Complitly

By CagedTech in Adware

Threat Scorecard

Popularity Rank:	9,996
Threat Level:	20 % (Normal)
Infected Computers:	10,470

First Seen:	May 4, 2013
Last Seen:	December 1, 2025
OS(es) Affected:	Windows

Don't let a program named Complitly mislead you into thinking that its quick links, translations and spelling check may be worth to have Complitly installed on your computer. Although Complitly's features may look very appealing, Complitly is an adware-laced program that will annoy you with frequent and unwanted advertisements, coupons, deals and other related offers. Complitly was developed by Simply Tech. Complitly may be downloaded by the computer user from its website, complitly.com, or may simply enter the computer by joining the installation of freeware. Once inside, Complitly modifies your Web browser settings and home page. The advertisements displayed by Complitly, if clicked, may direct computer users to compromised websites. For that reason, it is advised to uninstall Complitly from the affected computer. An up-to-date malware remover may be required to remove Complitly from the infected computer.

Table of Contents

SpyHunter Detects & Remove Complitly

File System Details

Complitly may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	Complitly.dll	d729490c3ef7e4a1b67e38bfff00ab8e	131
Name: Complitly.dll MD5: d729490c3ef7e4a1b67e38bfff00ab8e Size: 139.76 KB (139768 bytes) Detections: 131 Type: Dynamic link library Path: %APPDATA%\Complitly Group: Malware file Last Updated: October 30, 2020
2.	Complitly64.dll	1d1d8b81144cff8e67c81f10fd132588	120
Name: Complitly64.dll MD5: 1d1d8b81144cff8e67c81f10fd132588 Size: 169.68 KB (169688 bytes) Detections: 120 Type: Dynamic link library Path: C:\Users\<username>\AppData\Roaming\Complitly\64\Complitly64.dll Group: Malware file Last Updated: August 24, 2022
3.	ComplitlyEngine.dll	f68402d3530ffa384c1eadaf8d9675a8	13
Name: ComplitlyEngine.dll MD5: f68402d3530ffa384c1eadaf8d9675a8 Size: 139.76 KB (139768 bytes) Detections: 13 Type: Dynamic link library Path: C:\Users\<username>\AppData\Roaming\ComplitlyEngine Group: Malware file Last Updated: March 23, 2016
4.	ComplitlyEngine64.dll	d0de5fe3d424572552a27be6a47b5d4b	2
Name: ComplitlyEngine64.dll MD5: d0de5fe3d424572552a27be6a47b5d4b Size: 167.41 KB (167416 bytes) Detections: 2 Type: Dynamic link library Path: C:\Users\<username>\AppData\Roaming\ComplitlyEngine\64\ComplitlyEngine64.dll Group: Malware file Last Updated: August 28, 2021

More files

Registry Details

Complitly may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\AppID\Complitly.DLL

Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

SOFTWARE\Wow6432Node\Classes\AppID\Complitly.DLL

Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

Directories

Complitly may create the following directory or directories:

%APPDATA%\Complitly

%APPDATA%\ComplitlyEngine

%PROGRAMFILES%\Complitly

%PROGRAMFILES(x86)%\Complitly

Analysis Report

General information

Family Name:	Adware.Complitly
Signature status:	No Signature

Known Samples

MD5: 7fe8aae525239120e61062ea79548f39

SHA1: ec8f527f0ae15c589eaa1f33da08ce63d541aa78

SHA256: 7F883F00E192C3606C3A5623F1E1C5DA2D9E6494A0AD7058DC254102CE57AA4B

File Size: 3.08 MB, 3077108 bytes

MD5: ab3de0060863baf019988d582045d416

SHA1: fdbb1c38e6219a2a30c903ef1a6b759f608c7194

SHA256: 43E7B1542ED079DA4553827C951C60BD952B896C2E0984331D23FDFF450901F7

File Size: 92.89 KB, 92888 bytes

MD5: 3a8df8210640033fed2e368a67142add

SHA1: 5e530ed3ed2ca4bf7e3cd75812e8a19ea238e7a4

SHA256: F794D5650BC99A1B914B818B5118561C211C1A1BADB1DE038799339AEEA86D0F

File Size: 5.83 MB, 5825439 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File has TLS information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)

File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Comments	This installation was built with Inno Setup.
Company Name	Chris P.C. srl y-mule.com
File Description	ChrisPC Free Anonymous Proxy Setup yMule Youtube Downloader Setup
File Version	2.1
Legal Copyright	Copyright (c) 2010, y-mule.com Copyright © 2011 Chris P.C. srl
Product Name	ChrisPC Free Anonymous Proxy yMule Youtube Downloader
Product Version	2.1

Digital Signatures

Signer	Root	Status
SimplyGen	SimplyGen	Self Signed

Files Modified

File	Attributes
c:\users\user\appdata\local\temp\bhoupdater.restart	Generic Read,Generic Execute,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 786496
c:\users\user\appdata\local\temp\is-e0m0p.tmp\5e530ed3ed2ca4bf7e3cd75812e8a19ea238e7a4_0005825439.tmp	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-rdfgv.tmp\_isetup\_setup64.tmp	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-rdfgv.tmp\_isetup\_shfoldr.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\is-rdfgv.tmp\itdownload.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\is-rdfgv.tmp\toolbar_preview.bmp	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect		RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	炜挪ǜ	RegNtPreCreateKey

Windows API Usage

Category	API
Network Wininet	HttpQueryInfo InternetOpen InternetOpenUrl
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess ShellExecuteEx WriteConsole
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtApphelpCacheControl ntdll.dll!NtClearEvent ntdll.dll!NtClose ntdll.dll!NtConnectPort ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateMutant Show More ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtDuplicateObject ntdll.dll!NtDuplicateToken ntdll.dll!NtEnumerateValueKey ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenSemaphore ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseSemaphore ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtRequestWaitReplyPort ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSubscribeWnfStateChange ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtUnmapViewOfSection ntdll.dll!NtUnmapViewOfSectionEx ntdll.dll!NtWaitForAlertByThreadId ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWaitForWorkViaWorkerFactory ntdll.dll!NtWaitLowEventPair ntdll.dll!NtWorkerFactoryWorkerReady ntdll.dll!NtWriteFile UNKNOWN
Anti Debug	IsDebuggerPresent
User Data Access	GetUserObjectInformation
Other Suspicious	AdjustTokenPrivileges
Process Terminate	TerminateProcess

Shell Command Execution


							"C:\Users\Jxsqlcpx\AppData\Local\Temp\is-E0M0P.tmp\5e530ed3ed2ca4bf7e3cd75812e8a19ea238e7a4_0005825439.tmp" /SL5="$E005C,5403605,140288,c:\users\user\downloads\5e530ed3ed2ca4bf7e3cd75812e8a19ea238e7a4_0005825439"


							open taskkill.exe /f /im yMule.exe


							WriteConsole: ERROR: The proce

Complitly

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Complitly

File System Details

Registry Details

Directories

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Related Posts

Trending

Most Viewed