DealPly is adware that installs browser helpers which subject the user to unwanted advertising on the world wide web. The latest version uses some novel methods to avoid detection by antivirus programs. Below are some MDB signatures that will enable ClamWin to detect malware used in the latest DealPly campaign. Remember to use ClamWin as backup scanner to a real-time antivirus.

Copy the signature(s) to a Notepad file and save it in the ClamWin db program data folder or add the signature(s) to an existing MDB file you may already have there. Do not save the file with a .txt or .text on the end of the name. Save it as Sigfile.mdb (select file type All Files to prevent the .txt or .text at the end of the filename), otherwise ClamWin will be unable to recognize it as a signature. MDB signatures identify important parts of a malware file and will last until the next version of the malware comes out--often in a week or so, but some malware authors reuse parts of their old code, so an MDB signature could last longer--probably no longer than for a month.

393216:86fd2519f789b821671b27e0462eaa46:Win.Adware.DealPly-080119.1957
429056:82530ad7a01847a3cbd2873145fc1a0b:Win.Adware.DealPly-080119.1954
23552:c8acf839f47203d12ad6cec446c57975:Win.Adware.DealPly-080119.1951

Regards,