DealHelper

Description:	Adware
Risk Level:	High
Date of First Occurence:	Tuesday, May 06, 2008
Software Developer:	(unknown)
Brief Info:	DealHelper displays advertisements and makes updates to itself.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "DealHelper"

Threat Info

View All

Detected Items

Detected Files: %WINDIR%\DHP.dll MD5: 4D58B75248CF39839A5318C02996183D Size:106496 MD5: 709F77E559FE9FBFF297776987F83F5F Size:106496 MD5: 2D7701FD01746700A9174AA5ED4BEEAF Size:94208 MD5: 64BE4902CB0E6D132B8CB88CA5702B2F Size:106496 MD5: AC015673DE94266CCC991B4DD12DBD45 Size:94208 MD5: C5ACD759B22428B3FFF043726F6A29BC Size:106496 MD5: 7FFC25EFD2F088011BA3738960CED316 Size:94208 MD5: 4F91DEFBB0A3569D6C5671F5D5691C76 Size:102400 MD5: C63ED3B099C66D6AC4D50AECD68E1758 Size:106496 %SYSDIR%\dun.exe MD5: 613EAC0488C7517158435D3D934F6544 Size:28672 MD5: CD6EDBFBBCD0EC71920D3907AE7C0F02 Size:28672 MD5: C17DF2864A6273EA96A0B127C3883E09 Size:206302 MD5: E9AC186BC7D1E1129B69A699D43983F1 Size:28672 %SYSDIR%\HookPopup.dll MD5: 6DC1B70928931738EC501ECFE2FB48C5 Size:24576 MD5: 30B1B27EC2B9B97EB53070B6E752B363 Size:2709 MD5: 751A04E4CF398C9C25674B934EDBB306 Size:1562 %WINDIR%\Dealhlpr.dll MD5: 8E00B8AB90706BA23F9BE80A2748BAA9 Size:102400 MD5: 6A15EB42A0F8262E6D99A8948396E899 Size:102400 MD5: 9782B10AAF0E2DDED1E3B61C2B1C754A Size:61440 MD5: AFFAED33357A63AA3F03670F5B8062A8 Size:102400 MD5: FF3B49DD7F2DAE711689DFCBEDC853A6 Size:102400 MD5: CFDCD47C3CDE71D00F09B15433B6005F Size:102400 %WINDIR%\dealhlpr.dll MD5: 6CEFDAF9FC0DC1BF2A0CC71463D1F2C8 Size:102400 MD5: 3BE2A343C4A597D33B0264A42CE04C14 Size:102400 MD5: AA0A6B4F93FA2C13E6B1A6AE3578D00D Size:102400 MD5: 49BD7BCD6FD1CCA84AF2A11316F1E83A Size:102400 %WINDIR%\dhsvr.exe MD5: 86D3A530C024F1F2C64816DC7AF22F9A Size:180224 MD5: 22BAC393D03E31EA4BE5791297BA2428 Size:180224 MD5: 11029E488892FFFB2DE601CD00ED5360 Size:131070 MD5: 1CF44C2A106B0C1FD0FE0CCE08CDB93A Size:65535 MD5: FD90320AC598D9502E5C695EF1310609 Size:46344 MD5: 42D79EC4E08F300BF1D61B4FB6B95E0D Size:180224 MD5: 1045DD68C4EE46EFD7BA9EAA25FA6562 Size:180224 %WINDIR%\DHUpdt.exe MD5: 5B149E4FB691E64278FCDF1803941EB3 Size:126976 MD5: C014A2272A00242AB497B2F56BE887FA Size:126976 MD5: 7885F7534829418D594F87AF6F527264 Size:126976 MD5: 1F619D5264ED6335F9AD5DD79C08019E Size:126976 MD5: 18324EC50F32500150CDEB22477B112B Size:126976 MD5: 49A051DA97209F97D0EF24EE5BE0E0DE Size:126976 MD5: 40FEC697D7D73A3CFA721B5101EAC0EB Size:126976 MD5: F273E698169E2D460A2565C3D790EA79 Size:126976 MD5: 111EC51AFE08159B5FA1F9BBCAA2EF57 Size:126976 MD5: 95CE422ADAD288D0D6653380C31B304C Size:126976 MD5: E4201707619AD22FFB97695D52CE6060 Size:126976 %WINDIR%\Dhsvr.exe MD5: 9C97D71F9CDFE8165A2DEFAC741DD5AF Size:180224 MD5: 4C858E3FADAE37982A46F15DF584E5F5 Size:176128 MD5: ECE8358D278AF88B856FB898B9238AC5 Size:180224 MD5: 1CF5F87A1737E1FF029A7A606C87F840 Size:176128 MD5: B2A62D62CD9340D9C42389AFF9F6DC42 Size:180224 MD5: DC5BC77606A4C8279D2A6C6DE51666CD Size:180224 MD5: AAB580C881A8C04E99B0A69D69171910 Size:180224 MD5: B2FA799360F79EF9C9D97D3C1FC94AF4 Size:180224 %WINDIR%\dhp.dll MD5: 24B703DF85B9707E987E64A5E7D56418 Size:102400
Detected Files with variable Filenames: MD5: B7A6363F49BAB1245DDB94A7D8AF9F59 Size: 229376 %SYSDIR%\Vnrgwy.exe %SYSDIR%\Jtucob.exe %SYSDIR%\Lgnhbj.exe

Detecting items list:

Files by Name %Windir%\Dhbrowser.exe %Windir%\DHP.dll %Windir%\Dhsvr.exe %Windir%\DHUpdt.exe %Windir%\Dealhlpr.dll %Sysdir%\dun.exe %Sysdir%\HookPopup.dll
Files by MD5 MD5: B7A6363F49BAB1245DDB94A7D8AF9F59 Size: 229376
Files by CLSID or Name CLSID=A1F53F1D-FB2D-4FE0-8EE8-7BBE69999D9F CLSID=A57AFB0F-C63E-4AE2-8A7B-BCA01BA32CC5 CLSID=54A41AE7-B358-4D41-98BD-BBBFFDF5186B CLSID=5E3E1DC0-239A-4067-A4A0-88902C108E58 CLSID=6DD8B352-21A7-4C24-AC49-E9B4730C1823 CLSID=8B477303-698C-4EED-B9F6-C715842FBE33 CLSID=8EE1AAF5-ED6B-4601-B333-CD30FFB8B39D CLSID=B8E910B5-7452-4A29-B121-08E8CF09EC07 CLSID=D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13 CLSID=F00586DE-A432-4B9F-877D-E29CD87EFDD6 CLSID=1A2883F2-FDC7-4AF2-B136-203ADB475DD7 CLSID=BFEF1779-0E92-45A1-BF5E-55991007F912 CLSID=FE4BBEA8-1EFD-4B8A-BD1B-341CCDBEEAA6 CLSID=7BC3EC59-A4A0-4638-A3BF-C20B0665947F CLSID=93AD89ED-F29F-4974-8688-2552B5955D4E CLSID=06E53101-654C-45EB-BFF6-E37E13B5972A CLSID=0B16B278-B2E3-4CBF-85B5-E058878F728F CLSID=1DA40091-14B4-4C21-8170-A2CEEDE90B10 CLSID=3AFAE37A-56A3-4850-B599-4DA9A9104B82 CLSID=3D89A731-9F4A-418F-A997-2D633C7C404C CLSID=81739076-56B7-42EC-A0AA-692794FDED1A CLSID=A2CDAFB4-EB9C-4EFC-BCFC-A7AA6745FF7E CLSID=BF9EE3A0-1A02-4265-A65F-AC4D4447F6BF CLSID=DEBA1742-2BEC-4B78-A987-5837971193F7 CLSID=F3816084-9608-485A-B63B-CAD8F931577E CLSID=C2E6831B-822B-4A1F-9EF1-1D3EB7D3E985 CLSID=C9679631-7060-443F-BD37-88F9410ED8C3 CLSID=E9468A08-F790-48CE-AD30-EADEEAB9B40C CLSID=B5146C72-3328-4240-97ED-3A23DCB656CF CLSID=F0207D66-1A2A-4B86-B821-50C12E4ABE43 CLSID=25AB1639-3F81-45A8-8318-2DAFBA8B8F3D CLSID=5E19A321-635E-4BA5-8828-A5B6427CC61D CLSID=771262E0-8FEB-4E78-B292-B01C4071B9D1 CLSID=B82B9ECF-40AE-46F2-B98E-B87CF17F70D0 CLSID=4B76F69E-247A-4617-ABA9-95774658AFC5 CLSID=C2E2F4D7-2C20-492F-B179-D15FF876AB83 CLSID=449DC6DA-DBFC-458B-8B62-3DB7C366BD6D

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »