Home / malware Adware:Win32/DealPly
First posted on 08 January 2013.
Source: MicrosoftAliases :
There are no other names known for Adware:Win32/DealPly.
Explanation :
Adware:Win32/DealPly may be installed from the program's website:
It may also be installed by offers in third-party software installers, such as those detected as SoftwareBundler:Win32/Protlerdob.
Installation
When run, the installer for Adware:Win32/DealPly creates a folder named "DealPly" in %ProgramFiles% and installs the following files there:
- icon.ico
- DealPly.crx
- dealplyie.dll
- dealplyupdate.exe
- dealplyupdaterun.exe
- uninst.exe
Note: %ProgramFiles% refers to a variable location that is determined by the software by querying the operating system. The default location for the Program Files folder for Windows 2000, XP, 2003, Vista, 7, and 8 is "C:\Program Files".
It also creates an entry in the <start menu> called "DealPly", which contains links to the software, help information, and the software's uninstaller.
Note: <start menu> refers to a variable location that is determined by the software by querying the operating system. The default location for the Start Menu folder for Windows 2000, XP, and 2003 is "C:\Documents and Settings\<user>\Start Menu" or "C:\Users\<user>\Start Menu". For Windows Vista, 7, and 8, the default location is "C:\Users\<user name>\AppData\Roaming\Microsoft\Windows\Start Menu".
The icon for Adware:Win32/DealPly appears as follows:
Adware:Win32/DealPly installs itself as a BHO (browser helper object), which can be seen in Internet Explorer's Manage Add-ons window, as in the following screenshot:
Adware:Win32/DealPly updates itself by creating a scheduled Windows task called "DealPlyUpdate" that runs daily.
Adware:Win32/DealPly creates an installation entry in the Programs and Features section of the Control Panel. Running this uninstaller may remove Adware:Win32/DealPly from your computer.
Execution
Once installed, Adware:Win32/DealPly displays offers to you as you browse the Internet, as in the following examples:
Analysis by Michael Johnson
Last update 08 January 2013
