Operating System
Windows 8
Infection date and initial symptoms
I'm not sure of the exact date but it will have been sometime in the past week or so. My computer was recently serviced for an unrelated reason and I had to reinstall most programs. Unfortunately I downloaded OpenOffice from what looked like an official site, but came with the unwanted MySearchDial. I thought I had uninstalled it right away, but later realized of course that didn't work. It was evident any time I opened a browser (I use more than one).
Current issues and symptoms
I followed the instructions found here http://malwaretips.com/blogs/start-mysearchdial-removal/ although there were a few differences such as, originally in IE (which I rarely use anyway), MySearchDial did not appear where I would have expected under Toolbars and Extensions. I deleted it anywhere that it did show up, such as Search Providers.
In general, I followed each instruction to the best of my ability including running MalwareBytes and HitmanPro. Everything was looking normal. However MalwareBytes continues to run scans and find what appear to be MySearchDial files connected to Firefox. It always suggests Quarantine and I just click along with this. I also tried opening IE again as a test. A pop-up message quickly appeared and disappeared, but I saw it long enough to read that it was resetting to my chosen/default homepage of MYSEARCHDIAL again, and I was not given a choice about this! When I attempted to find and delete it from the Settings menus again, it doesn't even appear anymore. Also when I reset the homepage to default, it is still automatically the MySearchDial start page. At the moment I am re-running both MalwareBytes and HitmanPro, but am otherwise out of ideas.
I don't know if this is relevant but before my computer was serviced, I had Norton 360 installed. It's been recommended I install AVG instead but I haven't done this yet, so technically there is no other protection at the moment besides MalwareBytes, HitmanPro, and whatever Windows can do by itself.
Steps taken in order to remove the infection
See "Current issues and symptoms" - I have followed the instructions from here: http://malwaretips.com/blogs/start-mysearchdial-removal/
This would have included AdwCleaner also but I don't know how I would find the log for it.

redxdress

New Member
Hi, sorry if I am posting the same thing more than once - I'm not sure what will appear where since it's my first time using this forum.

I can't seem to get rid of MySearchDial. :mad:

I followed the instructions found here although there were a few differences such as, originally in IE (which I rarely use anyway), MySearchDial did not appear where I would have expected under Toolbars and Extensions. I deleted it anywhere that it did show up, such as Search Providers.

In general, I followed each instruction to the best of my ability including running MalwareBytes and HitmanPro. Everything was looking normal. However MalwareBytes continues to run scans and find what appear to be MySearchDial files connected to Firefox. It always suggests Quarantine and I just click along with this.

I also tried opening IE again as a test. A pop-up message quickly appeared and disappeared, but I saw it long enough to read that it was resetting to my chosen/default homepage of MYSEARCHDIAL again, and I was not given a choice about this! When I attempted to find and delete it from the Settings menus again, it doesn't even appear anymore. Also when I reset the homepage to default, it is still automatically the MySearchDial start page.

At the moment I am re-running both MalwareBytes and HitmanPro, but am otherwise out of ideas.

I don't know if this is relevant but before my computer was serviced, I had Norton 360 installed. It's been recommended I install AVG instead but I haven't done this yet, so technically there is no other protection at the moment besides MalwareBytes, HitmanPro, and whatever Windows can do by itself.
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
Hi,



Please download zoek.zip or zoek.rar by smeenk (
) from here or here and save it to your Desktop.
Unpack the archive...
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.
  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...
  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

    Code:
    createsrpoint;
    gpt.ini;z 
    C:\Windows\System32\GroupPolicy;v
    C:\Windows\SysWOW64\GroupPolicy;v 
    StandardSearch; 
    emptyfolderscheck; 
    installer-list; 
    installedprogs; 
    uninstall-list;
  • Click on
    button.
    Please wait until a logreport will open (this can be after reboot)
  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"
 

redxdress

New Member
Oh, I just realized I accessed the zoek zip through Downloads and extracted the files to their own folder, but didn't save to Desktop. Will that be a problem? I hope not, seemed to work fine!
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
No problem :)


> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system


Code:
createsrpoint;
emptyfolderscheck;delete
autoclean;
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b


***** NEXT *****



Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

redxdress

New Member
Okay, I just did zoek again, I think this should be the new results below. I will now download Farbar and then add the log from that.
Thanks for bearing with me. :)
 

Attachments

redxdress

New Member
Thanks - I'm not sure if this is related to the MySearchDial problem, but there is still something strange with Firefox.
It looks like the MySearchDial is gone; it doesn't open up automatically, but instead the Mozilla homepage opens.
For some reason though I can't click on "Restore Previous Session" and when I have tried to set it to "Show my windows and tabs from last time" on startup, this still doesn't happen.

Chrome seems fine, and I also checked IE. Finally no trace of MySearchDial there.

So, do you think maybe one of the programs quarantined/deleted some function of Firefox by mistake? Should I uninstall Firefox and download a new version?

Also should I still keep all the other programs I have downloaded during this process like the HitmanPro trial, FRST64, and zoek?

Thanks again!
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
I give you the link how to set Mozilla home page.

If it is not working, maybe you should reset Firefox --> https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems


About tools we will delete them in the last step:


The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
 

redxdress

New Member
Thanks, resetting Firefox seems to have done the trick!
I have also run DelFix.

Your help has been terrific - definitely going to buy you a beer. :)

So now I guess the next thing for me to do is decide whether to get AVG (or a different protection program) - I noticed that MalwareTips seemed to have a section on the website about choosing virus protection so I will try to make up my mind ASAP.

Thanks again!
 

Attachments

TwinHeadedEagle

Removal Expert
Staff member
Verified
You already have integrated Windows Defender. It is not as good as other products, like Avast, AVG, Avira or Bitdefender, but it offers very good protection. After all, there is no Antivirus that will protect you 100%, you must combine security products with yourself. It is up to you to be carefull.


I can recommend you this software to avoid Adware in the future:

http://unchecky.com/

Read here how it works --> http://www.howtogeek.com/179758/how-to-avoid-junkware-offers-with-unchecky/
 

redxdress

New Member
Ugh, sorry to add another post!
Malwarebytes just popped up having found another item that looks connected with MySearchDial, this time looks like it was in Chrome. Is there anything else I should do? I followed Malwarebytes suggestion to quarantine and saved the log (attached) :/
 

Attachments

Latest Threads