Threat Database Adware WinDealist

WinDealist

By LoneStar in Adware

Threat Scorecard

Ranking: 13,088
Threat Level: 20 % (Normal)
Infected Computers: 4,498
First Seen: November 29, 2013
Last Seen: August 25, 2023
OS(es) Affected: Windows

WinDealist is adware, which may be pushed via numerous freeware downloads that might have packed into their installation WinDealist. When installed on a PC, WinDealist may insert its own toolbar and substitute the default homepage and search provider with a particular advertising website. WinDealist may show unwanted pop-up adverts and sponsored links in search results of any legitimate search provider and may collect search phrases or keywords from the web user's search inquiries. WinDealist may be used to raise traffic of the specific advertisement website by using deceitful methods and make a profit from the pay-per-click technique. WinDealist may also be packed within the custom installer on many suspicious download websites, so if the computer user has downloaded a specific free tool from these dubious download websites, WinDealist might have also been installed during the software product setup process.

SpyHunter Detects & Remove WinDealist

File System Details

WinDealist may create the following file(s):
# File Name MD5 Detections
1. swu.vbs 8d93a3da9f2a0d3130f3d813b1a59212 2,125
2. swu.vbs de13a71a1cd9e03f8a494359e61ea350 813
3. swu.vbs 7b2bc2423f9b887c52f88a3d7e7b558d 110
4. windealist.dll 745479db5ec1ffe60faff8e5b99a70c6 65

Registry Details

WinDealist may create the following registry entry or registry entries:
CLSID
{B8F10001-9552-4F40-8F61-6765CD22DD9E}
Regexp file mask
%WINDIR%\System32\Tasks\windealistSWU
SOFTWARE\Classes\AppID\windealist.DLL
SOFTWARE\Classes\Installer\Features\10001F8B255904F4F8167656DC22DDE9
SOFTWARE\Classes\Installer\Products\10001F8B255904F4F8167656DC22DDE9
SOFTWARE\Classes\Installer\UpgradeCodes\8DFC5FD49C4250E4DB6CD0710DF0DD07
SOFTWARE\Classes\windealist.windealistBHO
SOFTWARE\Classes\windealist.windealistBHO.1
SOFTWARE\Classes\Wow6432Node\AppID\windealist.DLL
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\windealistSWU
SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B8F10001-9552-4F40-8F61-6765CD22DD9E}
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B8F10001-9552-4F40-8F61-6765CD22DD9E}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8F10001-9552-4F40-8F61-6765CD22DD9E}
SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\8DFC5FD49C4250E4DB6CD0710DF0DD07
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{B8F10001-9552-4F40-8F61-6765CD22DD9E}
SOFTWARE\Wow6432Node\Classes\AppID\windealist.DLL
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B8F10001-9552-4F40-8F61-6765CD22DD9E}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{B8F10001-9552-4F40-8F61-6765CD22DD9E}

Directories

WinDealist may create the following directory or directories:

%PROGRAMFILES%\windealist
%PROGRAMFILES(x86)%\windealist

URLs

WinDealist may call the following URLs:

windealist

Trending

Most Viewed

Loading...