While cleaning a customers computer I found the following.
Name: “DealPly Live Service (dealplylive)”
Description: “Keeps your Google software up to date. If this service is disabled or stopped your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work.”
Path: “c:\Program Files\DealPlyLive\Update\DealPlyLive.exe /svc”
Awful that companies / junkware can get away with this. It has added a dealplylive service that is claiming, in its description, to be Google software update service. (In this screen shot I’ve disabled and stopped the service but it was set to auto start and was running).
Edit: I’ve found another customer infected with BonanzaDeals.. with folders containing similar structures to the DealPly and DealPlyLive folders.. (in this case BonanzaDeals and BonanzaDealsLive).
They seem to have changed tactic and now use Scheduled Tasks to load their program rather than services.. The computer in question also didn’t have the program in the uninstall list. The only way to uninstall was to kill the process BonanzaDealsLive.exe using task manager and then delete the Bonanza* folders from the Program Files directory.