Bonanza Deals

By LoneStar in Adware

Threat Scorecard

Ranking:	2,445
Threat Level:	20 % (Normal)
Infected Computers:	75,863

First Seen:	September 24, 2013
Last Seen:	April 15, 2024
OS(es) Affected:	Windows

Bonanza Deals is an adware program that may be installed onto Google Chrome, Mozilla Firefox and Internet Explorer. Bonanza Deals may embed a browser plug-in that shows a variety of messages while the affected web user is browsing the webt. Bonanza Deals may also show a variety of irritating pop-up advertisements that carry coupons with discounts and other offers. Bonanza Deals expects Internet users to click on these pop-up ads. Bonanza Deals tries to increase traffic of advertising websites and benefit from associated links. Bonanza Deals may reroute target computer users to doubtful commercial websites and disturb the web user's work with continuous pop-up ads and messages. Bonanza Deals may also threaten the target computer user's privacy and security. Bonanza Deals may trace the affected web user's surfing activities, that is what websites he is visiting, what information he enters while surfing on the net and other details. Then, Bonanza Deals may transmit this data to remote cybercriminals.

Table of Contents

Aliases

3 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
DrWeb	Adware.Shopper.363
Comodo	Application.Win32.Bonanza.gr
Symantec	Adware.BL

SpyHunter Detects & Remove Bonanza Deals

File System Details

Bonanza Deals may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	UpdateTask.exe	c40e44deaee08c93263b53be589ac409	587
Name: UpdateTask.exe MD5: c40e44deaee08c93263b53be589ac409 Size: 99.84 KB (99840 bytes) Detections: 587 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
2.	UpdateTask.exe	6cbeac2c020c5eeb3ac88de3cbd851cf	162
Name: UpdateTask.exe MD5: 6cbeac2c020c5eeb3ac88de3cbd851cf Size: 99.84 KB (99840 bytes) Detections: 162 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
3.	UpdateTask.exe	2862ea2ff176263d77949327757f178d	138
Name: UpdateTask.exe MD5: 2862ea2ff176263d77949327757f178d Size: 99.84 KB (99840 bytes) Detections: 138 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
4.	UpdateTask.exe	deb6c34b9e821bec405f4692cae80191	130
Name: UpdateTask.exe MD5: deb6c34b9e821bec405f4692cae80191 Size: 99.84 KB (99840 bytes) Detections: 130 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
5.	UpdateTask.exe	6b1dd0217b2759a02ddd5c6b5026aa3d	28
Name: UpdateTask.exe MD5: 6b1dd0217b2759a02ddd5c6b5026aa3d Size: 99.84 KB (99840 bytes) Detections: 28 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
6.	UpdateTask.exe	f83ad31f8539cd4d881177b092735f3a	18
Name: UpdateTask.exe MD5: f83ad31f8539cd4d881177b092735f3a Size: 99.84 KB (99840 bytes) Detections: 18 Type: Executable File Path: %SystemDrive%\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
7.	BonanzaDealsLive.exe	ed1875508b4b18de28894cd901c70989	13
Name: BonanzaDealsLive.exe MD5: ed1875508b4b18de28894cd901c70989 Size: 148.97 KB (148976 bytes) Detections: 13 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
8.	UpdateTask.exe	07a480e25bb4697adc28212471115899	13
Name: UpdateTask.exe MD5: 07a480e25bb4697adc28212471115899 Size: 99.84 KB (99840 bytes) Detections: 13 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
9.	UpdateTask.exe	f47310798cb3799d496683797a6b6a55	12
Name: UpdateTask.exe MD5: f47310798cb3799d496683797a6b6a55 Size: 99.84 KB (99840 bytes) Detections: 12 Type: Executable File Path: %APPDATA%\UpdateBonanza\UpdateProc Group: Malware file Last Updated: March 23, 2016
10.	BonanzaDealsUpdate.exe	964136fb659dfec292de1784754a3928	7
Name: BonanzaDealsUpdate.exe MD5: 964136fb659dfec292de1784754a3928 Size: 78.38 KB (78384 bytes) Detections: 7 Type: Executable File Path: %PROGRAMFILES%\BonanzaDeals Group: Malware file Last Updated: January 30, 2014
11.	UpdateTask.exe	819b0c31012a5c979a8a48d0b20a670b	7
Name: UpdateTask.exe MD5: 819b0c31012a5c979a8a48d0b20a670b Size: 99.84 KB (99840 bytes) Detections: 7 Type: Executable File Path: %SystemDrive%\Documents and Settings\NetworkService\Dane aplikacji\UpdateBonanza\UpdateProc Group: Malware file Last Updated: January 30, 2014
12.	SlotBonanza.exe	a5b7df6a53c1d440804de9483f9f7406	6
Name: SlotBonanza.exe MD5: a5b7df6a53c1d440804de9483f9f7406 Size: 171 KB (171008 bytes) Detections: 6 Type: Executable File Path: C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Infiapps.SlotBonanza_1.0.0.61_x64__kjw77hz2at8sa\SlotBonanza.exe Group: Malware file Last Updated: July 18, 2021
13.	BonanzaDealsLive.exe	fa47e42b078b897b14e1ec25745ed965	3
Name: BonanzaDealsLive.exe MD5: fa47e42b078b897b14e1ec25745ed965 Size: 218.6 KB (218608 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
14.	BonanzaDealsUpdate.exe	ef2a0de3a933d00e57e4bc417c8cd7e0	3
Name: BonanzaDealsUpdate.exe MD5: ef2a0de3a933d00e57e4bc417c8cd7e0 Size: 148.01 KB (148016 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES%\BonanzaDeals Group: Malware file Last Updated: January 30, 2014
15.	Bonanza Baby.scr	f2c4e56bb5aaf4ea01ee8ea4af7a26f3	3
Name: Bonanza Baby.scr MD5: f2c4e56bb5aaf4ea01ee8ea4af7a26f3 Size: 2.37 MB (2379776 bytes) Detections: 3 Path: C:\WINDOWS\Bonanza Baby.scr Group: Malware file Last Updated: June 28, 2022
16.	BonanzaDealsLive.exe	76fc5f7bc82ec5d923c11fd172c3399a	2
Name: BonanzaDealsLive.exe MD5: 76fc5f7bc82ec5d923c11fd172c3399a Size: 222.7 KB (222704 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
17.	BonanzaDealsLive.exe	d9b9bcd5648fa4763d6afe741bcacfbc	2
Name: BonanzaDealsLive.exe MD5: d9b9bcd5648fa4763d6afe741bcacfbc Size: 184.3 KB (184304 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
18.	BonanzaDealsLive.exe	b0aae8f1d785ea02d86ba8cead6a4ae5	2
Name: BonanzaDealsLive.exe MD5: b0aae8f1d785ea02d86ba8cead6a4ae5 Size: 141.82 KB (141824 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
19.	RXP430.exe	7dbac8087933b13f6a86c3fcf8fce068	2
Name: RXP430.exe MD5: 7dbac8087933b13f6a86c3fcf8fce068 Size: 3.3 MB (3302018 bytes) Detections: 2 Type: Executable File Path: %SystemDrive%\FSX\SimObjects\Airplanes\Carenado BONANZA A36\REALITY XP INTEGRATION Group: Malware file Last Updated: January 9, 2014
20.	UpdateTask.exe	0338d3a024fb2c2259bf2da77ebee6ee	2
Name: UpdateTask.exe MD5: 0338d3a024fb2c2259bf2da77ebee6ee Size: 129.02 KB (129024 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Bonanza\UpdateProc Group: Malware file Last Updated: January 30, 2014
21.	UpdateTask.exe	d27c4a4955f639618e995e2f506c39cf	2
Name: UpdateTask.exe MD5: d27c4a4955f639618e995e2f506c39cf Size: 182.27 KB (182272 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Bonanza\UpdateProc Group: Malware file Last Updated: January 30, 2014
22.	BonanzaDealsLive.exe	ac9b48c08bf7faa17d53743a0157f895	1
Name: BonanzaDealsLive.exe MD5: ac9b48c08bf7faa17d53743a0157f895 Size: 155.62 KB (155628 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
23.	BonanzaDealsLive.exe	e1e46ec61d711b340583513349742ced	1
Name: BonanzaDealsLive.exe MD5: e1e46ec61d711b340583513349742ced Size: 306.01 KB (306015 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014
24.	BonanzaDealsLive.exe	7978c2c782368a962f684e6b65f2ee2a	1
Name: BonanzaDealsLive.exe MD5: 7978c2c782368a962f684e6b65f2ee2a Size: 210.41 KB (210416 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\BonanzaDealsLive\Update Group: Malware file Last Updated: January 30, 2014

More files

Registry Details

Bonanza Deals may create the following registry entry or registry entries:

CLSID

{118E1BF6-6279-432F-A285-373A77B90C7A}

{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}

{1CC8D970-F626-4F19-815F-890032BB6606}

{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

{33BAF587-9647-4281-A34F-F4830CDC1B9F}

{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}

{6802463D-636F-41FE-9924-4CAD56906590}

{806785D0-375F-4C2C-92E3-B8EE65D28E83}

{944661E7-67B9-4DF7-BFF2-05388C166D34}

{9EA8702C-EEDB-4731-BE68-E9A167DD3597}

{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}

{B71934E5-6B93-448D-9D32-CBAA5150C5D8}

{C4BEF720-313C-420A-ACF6-77DD95D8F553}

{D34F391D-4CB7-467F-A543-F583857C63B0}

{E970727E-0508-4BEB-8B72-BBA9D0D047C7}

{EBF1F869-D2F0-4D31-A877-386C853A9C3D}

{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}

{F904AC50-215C-42AB-A532-77E9FDBA9B19}

{fe063412-bea4-4d76-8ed3-183be6220d17}

File name without path

BonanzaDealsLiveUpdateTaskMachineCore.job

BonanzaDealsLiveUpdateTaskMachineUA.job

Regexp file mask

%PROGRAMFILES%\BonanzaDealsLive\Update\BonanzaDealsLive.exe

%PROGRAMFILES(x86)%\BonanzaDealsLive\Update\BonanzaDealsLive.exe

HKEY..\..\..\..{RegistryKeys}

Software\BonanzaDeals

Software\BonanzaDealsLive

SOFTWARE\Classes\AppID\BonanzaDealsLive.exe

SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9

SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine

SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0

SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine

SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc

SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher

SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc

SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0

SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.bdliveupdate.oneclickctrl.9

SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.bdliveupdate.update3webcontrol.3

SOFTWARE\Classes\Wow6432Node\AppID\BonanzaDealsLive.exe

Software\Microsoft\Internet Explorer\Approved Extensions\{fe063412-bea4-4d76-8ed3-183be6220d17}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}

SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3

SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9

SOFTWARE\Wow6432Node\BonanzaDeals

SOFTWARE\Wow6432Node\BonanzaDealsLive

SOFTWARE\Wow6432Node\Classes\AppID\BonanzaDealsLive.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}

SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3

SOFTWARE\Wow6432Node\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9

SYSTEM\ControlSet001\services\bonanzadealslive

SYSTEM\ControlSet001\services\bonanzadealslivem

SYSTEM\ControlSet002\Services\bonanzadealslive

SYSTEM\ControlSet002\services\bonanzadealslivem

SYSTEM\CurrentControlSet\services\bonanzadealslive

SYSTEM\CurrentControlSet\services\bonanzadealslivem

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

Bonanza Deals

Directories

Bonanza Deals may create the following directory or directories:

%APPDATA%\UpdateBonanza

%AllUsersProfile%\Application Data\BonanzaDealsLive

%AllUsersProfile%\BonanzaDealsLive

%AppData%\Microsoft\Windows\Start Menu\Programs\BonanzaDeals

%LocalAppData%\BonanzaDealsLive

%ProgramFiles%\BonanzaDeals

%ProgramFiles%\BonanzaDealsLive

%ProgramFiles(x86)%\BonanzaDeals

%ProgramFiles(x86)%\BonanzaDealsLive

%UserProfile%\Local Settings\Application Data\BonanzaDealsLive

%UserProfile%\Start Menu\Programs\BonanzaDeals

URLs

Bonanza Deals may call the following URLs:

BonanzaDeals

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Bonanza Deals

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Bonanza Deals

File System Details

Registry Details

Directories

URLs

Submit Comment

Trending

CVE-2024-3094 Vulnerability (XZ Backdoor)

Hupdex Crypto Scam

Check-tl-ver-12-7.top

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?