Dealply.Adware.BrowserHijack.DDS removal tips

The Dealply.Adware.BrowserHijack.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Dealply.Adware.BrowserHijack.DDS virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Dealply.Adware.BrowserHijack.DDS?


File Info:
name: 966749D4D6CFD1D691B2.mlw
path: /opt/CAPEv2/storage/binaries/8932300d8ffa14833ce0916173bbf054e0ab5f116539653719734e6139af5cce
crc32: F1ED7537
md5: 966749d4d6cfd1d691b23905da2a25e2
sha1: 0044f2f59f918c8477b26cf4852f27cd4d90e0a7
sha256: 8932300d8ffa14833ce0916173bbf054e0ab5f116539653719734e6139af5cce
sha512: bf8a85ae740df54fa411bba9e38f3203b94050c86c6c215f7fc18876a1e235955e69d99fe33d89590e12b79f1be7bafc970e7db7f9a84659806574ee232b6935
ssdeep: 6144:8twg/ueiWFl2pV+03NO+ElUAzHypuktliJuBwTvsL7:8twg/RiWFe7dJAopi8Bgsv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BB546C73E7D04837D1332A799D5B5B69E83ABE112A2C18461BEC2C4C5F3D7827928397
sha3_384: d1539cb2cd8d3fbfc344f8c44768bed005f20e41b0f19a80629bb5406c280b37bf92cf93542d5a8d043f881c8880b242
ep_bytes: 558bec83c4f4b8e8f34300e89469fcff
timestamp: 1992-06-19 22:22:17

Version Info:
CompanyName: Felarehareg Ltd.
FileDescription: Cacalipe Sac
FileVersion: 3.4.10.5
InternalName: gonub
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: gonub.exe
ProductName: Bilafari
ProductVersion: 3.5.23.83

Dealply.Adware.BrowserHijack.DDS also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Adware.DealPly.1.Gen
FireEye	Adware.DealPly.1.Gen
CAT-QuickHeal	PUA.GenericPMF.S5626927
Cylance	Unsafe
Sangfor	Virus.Win32.Save.a
K7AntiVirus	Adware ( 00529a881 )
K7GW	Adware ( 00529a881 )
CrowdStrike	win/grayware_confidence_100% (W)
VirIT	Trojan.Win32.Generic.ONC
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/DealPly.VP potentially unwanted
APEX	Malicious
Kaspersky	not-a-virus:HEUR:AdWare.Win32.DealPly.gen
BitDefender	Adware.DealPly.1.Gen
NANO-Antivirus	Riskware.Win32.DealPly.foctzv
Tencent	Win32.Adware.Dealply.Htbz
Ad-Aware	Adware.DealPly.1.Gen
VIPRE	Adware.DealPly.1.Gen
TrendMicro	Adware.Win32.DEALPLY.SME
McAfee-GW-Edition	BehavesLike.Win32.BadFile.dh
Emsisoft	Adware.DealPly.1.Gen (B)
Ikarus	PUA.DealPly
Webroot	W32.Adware.Gen
Google	Detected
Avira	HEUR/AGEN.1204913
Microsoft	BrowserModifier:Win32/Prifou
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.DealPly.gen
GData	Adware.DealPly.1.Gen
Cynet	Malicious (score: 99)
MAX	malware (ai score=65)
VBA32	Trojan.Sabsik.FL
Malwarebytes	Dealply.Adware.BrowserHijack.DDS
Panda	Trj/CI.A
TrendMicro-HouseCall	Adware.Win32.DEALPLY.SME
Rising	Adware.DealPly!1.AA42 (CLASSIC)
Fortinet	Adware/DealFly
BitDefenderTheta	AI:Packer.FD410B1F21
AVG	Win32:Adware-gen [Adw]
Cybereason	malicious.4d6cfd
Avast	Win32:Adware-gen [Adw]

How to remove Dealply.Adware.BrowserHijack.DDS?

Dealply.Adware.BrowserHijack.DDS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X