Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Relationships
Deal Vault.dll
Deal Vault by Excellent Apps (Signed)
| Version: | 1.1.151.6 |
| MD5: | 899a56dd8deab563a18fafa695045788 |
| SHA1: | 9680cbf64c47e607578007457d5c87b81f9eb42f |
| SHA256: | 27f015f1d1cc44b11935a9b7cb22d591056dc48d019f2385a26d1c74d2608dc8 |
Warning 13 antivirus scanners has detected malware.
Overview
deal vault.dll is malware that is loaded as dynamic link library that runs in the context of Internet Explorer. It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. This is typically installed with the program Deal Vault published by 215 Apps and is most likely removed by most users once installed (79% removed). The file is digitally signed by Excellent Apps which was issued by the Thawte certificate authority (CA). This particular version is usually found on Windows 7 Home Premium (6.1.7601.65536).
Details
| File name: | deal vault.dll |
| Publisher: | 215 Apps |
| Product name: | Deal Vault |
| Description: | Deal Vault BHO |
| Typical file path: | C:\Program Files\deal vault\deal vault.dll |
| File version: | 1.1.151.6 |
| Size: | 602.88 KB (617,352 bytes) |
| Certificate |
| Issued to: | Excellent Apps |
| Authority (CA): | Thawte |
| Effective date: | Wednesday, August 29, 2012 |
| Expiration date: | Friday, August 30, 2013 |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
Deal Vault from 215 Apps (Amazing Apps/50onRed) installs a web browser extension (Internet Explorer Browser Helper Object) to view web pages loaded and looks for affiliated merchants in order to possibly provide better pricing or alternative deals on a given product or merchant. Basically if Deal Vault has a pre-arranged affiliate relationship with a similar merchant it will alert you when you visit through your web browser. Deal Vault ...
Behaviors
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {11111111-1111-1111-1111-110111981166}
Malware detections
Based on 40+ industry antivirus scanners, 13 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Baidu Antivirus |
3.5.1.41473 |
Trojan.Win32.Toolbar.CrossRider.A |
| BitDefender |
7.2 |
Gen:Variant.Adware.VidSaver.1 |
| Comodo Internet Security |
17031 |
ApplicUnwnt |
| Emsisoft Anti-Malware |
3.0.0.589 |
Gen:Variant.Adware.VidSaver.1 (B) |
| ESET NOD32 |
7.8863 |
a variant of Win32/Toolbar.CrossRider.A |
| F-Secure |
11.0.19100.45 |
Gen:Variant.Adware.VidSaver.1 |
| G Data |
13.10.22 |
Gen:Variant.Adware.VidSaver.1 |
| Ikarus |
T3.1.5.4.0 |
Win32.SuspectCrc |
| eScan by MicroWorld |
12.0.250.0 |
Gen:Variant.Adware.VidSaver.1 |
| Sophos |
4.93.0 |
AppRider |
| Trend Micro |
9.740.0.1012 |
ADW_GAMEPLAYLABS |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_GAMEPLAYLABS |
| VIPRE Antivirus |
21998 |
GamePlayLabs (v) |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Acer |
100.00% |
|
