Deal Spy.dll
Deal Spy by Innovative Apps (Signed)
| Version: | 1.1.153.8 |
| MD5: | 02d3e1f19487ad10a2a1d6f5844a51bc |
| SHA1: | f64c5eaaafbbfbdaac44bf4b68435fd9f30a62ee |
| SHA256: | 4f898e093e7eae0e6dee330c476660f11d7ad95ec319bc03c3c35a1add397f9d |
Warning 12 antivirus scanners has detected malware.
Overview
deal spy.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program Deal Spy published by 215 Apps and is most likely removed by most users once installed (87% removed). The file is digitally signed by Innovative Apps which was issued by the Thawte certificate authority (CA).
Details
| File name: | deal spy.dll |
| Publisher: | 215 Apps |
| Product name: | Deal Spy |
| Description: | Deal Spy BHO |
| Typical file path: | C:\Program Files\deal spy\deal spy.dll |
| File version: | 1.1.153.8 |
| Size: | 717.38 KB (734,600 bytes) |
| Certificate |
| Issued to: | Innovative Apps |
| Authority (CA): | Thawte |
| Effective date: | Tuesday, January 8, 2013 |
| Expiration date: | Thursday, January 9, 2014 |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
Deal Spy from 215 Apps (Amazing Apps, Friendly Apps, and a bunch of other names 50onRed goes by) installs an extension within all the major browsers to view web pages loaded and looks for affiliated merchants in order to possibly provide better pricing or alternative deals on a given product or merchant. It injects ads as well as affiliate links directly by modifying web page. In addition, it has been seen to display non-embedded pop-up...
Behaviors
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {11111111-1111-1111-1111-110211621176}
Malware detections
Based on 40+ industry antivirus scanners, 12 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| avast! |
8.0.1489.320 |
Win32:Installer-M [Adw] |
| BitDefender |
7.2 |
Gen:Variant.Adware.VidSaver.1 |
| Comodo Internet Security |
16574 |
ApplicUnwnt |
| Emsisoft Anti-Malware |
3.0.0.583 |
Gen:Variant.Adware.VidSaver.1 (B) |
| ESET NOD32 |
7.8555 |
a variant of Win32/Toolbar.CrossRider.A |
| Fortinet |
5.1.146.0 |
Adware/Fam.NB |
| F-Secure |
11.0.19100.45 |
Gen:Variant.Adware.VidSaver.1 |
| G Data |
13.9.22 |
Gen:Variant.Adware.VidSaver.1 |
| Ikarus |
T3.1.4.3.0 |
Win32.SuspectCrc |
| Symantec |
20131.1.0.101 |
WS.Reputation.1 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0328 |
| VIPRE Antivirus |
19506 |
GamePlayLabs (v) |
Distribution by Windows OS
| OS version | distribution |
| Windows 8 |
50.00% |
|
| Windows 8 Pro |
50.00% |
|
Distribution by country
United States installs about 100.00% of Deal Spy.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Toshiba |
66.67% |
|
| Hewlett-Packard |
33.33% |
|
