Exterminate It! Antimalware


Known threats:700,085 Last Update:March 01, 12:55


I have had major computer issues in the last week. I was infected with the Darksma and Vundo downloader trojans. After researching the net for possible solutions, i found they are extremely difficult to remove. I tried a variety of spyware removal tools to no avail. To do it manually is near on impossible.
The symptoms are, computer runs slow, constant ad pop ups, hijacking of emails, theft of information and locking of a variety of functions.
I then found buried deep in a google search a link to Exterminate It. After reading it, I downloaded to do a free scan and a lot of stuff no other spyware had found showed up. So i went searching the locations and sure enough the files where there on my system. I tried removing them with no luck. So i spent the $25 usa to activate.
It removed all but 4. I was disappointed that the Trojans once again reloaded and my problems continued. So, i used the SUBMIT STATE service. I supplied all the info i could gather, pop up addys and what they were for , what others programs had found and Exterminate had missed etc. Within 24 hours i received and email telling me they had updated there system and to download it. I rescanned the system and it deleted all the previous locked files.
Darksma and Vundo downloader trojans have not done their re appearing act since and my comp is running normal again.

It's worth remembering the addy or downloading it to see what it finds. I had no problems doing so in anyway with this program. They done what they said they would on there web site in under the time frame.


Administrator of Horse Racing Forums

File: DealPlyUpdate

Location of DealPlyUpdate and Associated Malware

Check whether DealPlyUpdate is present in the following locations:

DealPlyUpdate file locations that are Windows version independent:

  • C:\Windows\System32\Tasks\DealPlyUpdate

If you find DealPlyUpdate file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The DealPlyUpdate file is associated with malware only if found in the locations listed above.


Different Variations of DealPlyUpdate File^

File SizeFile Md5Last Seen
3362E12324B8EFE349EFAF1E0392D7A9E496Jun 23, 2014
33022D2E8B031FAEEC0042D30586D1891E09Jun 26, 2014
33465B5F458A37FE6B6C538500214F55FEC7Jul 3, 2014
33527485F02A3CD0B619BCE8859EBF6DAB99Jul 6, 2014
33545D015AB9C864F0905749C193D58664F0Jul 12, 2014
3296F8F6C90ABCA0191476B4515AAC5A4A3BJul 12, 2014
3354D166A521C5D603369C8BC13F5AA97059Jul 19, 2014
33585973F9112AE885D25F601E67FA82F94EJul 21, 2014
33000F880A8E6AC640A10B1DDCE52D31B509Jul 27, 2014
3358E6E9C2CB7607AF0E2643DA635D9A95B1Aug 1, 2014
3308754EF17A334F533461A43E6B8626E9D9Aug 4, 2014
33564305AA12E09D3C4065167D49E46CB732Aug 12, 2014
337068B4C4458859948131F386F536185D15Aug 12, 2014
33503C3F2EF1FA7BAE47E4D8C1D222B57821Aug 17, 2014
329628FE09F75A74388BC67624B7BFB4B446Aug 17, 2014
32943AE59D9EF1F9192B75E93F77BBC10987Aug 25, 2014
33609AD46E103D15C154EE00029FE1B21067Sep 1, 2014
33561012AFA379F02410B5846B396454B32DSep 2, 2014
33605DAB8CF89AAA59D2D6BB8A3DF7CE371BSep 12, 2014
335228EDF2B99695B0B92A4A8DA32FF61463Sep 13, 2014
330094566B8AC80D29E35974C38B0DE75AE0Sep 19, 2014
32966E9F3921C97B2B506CE8CDC917ADFE8CSep 23, 2014
335482CA76D4EFDDC2A7C411A1CB14876E21Oct 10, 2014
3296C64246B9F84A1B15CD4A77CCC41C846BOct 17, 2014
3352FE10E6BDB23E3A239CAFBA97852D72DAOct 26, 2014
3364A60F7AC4FF7BF9F931A83DA7D3C457C5Nov 3, 2014
33544F15B16B8C29B889F59620E3AED877EBNov 7, 2014
3358FCC20AFA9B35ACFEE72DF3997BB93346Nov 7, 2014
3300BDBAC79CE20151D2C3F81EB2BC9DA588Nov 13, 2014
3300229F0C6461ABDCB8A8BA469231D29392Dec 8, 2014
3298E9253FF41EF56573A98DA3861A9B920EFeb 7, 2015
335490E8FD0A355235AA02A948499F5235C6Feb 8, 2015
33706B122F97DA7584DA59E20EBF4D373F28Apr 16, 2015
3352E8428822EFB7F5C4264DF26DEF0B0C09May 3, 2015
334865AEA0F1D9F2F49EB38A647A1F8EA5C0Aug 2, 2015
3352FBB85F65D5015AD71234D2E632AD79B3Sep 17, 2015
3322E74AC0D4981EB92903032AF70D99AB01Sep 30, 2015
3406696CAF508429AB753E3D4BF6EDD7C695Oct 8, 2015
3352CF1FE5499106642C9F09F75E07E9860BOct 24, 2015
33562C00F845922F7F0FC538A2941D8F621ANov 14, 2015
3406B100B24584BEEF45F60BEC64E5E961C8Dec 10, 2015
3462CB524EEFE2DBCD27E0EA527CB0F0ADB1Jan 16, 2016
329677738D85A04AAC8FA334D526CA8A0333Feb 2, 2016
33001CEC7CD74204FCE68D44D551A1748283Feb 12, 2016
3364ED0F405E1A709076D19E936C8495CCD3Feb 13, 2016
3360BA4C8F9424D77F1CDFE5FFAC2E0FCB15Feb 16, 2016
3352EE73279EA7FFEB045D6C152165073DECMar 2, 2016
32989FB72922DC94FE0D2DA76D659CD3DFE1May 4, 2016
34065220E58A47D33D89A6B7FA6342A7725EMay 25, 2016
3352720E6822098368FE46D51CDC64820A26Jul 4, 2016
335827BDE085396788EBC297F7214BBA2E31Jul 8, 2016
330820F38C79306D4A6DB8B9793EA0B5A529Jul 15, 2016
3302743AD316277FF581EBEC3D6636F61660Aug 3, 2016
33020143F2971A8918BEBCD2CB094BF12F57Oct 16, 2016
33563CFFCB2C29DF80B98755E08303DE593EOct 25, 2016
3352BA639663EB8F55BE960FE13BD1F4B9CFNov 27, 2016
3348557CDC9F80B4D1A85D250B0B63AB1CDEDec 7, 2016
330447406098F17F69A2E3AA2046ED61DD38Dec 14, 2016
3412A696296738FDE5957E8B9F17712AF59DJan 17, 2017
33469261BA85F6B6D661FCBC665ADBED63C8Jan 26, 2017
3356A30DFDC9A0C4169D9032F63D98B4B986Feb 1, 2017
33527F262DDD24BD36977CFACF8AC444A199Feb 8, 2017
329656F51DE08C20E97FEA38FD72BF429585May 2, 2017
3296F1CE622C1F89572102159FBD48DA03F5May 19, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove DealPlyUpdate^

  1. To enable deleting the DealPlyUpdate file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select DealPlyUpdate and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of DealPlyUpdate and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of DealPlyUpdate and Associated Malware.
  6. Notes:

    • The deletion of DealPlyUpdate will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of DealPlyUpdate will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a DealPlyUpdate malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type DealPlyUpdate. The name of the first found registry value referencing DealPlyUpdate is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to DealPlyUpdate, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of DealPlyUpdate and Associated Malware.