hash: B7BB7F470116FEB2E9539575D64988DB

Created files:

%Program Files%\Guffins\bar\1.bin\APPINTEGRATOR.EXE
%Program Files%\Guffins\bar\1.bin\AppIntegrator64.exe
%Program Files%\Guffins\bar\1.bin\APPINTEGRATORSTUB.DLL
%Program Files%\Guffins\bar\1.bin\AppIntegratorStub64.dll
%Program Files%\Guffins\bar\1.bin\ASSISTMONITOR.DLL
%Program Files%\Guffins\bar\1.bin\ASSISTMONITOR64.DLL
%Program Files%\Guffins\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL
%Program Files%\Guffins\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL
%Program Files%\Guffins\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE
%Program Files%\Guffins\bar\1.bin\CREXT.DLL
%Program Files%\Guffins\bar\1.bin\CrExtPu4.exe
%Program Files%\Guffins\bar\1.bin\DPNMNGR.DLL
%Program Files%\Guffins\bar\1.bin\EXEMANAGER.DLL
%Program Files%\Guffins\bar\1.bin\FF-NativeMessagingDispatcher.dll
%Program Files%\Guffins\bar\1.bin\Hpg64.dll
%Program Files%\Guffins\bar\1.bin\NPu4Stub.dll
%Program Files%\Guffins\bar\1.bin\T8EPMSUP.DLL
%Program Files%\Guffins\bar\1.bin\T8EXTEX.DLL
%Program Files%\Guffins\bar\1.bin\T8EXTPEX.DLL
%Program Files%\Guffins\bar\1.bin\T8HTML.DLL
%Program Files%\Guffins\bar\1.bin\T8RES.DLL
%Program Files%\Guffins\bar\1.bin\T8TICKER.DLL
%Program Files%\Guffins\bar\1.bin\TPIMANAGERCONSOLE.EXE
%Program Files%\Guffins\bar\1.bin\u4auxstb.dll
%Program Files%\Guffins\bar\1.bin\u4auxstb64.dll
%Program Files%\Guffins\bar\1.bin\u4bar.dll
%Program Files%\Guffins\bar\1.bin\u4barsvc.exe
%Program Files%\Guffins\bar\1.bin\u4bprtct.dll
%Program Files%\Guffins\bar\1.bin\u4brmon.exe
%Program Files%\Guffins\bar\1.bin\u4brmon64.exe
%Program Files%\Guffins\bar\1.bin\u4brstub.dll
%Program Files%\Guffins\bar\1.bin\u4brstub64.dll
%Program Files%\Guffins\bar\1.bin\u4datact.dll
%Program Files%\Guffins\bar\1.bin\u4dlghk.dll
%Program Files%\Guffins\bar\1.bin\u4dlghk64.dll
%Program Files%\Guffins\bar\1.bin\u4feedmg.dll
%Program Files%\Guffins\bar\1.bin\u4highin.exe
%Program Files%\Guffins\bar\1.bin\u4hkstub.dll
%Program Files%\Guffins\bar\1.bin\u4htmlmu.dll
%Program Files%\Guffins\bar\1.bin\u4httpct.dll
%Program Files%\Guffins\bar\1.bin\u4idle.dll
%Program Files%\Guffins\bar\1.bin\u4ieovr.dll
%Program Files%\Guffins\bar\1.bin\u4medint.exe
%Program Files%\Guffins\bar\1.bin\u4mlbtn.dll
%Program Files%\Guffins\bar\1.bin\u4Plugin.dll
%Program Files%\Guffins\bar\1.bin\u4radio.dll
%Program Files%\Guffins\bar\1.bin\u4regfft.dll
%Program Files%\Guffins\bar\1.bin\u4reghk.dll
%Program Files%\Guffins\bar\1.bin\u4regiet.dll
%Program Files%\Guffins\bar\1.bin\u4script.dll
%Program Files%\Guffins\bar\1.bin\u4skin.dll
%Program Files%\Guffins\bar\1.bin\u4skplay.exe
%Program Files%\Guffins\bar\1.bin\u4SrcAs.dll
%Program Files%\Guffins\bar\1.bin\u4SrchMn.exe
%Program Files%\Guffins\bar\1.bin\u4srchmr.dll
%Program Files%\Guffins\bar\1.bin\u4tpinst.dll
%Program Files%\Guffins\bar\1.bin\UNIFIEDLOGGING.DLL
%Program Files%\Guffins\bar\1.bin\VERIFY.DLL
%Temp%\00003c50T8SETUP.EXE
%Temp%\00003c50T8SETUP.EX_

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\GuffinsService\Type: 10000000
HKLM\System\CurrentControlSet\Services\GuffinsService\Start: 02000000
HKLM\System\CurrentControlSet\Services\GuffinsService\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\GuffinsService\DisplayName: GuffinsService
HKLM\System\CurrentControlSet\Services\GuffinsService\ImagePath: %Program Files%\Guffins\bar\1.bin\u4barsvc.exe

Detected by UnHackMe:

TPIMANAGERCONSOLE.EXE
Default location: %PROGRAM FILES%\GUFFINS\BAR\1.BIN\TPIMANAGERCONSOLE.EXE

Dropper information:
MD5: 1b5ca9dd2439e0619dfcfaae0d38bd94
File size: 6072696 bytes

Leave a Reply