Jump to content

PUP.Optional.MySearchDial - What is it?


vitamin
 Share

Recommended Posts

Hey all,

On two computers today with Malwarebytes installed, I received a potential threat and decided to quarantine.

I looked in Chrome settings and Windows Control Panel, and nothing of the sort (MySearchDial) exists.

The location is:

  • AppData\Local\Google\Chrome\User Data\Default\Web Data
  • AppData\Local\Google\Chrome\User Data\Default\SynceData.sqlite3

Any ideas on where this would come from?

-Thanks

 

 

malwareBytes2.png

Link to post
Share on other sites

  • Replies 52
  • Created
  • Last Reply

Top Posters In This Topic

Thanks for looking...following is the export.

The scan came back positive again this morning.   

Odd thing is, when I Quarantine, the Chrome browser closes.

 

-Log Details-
Scan Date: 4/5/19
Scan Time: 7:39 AM
Log File: 34761762-57a8-11e9-ac62-000000000000.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.10016
License: Premium

-System Information-
OS: Windows 10 (Build 17134.648)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 284764
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 3 min, 52 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
PUP.Optional.MySearchDial, C:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [128], [663899],1.0.10016
PUP.Optional.MySearchDial, C:\USERS\\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [128], [663899],1.0.10016
PUP.Optional.MySearchDial, C:\USERS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [128], [663899],1.0.10016

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Staff

Sorry for delayed answer. Yes, it looks like a valid detection. I'll need some more logs to see what is the problem and why it keeps coming back.

I need MalwareBytes support tool logs: https://support.malwarebytes.com/docs/DOC-2387

When you open the tool, click Advanced and then Gather logs.

When it is done, you'll find a zipped archive on your desktop. Attach it in your next reply.

 

Link to post
Share on other sites

  • Staff

@vitamin @Jumpercable

Let's try this (in this order please):

1. Enable event data logging in MalwareBytes settings, see image below:

picture.png.2fb3eb2c587f20e689ef57b451951e70.png

 

2. Run one more scan and try to quarantine when MalwareBytes finds this detection.

3. Download the archive below:

Chrome_Analyzer.zip

Unpack it and then right click on analyze.bat and choose Run as Administrator

When it is done, you'll find analysis.txt in the same folder. Attach it in your next reply.

4. Run MalwareBytes support tool like you did before and attach fresh logs.

 

Thank you!

Edited by TwinHeadedEagle
Link to post
Share on other sites

Hello, I am not able to get rid of mysearchdial pup.  I have had this for several days and I keep doing quarantine and delete but it seems to come back every time I open Chrome.  Will uninstalling Chrome and reinstalling it help?    I have done a reset on the chrome settings , but there are still 2 files that have this pup.  How can I get rid of this?

thank you!

Link to post
Share on other sites

Were you able to get rid of mysearchdial pup yet?   I got rid of one of the two, but I still have one that won't go away.   For the one that I finally got rid of, I changed a few settings in chrome and then ran adwcleaner.  So I don't know which of these two things that I did that got rid of it.   

Link to post
Share on other sites

9 hours ago, TwinHeadedEagle said:

@vitamin @Jumpercable

Let's try this (in this order please):

1. Enable event data logging in MalwareBytes settings, see image below:

picture.png.2fb3eb2c587f20e689ef57b451951e70.png

 

2. Run one more scan and try to quarantine when MalwareBytes finds this detection.

3. Download the archive below:

Chrome_Analyzer.zipUnavailable

Unpack it and then right click on analyze.bat and choose Run as Administrator

When it is done, you'll find analysis.txt in the same folder. Attach it in your next reply.

4. Run MalwareBytes support tool like you did before and attach fresh logs.

 

Thank you!

Hey @TwinHeadedEagle, the Chrome_Analyzer.zip shows unavailable so I can't accomplish step 3.

Link to post
Share on other sites

  • Staff

I need you to do it one more time, but make sure to follow the instructions exactly as I tell you.

 

1. Let Chrome stay open.

2. Run MalwareBytes and make a scan. When mysearchdial is detected quarantine it. Do not open Chrome, MalwareBytes should close it doing a quarantine process.

3. Run Chrome analyzer script after a scan making sure you do not open chrome and attach analysis.txt

 

Thanks!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.