DealHelper.com Adware

Virus description: DealHelper.com
Category:Adware,BHO,Toolbar,Downloader
Another names:

[Panda]Adware/DealHelper,Trj/Downloader.OE;
[Other]Adware.DealHelper

DealHelper.com Detection :

Files:
[%PROFILE_TEMP%]\_setupx.dll
[%SYSTEM%]\Dnlelq.exe
[%SYSTEM%]\dun.exe
[%SYSTEM%]\Eyerkt.exe
[%SYSTEM%]\Gkyzbs.exe
[%SYSTEM%]\HookPopup.dll
[%SYSTEM%]\Nwrseu.exe
[%SYSTEM%]\Werxtr.exe
[%SYSTEM%]\Xiclwf.exe
[%WINDOWS%]\appsinstalled.htm
[%WINDOWS%]\dealhlpr.dll
[%WINDOWS%]\dhdom.bin
[%WINDOWS%]\dhdomp.bin
[%WINDOWS%]\dhkw.bin
[%WINDOWS%]\dhp2.dll
[%WINDOWS%]\dsearch.bin
[%DESKTOP%]\dhbrwsr.exe
[%SYSTEM%]\dealhlpr.dll
[%SYSTEM%]\dp-him.exe
[%SYSTEM%]\dp-k13w13.exe
[%WINDOWS%]\dhbrwsr.exe
[%WINDOWS%]\dhp.dll
[%WINDOWS%]\dhsigned.ocx
[%WINDOWS%]\dhsvr.exe
[%WINDOWS%]\dhun.exe
[%WINDOWS%]\dhupdt.exe
[%WINDOWS%]\edow.exe
[%WINDOWS%]\system\dealhlpr.dll
[%WINDOWS%]\timesynchronize.exe
[%PROFILE_TEMP%]\_setupx.dll
[%SYSTEM%]\Dnlelq.exe
[%SYSTEM%]\dun.exe
[%SYSTEM%]\Eyerkt.exe
[%SYSTEM%]\Gkyzbs.exe
[%SYSTEM%]\HookPopup.dll
[%SYSTEM%]\Nwrseu.exe
[%SYSTEM%]\Werxtr.exe
[%SYSTEM%]\Xiclwf.exe
[%WINDOWS%]\appsinstalled.htm
[%WINDOWS%]\dealhlpr.dll
[%WINDOWS%]\dhdom.bin
[%WINDOWS%]\dhdomp.bin
[%WINDOWS%]\dhkw.bin
[%WINDOWS%]\dhp2.dll
[%WINDOWS%]\dsearch.bin
[%DESKTOP%]\dhbrwsr.exe
[%SYSTEM%]\dealhlpr.dll
[%SYSTEM%]\dp-him.exe
[%SYSTEM%]\dp-k13w13.exe
[%WINDOWS%]\dhbrwsr.exe
[%WINDOWS%]\dhp.dll
[%WINDOWS%]\dhsigned.ocx
[%WINDOWS%]\dhsvr.exe
[%WINDOWS%]\dhun.exe
[%WINDOWS%]\dhupdt.exe
[%WINDOWS%]\edow.exe
[%WINDOWS%]\system\dealhlpr.dll
[%WINDOWS%]\timesynchronize.exe

Folders:
[%PROGRAM_FILES%]\dealhelper.com inc
[%PROGRAM_FILES%]\timesync
[%SYSTEM%]\dealhelper
[%PROGRAMS%]\dealhelper

Registry Keys:
HKEY_CLASSES_ROOT\appid\{a1f53f1d-fb2d-4fe0-8ee8-7bbe69999d9f}
HKEY_CLASSES_ROOT\appid\{a57afb0f-c63e-4ae2-8a7b-bca01ba32cc5}
HKEY_CLASSES_ROOT\clsid\{1a2883f2-fdc7-4af2-b136-203adb475dd7}
HKEY_CLASSES_ROOT\clsid\{54a41ae7-b358-4d41-98bd-bbbffdf5186b}
HKEY_CLASSES_ROOT\clsid\{5e3e1dc0-239a-4067-a4a0-88902c108e58}
HKEY_CLASSES_ROOT\clsid\{6dd8b352-21a7-4c24-ac49-e9b4730c1823}
HKEY_CLASSES_ROOT\clsid\{7bc3ec59-a4a0-4638-a3bf-c20b0665947f}
HKEY_CLASSES_ROOT\clsid\{8b477303-698c-4eed-b9f6-c715842fbe33}
HKEY_CLASSES_ROOT\clsid\{8ee1aaf5-ed6b-4601-b333-cd30ffb8b39d}
HKEY_CLASSES_ROOT\clsid\{b8e910b5-7452-4a29-b121-08e8cf09ec07}
HKEY_CLASSES_ROOT\clsid\{bfef1779-0e92-45a1-bf5e-55991007f912}
HKEY_CLASSES_ROOT\CLSID\{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13}
HKEY_CLASSES_ROOT\clsid\{f00586de-a432-4b9f-877d-e29cd87efdd6}
HKEY_CLASSES_ROOT\clsid\{fe4bbea8-1efd-4b8a-bd1b-341ccdbeeaa6}
HKEY_CLASSES_ROOT\dealhlpr.band
HKEY_CLASSES_ROOT\dealhlpr.band.1
HKEY_CLASSES_ROOT\dealpop.cdealhelperpopup
HKEY_CLASSES_ROOT\dealpop.cdealhelperpopup.1
HKEY_CLASSES_ROOT\dealpop.dealpopevents
HKEY_CLASSES_ROOT\dealpop.dealpopevents.1
HKEY_CLASSES_ROOT\dhbrwsr.browserwindows
HKEY_CLASSES_ROOT\dhbrwsr.browserwindows.1
HKEY_CLASSES_ROOT\dhp.dhevents
HKEY_CLASSES_ROOT\dhp.dhevents.1
HKEY_CLASSES_ROOT\dhp.popup
HKEY_CLASSES_ROOT\dhp.popup.1
HKEY_CLASSES_ROOT\dhsigned.dhsignedctrl.1
HKEY_CLASSES_ROOT\dhsvr.cfiledatabase
HKEY_CLASSES_ROOT\dhsvr.cfiledatabase.1
HKEY_CLASSES_ROOT\dhsvr.dbhelper
HKEY_CLASSES_ROOT\dhsvr.dbhelper.1
HKEY_CLASSES_ROOT\dhsvr.even
HKEY_CLASSES_ROOT\dhsvr.even.1
HKEY_CLASSES_ROOT\dhsvr.webdealevents
HKEY_CLASSES_ROOT\dhsvr.webdealevents.1
HKEY_CLASSES_ROOT\interface\{06e53101-654c-45eb-bff6-e37e13b5972a}
HKEY_CLASSES_ROOT\interface\{0b16b278-b2e3-4cbf-85b5-e058878f728f}
HKEY_CLASSES_ROOT\interface\{1da40091-14b4-4c21-8170-a2ceede90b10}
HKEY_CLASSES_ROOT\interface\{3afae37a-56a3-4850-b599-4da9a9104b82}
HKEY_CLASSES_ROOT\interface\{3d89a731-9f4a-418f-a997-2d633c7c404c}
HKEY_CLASSES_ROOT\interface\{81739076-56b7-42ec-a0aa-692794fded1a}
HKEY_CLASSES_ROOT\interface\{a2cdafb4-eb9c-4efc-bcfc-a7aa6745ff7e}
HKEY_CLASSES_ROOT\interface\{b5146c72-3328-4240-97ed-3a23dcb656cf}
HKEY_CLASSES_ROOT\interface\{bf9ee3a0-1a02-4265-a65f-ac4d4447f6bf}
HKEY_CLASSES_ROOT\interface\{c2e6831b-822b-4a1f-9ef1-1d3eb7d3e985}
HKEY_CLASSES_ROOT\interface\{c9679631-7060-443f-bd37-88f9410ed8c3}
HKEY_CLASSES_ROOT\interface\{deba1742-2bec-4b78-a987-5837971193f7}
HKEY_CLASSES_ROOT\interface\{e9468a08-f790-48ce-ad30-eadeeab9b40c}
HKEY_CLASSES_ROOT\interface\{f3816084-9608-485a-b63b-cad8f931577e}
HKEY_LOCAL_MACHINE\software\classes\appid\{a1f53f1d-fb2d-4fe0-8ee8-7bbe69999d9f}
HKEY_LOCAL_MACHINE\software\classes\appid\{a57afb0f-c63e-4ae2-8a7b-bca01ba32cc5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1a2883f2-fdc7-4af2-b136-203adb475dd7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{54a41ae7-b358-4d41-98bd-bbbffdf5186b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{5e3e1dc0-239a-4067-a4a0-88902c108e58}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6dd8b352-21a7-4c24-ac49-e9b4730c1823}
HKEY_LOCAL_MACHINE\software\classes\clsid\{7bc3ec59-a4a0-4638-a3bf-c20b0665947f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{8b477303-698c-4eed-b9f6-c715842fbe33}
HKEY_LOCAL_MACHINE\software\classes\clsid\{8ee1aaf5-ed6b-4601-b333-cd30ffb8b39d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b8e910b5-7452-4a29-b121-08e8cf09ec07}
HKEY_LOCAL_MACHINE\software\classes\clsid\{bfef1779-0e92-45a1-bf5e-55991007f912}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d848a3ca-0bfb-4de0-ba9e-a57f0cca1c13}
HKEY_LOCAL_MACHINE\software\classes\clsid\{f00586de-a432-4b9f-877d-e29cd87efdd6}
HKEY_LOCAL_MACHINE\software\classes\clsid\{fe4bbea8-1efd-4b8a-bd1b-341ccdbeeaa6}
HKEY_LOCAL_MACHINE\software\classes\interface\{06e53101-654c-45eb-bff6-e37e13b5972a}
HKEY_LOCAL_MACHINE\software\classes\interface\{0b16b278-b2e3-4cbf-85b5-e058878f728f}
HKEY_LOCAL_MACHINE\software\classes\interface\{1da40091-14b4-4c21-8170-a2ceede90b10}
HKEY_LOCAL_MACHINE\software\classes\interface\{3afae37a-56a3-4850-b599-4da9a9104b82}
HKEY_LOCAL_MACHINE\software\classes\interface\{3d89a731-9f4a-418f-a997-2d633c7c404c}
HKEY_LOCAL_MACHINE\software\classes\interface\{81739076-56b7-42ec-a0aa-692794fded1a}
HKEY_LOCAL_MACHINE\software\classes\interface\{a2cdafb4-eb9c-4efc-bcfc-a7aa6745ff7e}
HKEY_LOCAL_MACHINE\software\classes\interface\{b5146c72-3328-4240-97ed-3a23dcb656cf}
HKEY_LOCAL_MACHINE\software\classes\interface\{bf9ee3a0-1a02-4265-a65f-ac4d4447f6bf}
HKEY_LOCAL_MACHINE\software\classes\interface\{c2e6831b-822b-4a1f-9ef1-1d3eb7d3e985}
HKEY_LOCAL_MACHINE\software\classes\interface\{c9679631-7060-443f-bd37-88f9410ed8c3}
HKEY_LOCAL_MACHINE\software\classes\interface\{deba1742-2bec-4b78-a987-5837971193f7}
HKEY_LOCAL_MACHINE\software\classes\interface\{e9468a08-f790-48ce-ad30-eadeeab9b40c}
HKEY_LOCAL_MACHINE\software\classes\interface\{f3816084-9608-485a-b63b-cad8f931577e}
HKEY_LOCAL_MACHINE\software\classes\typelib\{25ab1639-3f81-45a8-8318-2dafba8b8f3d}
HKEY_LOCAL_MACHINE\software\classes\typelib\{4b76f69e-247a-4617-aba9-95774658afc5}
HKEY_LOCAL_MACHINE\software\classes\typelib\{5e19a321-635e-4ba5-8828-a5b6427cc61d}
HKEY_LOCAL_MACHINE\software\classes\typelib\{771262e0-8feb-4e78-b292-b01c4071b9d1}
HKEY_LOCAL_MACHINE\software\classes\typelib\{b82b9ecf-40ae-46f2-b98e-b87cf17f70d0}
HKEY_LOCAL_MACHINE\software\classes\typelib\{c2e2f4d7-2c20-492f-b179-d15ff876ab83}
HKEY_LOCAL_MACHINE\software\dealhelper
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FE4BBEA8-1EFD-4B8A-BD1B-341CCDBEEAA6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dealhelper
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\windh
HKEY_CLASSES_ROOT\clsid\{d848a3ca-0bfb-4de0-ba9e-a57f0cca1c13}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{d848a3ca-0bfb-4de0-ba9e-a57f0cca1c13}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{fe4bbea8-1efd-4b8a-bd1b-341ccdbeeaa6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d848a3ca-0bfb-4de0-ba9e-a57f0cca1c13}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{8ce1d4a8-93fa-4815-8d95-baf6fe38483c}

Registry Values:
HKEY_LOCAL_MACHINE\software\classes\appid\dhbrwsr.exe
HKEY_LOCAL_MACHINE\software\classes\appid\dhsvr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CLASSES_ROOT\appid\dhbrwsr.exe
HKEY_CLASSES_ROOT\appid\dhsvr.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\classes\appid\dhbrwsr.exe
HKEY_LOCAL_MACHINE\software\classes\appid\dhsvr.exe
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/dhsigned.ocx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/dhsigned.ocx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\timesync

Removing DealHelper.com:

you can run trial version of ExterminateIt, or remove DealHelper.com manually..

---

ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.

Download ExterminateIt! to instantly get rid of DealHelper.com!

---

Also Be Aware of the Following Threats:
Removing Pigeon.AVLN Trojan