lucky leap 2013.11.07.203812
What is lucky leap?
Lucky Leap is a potentially unwanted application that runs in the web browser as a toolbar and web extension. The web extension is primarily designed to take control of the user's browser in order to modify the search provider and redirect web searches to what ever search engine partner the publisher has a revenue relationship with. In doing so, the toolbar performs a number of behaviors in order to maximize the potential of a user to click on sponsored advertising through search. This includes but not limited to:
- Changing the web browser's default home page to the affiliate search portal.
- Changing the browser's search provider, built-in search box as well as the address bar.
- Ability to modify the 'new tab' functionality to launch the modified search portal page.
- Adds an alternative error page, DNS error and 'page not' found functionality.
- Adds additional functionality that is designed to protect the search and home page settings.
- Access the HTML of all pages visited as well as capture URLs of the pages and search terms.
- In many cases can inject advertising in the form of context ads, pop-ups and pop-unders.
About (from Yontoo Technology)
The Software provides a suite of browser features that customize and enhance your interaction with various websites by rendering graphics, text, or other functional or interactive content in your browser. Such features include, without limitation, toolbars and applications for providing enhanced search results, browsin... Read more
Overview
- Possible malware installed by this program
- Loads into the web browser
- Adds a background Windows Service
- Installed as part of a co-bundle
- Hijacks the web browser's home page
- Hijacks the browser's default search provider
- Generally known to have a low reputation
- The wisdom of the crowd agrees, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in lucky leap.
luckyleapBHO.dll (21ea419ccac17fa4255dfcfe8b633d5a) has been flagged by the following 8 scanners: |
Anti-Virus software | Version | Detection |
Bkav FE |
1.3.0.4562 |
W32.Clod6d1.Trojan |
Dr.Web |
9.0.0.010 |
Adware.Plugin.100 |
ESET-NOD32 |
8.9128 |
a variant of Win32/BrowseFox.F |
Malwarebytes |
v2014.01.10.01 |
PUP.Optional.LuckyLeap.A |
McAfee |
5600.7254 |
Artemis!21EA419CCAC1 |
McAfee-GW-Edition |
7.7254 |
Artemis!21EA419CCAC1 |
TrendMicro-HouseCall |
7.2.10 |
TROJ_GEN.F47V1013 |
VIPRE Antivirus |
23996 |
Yontoo (fs) |
updateluckyleap.exe (e1f894329027238474d459315094780c) has been flagged by the following 34 scanners: |
Anti-Virus software | Software version | Detection |
Lavasoft Ad-Aware |
12.0.163.0 |
Adware.LuckyLeap.H |
Agnitum Outpost |
5.5.1.3 |
PUA.Kranet! |
AhnLab-V3 |
2014.11.15.00 |
Adware/Win32.LuckyLeap |
Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus,HEUR]/MSIL.Kranet |
avast! |
8.0.1489.320 |
Win32:BrowseFox-CY [PUP] |
AVG |
15.0.0.4189 |
Generic.5C4 |
Avira |
7.11.185.228 |
ADWARE/BrowseFox.Gen7 |
AVware |
1.5.0.21 |
Yontoo (fs) |
Baidu-International |
3.5.1.41473 |
Adware.Win32.BrowseFox.luck |
Bitdefender |
7.2 |
Adware.LuckyLeap.H |
CAT-QuickHeal |
14.00 |
AdWare.MSIL.r3 (Not a Virus) |
Comodo Security |
20082 |
UnclassifiedMalware |
Dr.Web |
7.0.10.8210 |
Trojan.BPlug.250 |
Emsisoft Anti-Malware |
3.0.0.600 |
Adware.LuckyLeap.H (B) |
ESET-NOD32 |
10726 |
a variant of Win32/BrowseFox.H |
Fortinet FortiGate |
5.0.999.0 |
Adware/Kranet |
F-Secure |
11.0.19100.45 |
Adware.LuckyLeap.H |
G Data |
24 |
Adware.LuckyLeap.H |
K7 AntiVirus |
9.185.14021 |
Unwanted-Program ( 004a8e8b1 ) |
K7GW |
9.185.14022 |
Unwanted-Program ( 004a8e8b1 ) |
Kaspersky |
12.0.0.1225 |
not-a-virus:HEUR:AdWare.MSIL.Kranet.heur |
Kingsoft AntiVirus |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
Malwarebytes |
1.75.0.1 |
PUP.Optional.LuckyLeap.A |
McAfee |
6.0.5.614 |
BrowseFox.c |
McAfee-GW-Edition |
v2014.2 |
BrowseFox.c |
MicroWorld-eScan |
12.0.250.0 |
Adware.LuckyLeap.H |
nProtect |
2014-11-14.01 |
Adware.LuckyLeap.H |
Panda Antivirus |
4.6.4.2 |
Trj/CI.A |
Qihoo-360 |
1.0.0.1015 |
Win32/Virus.Adware.e4c |
Sophos |
4.98.0 |
Lucky Leap |
Symantec |
20141.1.0.330 |
PUA.Maltrec.TS!g11 |
Trend Micro |
9.740.0.1012 |
TROJ_GEN.R0C1C0EJJ14 |
TrendMicro-HouseCall |
9.700.0.1001 |
TROJ_GEN.R0C1C0EJJ14 |
VIPRE Antivirus |
34794 |
Yontoo (fs) |
View all 42 all detections
lucky leap has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: luckyleap
URL: luckyleap.net/support
Installation folder: C:\Program Files\lucky leap
Uninstaller: C:\Program Files\lucky leap\luckyleapuninstall.exe
Estimated size: 1008.84 KB
Files installed by lucky leap 2013.11.07.203812
Program module: | luckyleapBHO.dll (Malware detected) |
Name: | lucky leap |
Signed by: | lucky leap |
Path: | C:\Program Files\lucky leap\luckyleapBHO.dll |
MD5: | 21ea419ccac17fa4255dfcfe8b633d5a |
Additional files:
-
(Malware detected) luckyleapBHO.dll (by luckyleap) - lucky leap
-
(Malware detected) updateluckyleap.exe
Behaviors exhibited
Internet Explorer BHO
- luckyleapBHO.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'lucky leap' with the class of {d77aa852-def3-43cb-a3f5-bd679de72f32}.
Service
- updateluckyleap.exe runs as a service named 'Update lucky leap' (Update lucky leap).
Resource utilization averages
Show technical details
updateluckyleap.exe |
Memory: | 24.33 MB | |
Total CPU: | 0.0014015806% | |
Kernel CPU: | 0.00109593% | |
User CPU: | 0.00030565% | |
CPU cycles/sec: | 209,741 | |
Switches/sec: | 1 | |
I/O reads/min: | 1.74 KB | |
I/O writes/min: | 41 Bytes | |
How do I remove lucky leap?
You can uninstall lucky leap from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program lucky leap 2013.11.07.203812, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove lucky leap.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by lucky leap 2013.11.07.203812 you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 51%
Win 8 0%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
|
Uninstall it 79%
Keep it 21%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
63.18% |
|
Windows 10 |
21.34% |
|
Windows XP |
12.97% |
|
Windows Vista |
2.51% |
|
Which OS releases does it run on? |
Windows 7 Ultimate |
28.78% |
|
Windows 7 Home Premium |
17.02% |
|
Windows 7 Professional |
12.82% |
|
Microsoft Windows XP |
12.82% |
|
Windows 8 Pro |
5.04% |
|
Windows 8 |
4.20% |
|
Geography
22.58% of installs come from Israel
Which countries install it?
Israel |
22.58% |
United States |
17.05% |
MA |
6.45% |
IQ |
5.99% |
Saudi Arabia |
3.46% |
Taiwan |
3.23% |
DZ |
3.23% |
India |
2.76% |
Egypt |
2.53% |
Iran |
2.30% |
Philippines |
1.61% |
YE |
1.38% |
Thailand |
1.15% |
Norway |
1.15% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
23.99% |
|
Dell |
18.79% |
|
Acer |
15.32% |
|
ASUS |
9.25% |
|
GIGABYTE |
7.80% |
|
Toshiba |
7.23% |
|
Lenovo |
5.78% |
|
Intel |
4.91% |
|
Samsung |
3.18% |
|
American Megatrends |
2.89% |
|
Compaq |
0.87% |
|
Common models |
HP Pavilion g6 Notebook P... |
5.41% |
|
Dell Inspiron N5110 |
3.24% |
|
HP Pavilion dv6 Notebook ... |
3.24% |
|
Dell Inspiron 1545 |
2.16% |
|
Acer Aspire V3-571G |
2.16% |
|
Gigabyte G31M-ES2L |
2.16% |
|
About Yontoo Technology
Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com