DealPly

DealPly Description

Dealply is adware that displays shopping discount offers through your Web browser. Because Dealply's content can be considered advertisements, and because Dealply sometimes is installed without your consent, Dealply also can be classified as adware but doesn't contain any dedicated malicious functions. SpywareRemove.com malware experts do suggest that you engage with any Dealply offers with a reasonable amount of caution – and find that deleting Dealply usually is preferable to tolerating its presence if you've made the likely decision that you're uninterested in its shopping advice.

Dealply: Adware that's a Bit Too Enthusiastic to Jump Onto Your Browser

Dealply, also identified as Adware:Win32/Dealply or Adware.DealPly is a browser add-on that displays online shopping discounts for various major online retailers. By receiving a small revenue bump in exchange for redirecting traffic to these sites, Dealply profits off of every installation – assuming that you actually click on its shopping offers. Because these functions are very similar to those of adware, many anti-malware products prefer to classify Dealply as an adware program, although Dealply doesn't include any other unwanted features that SpywareRemove.com malware experts would suspect from adware (such as monitoring your online behavior or slowing down your browser with any behind-the-scene activities).

Dealply operates in most versions of Windows (including recent versions) and often is installed in bundles with separate programs. These bundled installers usually will request permission to install Dealply, but may do so in a way that SpywareRemove.com malware experts would consider exploitative – such as making vague or exaggerated claims about Dealply's capabilities, or not mentioning that its content is equivalent to shopping advertisements. Paying attention to application installation options usually will help keep your PC from dealing with an unwanted Dealply or other adware.

Keeping Your Browser from Being Played by Dealply

If you aren't seeing any benefits from Dealply's installation on your browser, SpywareRemove.com malware experts suggest that you use anti-malware products for removing Dealply – just to be certain that all of its components are deleted as completely as possible. Most adware tend to leave some components and settings changes on your PC even after they're uninstalled through normal methods, such as your browser's add-on manager.

Because Dealply sorts some of its offers according to profitability among affiliates, you also should bear in mind that not all of Dealply's shopping offers are necessarily guaranteed to offer the best discounts. However, SpywareRemove.com malware researchers are happy to verify that, at this point, Dealply has not been abused to promote malicious Web content of any type and should not be treated as a danger to your PC's safety.
Non-Windows OSes are incompatible with Dealply, but Dealply can be installed to most major Web browsers, including popular brands like IE or Chrome.

Aliases


SScope.Trojan.Kriptik.8607ADW_DEALPLYAdware.DealPly [Symantec]Win32/DealPly.BWin32.Troj.Generic.a.(kcloud)SecurityRisk.Downldr [Symantec]

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to DealPly may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%SYSTEMDRIVE%\Users\Black Cat\AppData\Local\PLHDz.exe\PLHDz.exe File name: PLHDz.exe
Size: 601.08 KB (601088 bytes)
MD5: c50449ecb4675edf97de5b1ec690db99
Detection count: 7,380
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\Black Cat\AppData\Local\PLHDz.exe\
Group: Malware file
Last Updated: January 28, 2020
%COMMONPROGRAMFILES%\26401017-1099-F882-713D-4980F6E5AC06\updane.exe File name: updane.exe
Size: 337.4 KB (337408 bytes)
MD5: 725b0a937ba3136c16facc49d7e3f624
Detection count: 726
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES%\26401017-1099-F882-713D-4980F6E5AC06\
Group: Malware file
Last Updated: April 22, 2017
%LOCALAPPDATA%\UpdateTask1\updatetask1update.exe File name: updatetask1update.exe
Size: 306.68 KB (306688 bytes)
MD5: dbfb6627b2787d124895819e1aef387f
Detection count: 328
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\UpdateTask1\
Group: Malware file
Last Updated: June 22, 2017
%APPDATA%\UpdateTask\updatetaskupdate.exe File name: updatetaskupdate.exe
Size: 544.25 KB (544256 bytes)
MD5: 00561e8e58785f5420d28a71b13677fe
Detection count: 300
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\UpdateTask\
Group: Malware file
Last Updated: June 21, 2017
%APPDATA%\UpdateTask\Lebehoda.dat File name: Lebehoda.dat
Size: 18.67 KB (18674 bytes)
MD5: 0db147027f4ee565c82d3f489ab80fa2
Detection count: 288
File type: Data file
Mime Type: unknown/dat
Path: %APPDATA%\UpdateTask\
Group: Malware file
Last Updated: June 21, 2017
%LOCALAPPDATA%\{C06DF6D6-E53F-9BA0-8E09-BC7252DB414C}\synhelper.exe File name: synhelper.exe
Size: 1.48 MB (1484800 bytes)
MD5: 5fdb8b2e402fd3e3072b8f6f8a711303
Detection count: 276
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\{C06DF6D6-E53F-9BA0-8E09-BC7252DB414C}\
Group: Malware file
Last Updated: June 17, 2017
%SYSTEMDRIVE%\Users\ITP-THINKPAD31\AppData\Local\Gomasufa.exe\Gomasufa.exe File name: Gomasufa.exe
Size: 2.02 MB (2023723 bytes)
MD5: d8de5f86431ea5a7a6beb283c937ebb8
Detection count: 220
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\ITP-THINKPAD31\AppData\Local\Gomasufa.exe\
Group: Malware file
Last Updated: January 25, 2020
%COMMONPROGRAMFILES%\UpdateTask\Masupe.dat File name: Masupe.dat
Size: 19.52 KB (19526 bytes)
MD5: 6f79423711d0ab931c9f4e78e547a11d
Detection count: 197
File type: Data file
Mime Type: unknown/dat
Path: %COMMONPROGRAMFILES%\UpdateTask\
Group: Malware file
Last Updated: June 22, 2017
%COMMONPROGRAMFILES%\hodor\SyncTask.exe File name: SyncTask.exe
Size: 1 MB (1009152 bytes)
MD5: c7c2f3a6f718d9e53e8d9f32d048b623
Detection count: 157
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES%\hodor\
Group: Malware file
Last Updated: June 20, 2017
%COMMONPROGRAMFILES%\UpdateTask\Litorobo.dat File name: Litorobo.dat
Size: 19.13 KB (19137 bytes)
MD5: 069cde95424eb0e84bbd635b7d9cb000
Detection count: 103
File type: Data file
Mime Type: unknown/dat
Path: %COMMONPROGRAMFILES%\UpdateTask\
Group: Malware file
Last Updated: June 22, 2017
%COMMONPROGRAMFILES%\UpdateTask\Samofegolo.dat File name: Samofegolo.dat
Size: 19.6 KB (19602 bytes)
MD5: 51ffa74fa6c813c13426c6e43b7a1f97
Detection count: 103
File type: Data file
Mime Type: unknown/dat
Path: %COMMONPROGRAMFILES%\UpdateTask\
Group: Malware file
Last Updated: June 22, 2017
849990390856a74df28ccb0d9fcf0460 File name: 849990390856a74df28ccb0d9fcf0460
Size: 215.55 KB (215552 bytes)
MD5: 849990390856a74df28ccb0d9fcf0460
Detection count: 94
Group: Malware file
Last Updated: January 15, 2018
cb29b56f8dbd0827b3cc1e79d6c51537 File name: cb29b56f8dbd0827b3cc1e79d6c51537
Size: 2.86 MB (2863616 bytes)
MD5: cb29b56f8dbd0827b3cc1e79d6c51537
Detection count: 93
Group: Malware file
Last Updated: January 15, 2018
%COMMONPROGRAMFILES(x86)%\UpdateTask1\ProductUpdate.exe File name: ProductUpdate.exe
Size: 544.25 KB (544256 bytes)
MD5: 4ad88f506bed78f54ea5623727ff6092
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES(x86)%\UpdateTask1\
Group: Malware file
Last Updated: June 22, 2017
%SYSTEMDRIVE%\Users\guill\AppData\Local\2b8db3a45f1ada0a56005e7cd222bbc3\Kenigeto.exe\Kenigeto.exe File name: Kenigeto.exe
Size: 2.15 MB (2158080 bytes)
MD5: 12692b26e66dfe2e013b3f6e9219c58e
Detection count: 37
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\guill\AppData\Local\2b8db3a45f1ada0a56005e7cd222bbc3\Kenigeto.exe\
Group: Malware file
Last Updated: October 23, 2018
%SYSTEMDRIVE%\Users\Mariana\AppData\Local\Sesasot\nironisos.exe\nironisos.exe File name: nironisos.exe
Size: 160.25 KB (160256 bytes)
MD5: d2128166fe2470ac7c0f0ef5ceab9cec
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\Mariana\AppData\Local\Sesasot\nironisos.exe\
Group: Malware file
Last Updated: January 26, 2020
C:\Program Files\Common Files\3ca1e80425e8d41a6c9c6fbeb0823ba9\dibubi.exe File name: dibubi.exe
Size: 662.01 KB (662016 bytes)
MD5: 50f52b4f09b6e7aa01b7828c6fec4e01
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files\Common Files\3ca1e80425e8d41a6c9c6fbeb0823ba9\
Group: Malware file
Last Updated: November 1, 2019
%SYSTEMDRIVE%\Users\AFZAL\AppData\Roaming\790055de6080dee4d7c84d6401bc1382\mefecasat.exe\mefecasat.exe File name: mefecasat.exe
Size: 1.99 MB (1990656 bytes)
MD5: 7ee36163329566accb3a1cf26a9231d8
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\AFZAL\AppData\Roaming\790055de6080dee4d7c84d6401bc1382\mefecasat.exe\
Group: Malware file
Last Updated: October 19, 2018

More files

Registry Modifications


The following newly produced Registry Values are:

Regexp file mask%APPDATA%\DealPly\UpdateProc\UpdateTask.exe%APPDATA%\docupabi.exe%APPDATA%\Dupalik.exe%APPDATA%\Setup[NUMBERS].exe%APPDATA%\UpdateTask\productupdt.exe%APPDATA%\UpdateTask\Sync.exe%APPDATA%\UpdateTask\SyncTask.exe%APPDATA%\UpdateTask\syncversion.exe%APPDATA%\UpdateTask\SynHelper.exe%APPDATA%\UpdateTask\Updane.exe%APPDATA%\UpdateTask\updtask.exe%APPDATA%\w{3,30}.exe.dat%COMMONPROGRAMFILES%\UpdateTask\productupdt.exe%COMMONPROGRAMFILES%\UpdateTask\Sync.exe%COMMONPROGRAMFILES%\UpdateTask\SyncTask.exe%COMMONPROGRAMFILES%\UpdateTask\syncversion.exe%COMMONPROGRAMFILES%\UpdateTask\SynHelper.exe%COMMONPROGRAMFILES%\UpdateTask\Updane.exe%COMMONPROGRAMFILES%\UpdateTask\updtask.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\productupdt.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\Sync.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\SyncTask.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\syncversion.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\SynHelper.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\Updane.exe%COMMONPROGRAMFILES(x86)%\UpdateTask\updtask.exe%LOCALAPPDATA%\UpdateTask\productupdt.exe%LOCALAPPDATA%\UpdateTask\Sync.exe%LOCALAPPDATA%\UpdateTask\SyncTask.exe%LOCALAPPDATA%\UpdateTask\syncversion.exe%LOCALAPPDATA%\UpdateTask\SynHelper.exe%LOCALAPPDATA%\UpdateTask\Updane.exe%LOCALAPPDATA%\UpdateTask\updtask.exe%UserProfile%\Local Settings\Application Data\UpdateTask\productupdt.exe%UserProfile%\Local Settings\Application Data\UpdateTask\Sync.exe%UserProfile%\Local Settings\Application Data\UpdateTask\SyncTask.exe%UserProfile%\Local Settings\Application Data\UpdateTask\syncversion.exe%UserProfile%\Local Settings\Application Data\UpdateTask\SynHelper.exe%UserProfile%\Local Settings\Application Data\UpdateTask\Updane.exe%UserProfile%\Local Settings\Application Data\UpdateTask\updtask.exe%WinDir%\System32\Tasks\Dealply%WinDir%\System32\Tasks\DealPlyLiveUpdateTaskMachineCore%WinDir%\System32\Tasks\DealPlyLiveUpdateTaskMachineUA%WINDIR%\System32\Tasks\DealPlyUpdate%WinDir%\Tasks\Dealply.job%WinDir%\Tasks\DealPlyLiveUpdateTaskMachineCore.job%WinDir%\Tasks\DealPlyLiveUpdateTaskMachineUA.jobDirectory%ALLUSERSPROFILE%\Application Data\cofrags%ALLUSERSPROFILE%\Application Data\DealPlyLive%ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\DealPly%ALLUSERSPROFILE%\cofrags%ALLUSERSPROFILE%\DealPlyLive%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\DealPly%ALLUSERSPROFILE%\Start Menu\Programs\DealPly%APPDATA%\bodor%APPDATA%\DealPly%APPDATA%\hodor%APPDATA%\Microsoft\Windows\Start Menu\Programs\DealPly%appdata%\opera_helper%APPDATA%\wincbee%APPDATA%\wincy%COMMONPROGRAMFILES%\bodor%COMMONPROGRAMFILES%\hodor%COMMONPROGRAMFILES%\wincbee%COMMONPROGRAMFILES%\wincy%COMMONPROGRAMFILES(x86)%\bodor%COMMONPROGRAMFILES(x86)%\hodor%COMMONPROGRAMFILES(x86)%\wincbee%COMMONPROGRAMFILES(x86)%\wincy%LOCALAPPDATA%\bodor%LOCALAPPDATA%\DealPly%LocalAppData%\DealPlyLive%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\aipliiiccmmlccjgjknphbmegjplcklk%LocalAppData%\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf%LOCALAPPDATA%\hodor%LOCALAPPDATA%\Sahocasob%LOCALAPPDATA%\wincbee%LOCALAPPDATA%\wincy%LOCALAPPDATA%\{021D3441-26B5-58F9-4B2D-7D116F458189}%LOCALAPPDATA%\{57E4615F-72B6-0C29-1980-2BFBC552D6C5}%PROGRAMFILES%\DealPly%PROGRAMFILES%\DealPlyLive%PROGRAMFILES(x86)%\DealPly%PROGRAMFILES(x86)%\DealPlyLive%UserProfile%\Local Settings\Application Data\bodor%UserProfile%\Local Settings\Application Data\DealPly%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aipliiiccmmlccjgjknphbmegjplcklk%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf%UserProfile%\Local Settings\Application Data\hodor%USERPROFILE%\Local Settings\Application Data\Sahocasob%UserProfile%\Local Settings\Application Data\wincbee%UserProfile%\Local Settings\Application Data\wincy%UserProfile%\Local Settings\Application Data\{57E4615F-72B6-0C29-1980-2BFBC552D6C5}%USERPROFILE%\Microsoft\Windows\Start Menu\Programs\DealPlyCLSID{04E432B8-204C-5E00-4DD4-7BE869BC8770}{0D89DE71-3D99-4288-84DC-F18F1047A7D8}{1E0C9B2A-6447-452C-B012-2314A0C29412}{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}{501CB57A-D4E2-4855-96AD-EDB0A9083395}{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}{7F1796B2-BEC6-427B-B734-F9C75ED94A80}{80FABB17-63AF-4655-9F07-B6509EE37AF2}{83ABA270-8390-4CA6-AE48-FC089F55629E}{8B218A5F-1A3D-4347-94EF-A79575EB8094}{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}{9cf699ca-2174-4ed8-bec1-ba82095edce0}{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}{C536F080-57B7-46D6-8894-C647553F2889}{CA5D945F-E738-4D0B-A0B5-25AC51C64659}{EF7BD87A-8024-11E2-F316-F3E56188709B}{F48FC5B2-094A-44C7-B48C-289738C9582D}{F7698761-4ABA-45C2-A5BB-D2163922C725}{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}BFReportDealPlyRegistry keySOFTWARE\Classes\AppID\DealPlyLive.exeSOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachineSOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0SOFTWARE\Classes\DealPlyLive.Update3WebControl.3SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsyncSOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0SOFTWARE\Classes\DealPlyLiveUpdate.CoreClassSOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClassSOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachineSOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineSOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallbackSOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvcSOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncherSOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassServiceSOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineSOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallbackSOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvcSOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dealply.comSOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.dealply.comSOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dealply.comSOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.dealply.comSOFTWARE\Classes\Wow6432Node\AppID\DealPlyLive.exeSOFTWARE\Classes\Wow6432Node\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}SOFTWARE\Classes\Wow6432Node\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}Software\DealPlySoftware\DealPlyLiveSOFTWARE\Google\Chrome\Extensions\ejnmnhkgiphcaeefbaooconkceehicfiSoftware\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipjeSOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgfSoftware\Microsoft\Internet Explorer\Approved Extensions\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}Software\Microsoft\Internet Explorer\DOMStorage\dealply.comSOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DealPlyLive.exeSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Dealply.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\Dealply.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlySOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCoreSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUASOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdateSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}SOFTWARE\Wow6432Node\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}SOFTWARE\Wow6432Node\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}SOFTWARE\Wow6432Node\DealPlySOFTWARE\Wow6432Node\DealPlyLiveSOFTWARE\Wow6432Node\DealPlyLive\Update\Clients\{0d629f4e-4984-400f-addb-97a2cb6ae549}SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejnmnhkgiphcaeefbaooconkceehicfiSoftware\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipjeSOFTWARE\Wow6432Node\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgfSOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DealPlyLive.exeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}SOFTWARE\Wow6432Node\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3SOFTWARE\Wow6432Node\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9SYSTEM\ControlSet001\services\dealplyliveSYSTEM\ControlSet001\services\dealplylivemSYSTEM\ControlSet002\services\dealplyliveSYSTEM\ControlSet002\services\dealplylivemSYSTEM\CurrentControlSet\services\dealplyliveSYSTEM\CurrentControlSet\services\dealplylivemFile name without pathchrome-extension_aipliiiccmmlccjgjknphbmegjplcklk_0.localstoragechrome-extension_mphpbdjcljebbcnfopfngmfdackbbdgf_0.localstoragechrome-extension_mphpbdjcljebbcnfopfngmfdackbbdgf_0.localstorage-journal
Posted: June 1, 2012
Threat Metric
Threat Level: 2/10
Infected PCs 2,268,682

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.