Jump to content


Photo

My search dial removal


  • This topic is locked This topic is locked
9 replies to this topic

#1 trippy_ninja77

trippy_ninja77

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 08 September 2013 - 06:15 AM

Hey my browser has been hi jacked by "Mysearchdial", can i get some advice on how to remove it please? Cheers. 
 
 
Edit: Please read the Instructions and post the requested logs (MBAM, DDS, Security Check). We need the information in order to help you.


Edited by cnm, 08 September 2013 - 11:11 AM.


#2 trippy_ninja77

trippy_ninja77

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 09 September 2013 - 03:04 AM

Sorry about that, please find logs below, cheers. 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.09.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Ja Hizzle :: JAHIZZLE-PC [administrator]
 
9/09/2013 5:44:55 PM
mbam-log-2013-09-09 (17-44-55).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239657
Time elapsed: 2 minute(s), 34 second(s)
 
Memory Processes Detected: 1
C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> 2224 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 103
HKCR\CLSID\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MYSEARCHDIAL (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{d77aa852-def3-43cb-a3f5-bd679de72f32} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update lucky leap (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{c3c45c5f-2f1b-4012-a854-f89dc99f2335} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCR\Interface\{7F66829F-F442-431F-AF59-E4474505A67A} (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\LUCKY LEAP (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\AppID\DealPlyLive.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebMachine (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoreMachineClass.1 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoreMachineClass (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3COMClassService (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\dealplylive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DEALPLYLIVE.EXE (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\dealplylivem (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebMachineFallback (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CredentialDialogMachine (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoCreateAsync (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLive.OneClickCtrl.9 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLive.Update3WebControl.3 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C536F080-57B7-46D6-8894-C647553F2889} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLive.OneClickProcessLauncherMachine (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoreClass.1 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.CoreClass (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.ProcessLauncher (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\DealPlyLiveUpdate.Update3WebSvc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dealply (PUP.DealPly.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} (PUP.DealPly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} (PUP.DealPly) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} (PUP.DealPly) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66} (PUP.DealPly) -> Quarantined and deleted successfully.
HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (Adware.GameVance) -> Quarantined and deleted successfully.
 
Registry Values Detected: 4
HKCU\Software\mysearchdial|TM (PUP.Optional.MySearchDial.A) -> Data: 0155 -> Quarantined and deleted successfully.
HKCU\Software\lucky leap|iid (PUP.Optional.LuckyLeap.A) -> Data: def_luckyleap -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Data: C:\Program Files (x86)\DealPly\DealPly.crx -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DealPly|Partner (PUP.Optional.DealPly.A) -> Data: cnet -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearc...=1422333175&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearc...=1422333175&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 28
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial\icons_2.2.4.731 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap (PUP.Optional.LuckyLeap.A) -> Delete on reboot.
C:\Users\Ja Hizzle\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\Install (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\Offline\{636DC609-0D08-48AD-B488-20ECE1D00EA2} (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\Download (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\Offline (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0 (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
 
Files Detected: 113
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\browser.xul (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\toparcadehits.js (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin\style.css (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\tah.config (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\uninstaller.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\updater.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\TopArcadeHits.job (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome.manifest (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\Toparcadehits.dll (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\install.rdf (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\icon.png (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial\icons_2.2.4.731\star2.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\mysearchdial_speedial_v9.0.2.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial\icons_2.2.4.731\magnifying.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\Temp\mysearchdialTlbr.dll.21206994 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\Temp\mysearchdialEng.dll.21206994 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\luckyleap.ico (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\luckyleapUninstall.exe (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\Local Settings\Temporary Internet Files\Content.IE5\6PIP81QN\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> Delete on reboot.
C:\Program Files (x86)\lucky leap\luckyleap.Common.dll (PUP.Optional.LuckyLeap.A) -> Delete on reboot.
C:\Program Files (x86)\lucky leap\updateluckyleap.InstallState (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\luckyleapBHO.dll (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\lucky leap\sqlite3.exe (PUP.Optional.LuckyLeap.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHelper.msi (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPly.xpi (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\icon.ico (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPly.crx (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\uninst.exe (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPlyUpdateVer.exe (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPlyIE64.dll (PUP.Optional.DealPly) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.url (PUP.OPtional.Dealply) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.url (PUP.OPtional.Dealply) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe (PUP.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPlyIE.dll (PUP.DealPly) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\tah.config (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\Toparcadehits.dll (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\Ja Hizzle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> Quarantined and deleted successfully.
 
(end)

Edited by cnm, 09 September 2013 - 03:19 PM.
removed dupe text


#3 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,961 posts

Posted 09 September 2013 - 10:18 PM

Hello trippy_ninja77. Welcome back.

First of all we need to create a Restore point. Give it a name that you will understand. Something like---before running tools.
For information on how to create a Restore point please go here: How to create Restore Point.

Please navigate to Start --> Control Panel --> Programs and Features, and uninstall the following program/s (if present):

lucky leap
MySearchDial
DealPlyLive
DealPly


Please reboot the computer.

Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found.  Exit from AdwCleaner.
  •  
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • [/list]
  • Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
  •  
  • Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  • Please post:
    Rogue Killer log
    AdwCleaner log
    Junk Remover log
    Security Check log
    How's the computer performing now?


    Rocket Grannie[/list]

a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#4 trippy_ninja77

trippy_ninja77

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 11 September 2013 - 05:53 AM

Thanks for that, computer running well it appears, and no more hi jacked browser. Please see below requested posts however i'm not sure of the rogue killer log (not sure where that log would come from?) and the final program - security check, it just generated the following:

 UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

Here are the other two:

 

# AdwCleaner v3.003 - Report created 11/09/2013 at 20:14:45
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ja Hizzle - JAHIZZLE-PC
# Running from : C:\Users\Ja Hizzle\Downloads\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\MyPC Backup 
Folder Deleted : C:\Program Files (x86)\Splashtop
Folder Deleted : C:\Users\Ja Hizzle\AppData\LocalLow\Mysearchdial
File Deleted : C:\windows\Tasks\Dealply.job
File Deleted : C:\windows\System32\Tasks\Dealply
File Deleted : C:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
File Deleted : C:\windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
File Deleted : C:\windows\Tasks\MySearchDial.job
File Deleted : C:\windows\System32\Tasks\MySearchDial
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\Splashtop Inc.
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\Ja Hizzle\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [2189 octets] - [11/09/2013 20:11:22]
AdwCleaner[R1].txt - [2253 octets] - [11/09/2013 20:14:12]
AdwCleaner[S0].txt - [1942 octets] - [11/09/2013 20:14:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2002 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 7 Home Premium x64
Ran by Ja Hizzle on Wed 11/09/2013 at 20:19:05.05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/09/2013 at 20:24:36.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Thanks again!


#5 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,961 posts

Posted 11 September 2013 - 05:27 PM

Hello trippy_ninja77.

Sorry about the Rogue Killer log that was a misprint on my part.

Please reboot the computer then try to run Security Check again.

Let's check for any leftovers.

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on this link
  • to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your Desktop.
  • Double click on the esetsmartinstaller_enu.png
    icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology


  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your Desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

    Please post:
    Security Check log.
    ESet log. (Note: a log will not be produced if nothing found.)


    Rocket Grannie


a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#6 trippy_ninja77

trippy_ninja77

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 12 September 2013 - 06:24 AM

Cheers, so, it's not letting me save the ESET log, but only one item was found and quarantined/deleted and that was from - Users/me/downloads/cbsidlm-tr_14-VLC_Media_Player_64bit-ORG-75761094.exe which is the first program i downloaded and was infected by, the 'threat' being - Win32/DownloadAdmin.G application. 

 

As for the other log, it worked this time:

 

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 30  
 Java version out of Date! 
 Google Chrome 18.0.1025.142  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#7 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,961 posts

Posted 12 September 2013 - 06:46 PM

Hello trippy_ninja77.

That's great. Your logs appear to be clean.

Your Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

Updating Java:
  • Go
    here and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: javaicon.gif
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.
  • System Restore maintains a backup of your programs and may also backup infections, so please reset it to make a clean Restore Point.

    To Delete All but the Most Recent System Restore Points

    Click Start type cleanmgr into the search box and press Enter

    Disk Cleanup will open
    Select the drive that you want to clean up (usually C) and click OK
    NOTE: You will only see this window if you have more than one drive or partition on your computer.
    A window will open and calculate how much space you can save.
    When it is finished another window will open.
    Click the More Options tab.
    Click Clean up under the System Restore and Shadow Copies section.
    Click Delete to confirm the deletion.
    A window will ask for confirmation.
    Click Delete Files
    The files will be deleted and Disk Cleanup will close.

    Please run AdwCleaner and click the uninstall button.
    Please delete the Security Check folder on the Desktop.
    Please delete the Junkware remover folder on the Desktop.

    Any further problems?


    Rocket Grannie

a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#8 trippy_ninja77

trippy_ninja77

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 17 September 2013 - 05:04 AM

No, all seems to be working fine again!! Thanks heaps for your time, cheers!



#9 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,961 posts

Posted 17 September 2013 - 10:23 PM

Hello trippy_ninja77.

Great to hear!!!

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections.
Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems.
As happy as we at SWI are to help you, for your sake we would rather not have repeat customers.

Note: All of the programs I am suggesting are either free or have free versions.

Please make sure to run your antivirus software regularly, and to keep it up-to-date. Most programs have an automatic update feature.

Keep MalwareBytes Anti-Malware updated and run it regularly.
Please Note: Only the paid for version has real time capabilities.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.
Note: If you are running Avast, it has an automatic updater built in.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here

Please make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware from being installed.
Please set your anti-virus and anti-spyware programs to check for updates automatically. If the programs are not able to update automatically, then I suggest you manually check for updates every few days.

Windows needs to be kept up-to-date.
 
Windows Updates are available from here

IMPORTANT: Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates, or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs.  If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately.  It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information.  Ask in a security forum that you trust if you are not sure.  If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

http://www.spywarewarrior.com/rogue_anti-spyware.htm

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative.  In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Chrome is another good option.

If you are interested, Firefox may be downloaded from here
Chrome is available here
 
PLEASE NOTE:

A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

Hopefully this should take care of your problems!

Safe Surfing:


Rocket Grannie

 


a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.

#10 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Boot Camp Mod
  • PipPipPipPipPip
  • 6,961 posts

Posted 23 September 2013 - 09:33 PM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
a41.gif
 
My help is free, but if you wish to help keep these forums running please consider a donation, see here for details.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button