ChEapMe

Known Toolbar

What is ChEapMe?

ChEapMe is software application developed by InstalleRex-WebPick. It is most commonly found on computers running Windows 7 with nearly 69.05% of installations running this operating system. ChEapMe's installer is typically 1.00 MB in size and installs around 47 files.

ChEapMe is most popular in the United States with 25.49% of installations residing in this country.

About ChEapMe?

CheapMe is a web browser extension developed by JustPlug.It and distributed through the WebPick InstalleRex download and install manager. This cross-browser extension comprises several components, including a Windows service, an auto-starting element, and a browser toolbar/plugin. Its primary function is to inject various forms of advertisements, such as banner ads, hyper-text links, and pop-ups, into the user's browser. It is worth noting that the program may come included with adware offer bundles and has the capability to hijack existing web advertising and inject affiliate codes into links. Upon installation, the program will install itself in a randomly named folder within Program Files or ProgramData, with each included file also having a unique, randomly generated name. The Windows Service runs with full administrator rights and connects to remote servers for updates. It has been observed that the program may display deceptive malvertising ads and unwanted pop-ups, while also installing bundled adware utilities and additional browser extensions. Furthermore, some versions of the program may modify the default security settings of the user's browser. It is also noted that certain versions of CheapMe may include a setup file signed by WEB PICK - INTERNET HOLDINGS LTD, which is the partner installer/distributor. Please note that our description includes all relevant and accurate information about the CheapMe software.

Multiple virus scanners have detected malware in ChEapMe.

1.exe (MD5: 1b63b4e4fe4be0d8607d362c3d2f2677) has been flagged by 45 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Graftor.146103
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
AhnLab-V3	2014.08.05.00	Trojan/Win32.Preloader
Avira AntiVir	7.11.165.68	Adware/Graftor.146103
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
AVG	14.0.0.3986	Generic5.AZJV
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.81
Bitdefender	7.2	Gen:Variant.Adware.Graftor.146103
Bkav FE	1.3.0.4959	W32.CanpaktiLTAAI.Adware
CAT-QuickHeal	14.00	AdWare.MultiPlug.r5 (Not a Virus)
Comodo Security	19086	ApplicUnwnt
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.Graftor.146103 (B)
ESET-NOD32	10205	a variant of Win32/AdWare.MultiPlug.AG
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
F-Secure	11.0.19100.45	Gen:Variant.Adware.Graftor.146103
G Data	24	Gen:Variant.Adware.Graftor.146103
IKARUS anti.virus	T3.1.6.1.0	PUA.Generic
K7 AntiVirus	9.182.12951	Adware ( 0049c94b1 )
K7GW	9.182.12951	Adware ( 0049c94b1 )
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.MultiPlug.bqfl
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
McAfee	6.0.4.564	RDN/Generic.bfr!ho
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Graftor.146103
NANO AntiVirus	0.28.2.61349	Riskware.Win32.Graftor.dcodwf
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Sophos	4.98.0	Generic PUA IB
Symantec	20131.1.5.61	WS.Reputation.1
Tencent	1.0.0.1	Win32.Risk.Adware.Dzkd
Trend Micro	9.740.0.1012	TROJ_SPNR.14GN14
TrendMicro-HouseCall	9.700.0.1001	TROJ_SPNR.14GN14
Vba32 AntiVirus	3.12.26.3	AdWare.MultiPlug
VIPRE Antivirus	31936	Trojan.Win32.Generic!BT
McAfee-GW-Edition	2013	Mplug!2A05AAA38385
Norman	7.04.04	Multiplug.A
nProtect	2014-05-11.01	Trojan.Generic.11089445
Qihoo-360	1.0.0.1015	Win32/Trojan.Adware.273
Rising Antivirus	25.0.0.11	PE:Adware.MultiPlug!6.166A
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
ViRobot	2011.4.7.4223	Adware.Agent.474112
AegisLab	1.5	Troj.W32.Gen
Avira	7.11.177.134	TR/Crypt.EPACK.Gen2
Dr.Web	7.00.9.04080	Trojan.Crossrider.8290

1.dll (MD5: 938a58a18228d9c556965deb4f74e494) has been flagged by 30 scanners:

Scanner Software	Version	Result
AhnLab-V3	2014.08.02.00	Adware/Win32.Agent
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
AVG	14.0.0.3986	Generic5.AZJT
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.81
Comodo Security	19052	ApplicUnwnt
ESET-NOD32	10192	a variant of Win32/AdWare.MultiPlug.AY
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
IKARUS anti.virus	T3.1.6.1.0	PUA.Generic
K7 AntiVirus	9.182.12926	Adware ( 0049c94b1 )
K7GW	9.182.12926	Adware ( 0049c94b1 )
Malwarebytes	1.75.0.1	PUP.Optional.MultiPlug
McAfee	6.0.4.564	RDN/Generic PUP.x!chv
McAfee-GW-Edition	2013	RDN/Generic PUP.x!chv
Sophos	4.98.0	Generic PUA NF
Trend Micro	9.740.0.1012	ADW_MULTIPLUG
TrendMicro-HouseCall	9.700.0.1001	ADW_MULTIPLUG
VIPRE Antivirus	31840	Trojan.Win32.Generic!BT
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.MegaSearch.at
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/Malware.QVM10.Gen
G Data	24	Win64.Adware.Megasearch.C
Symantec	20131.1.5.61	Adware.BL
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.61989
Avira AntiVir	7.11.169.40	TR/Crypt.EPACK.Gen2
Bitdefender	7.2	Gen:Variant.Adware.61989
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.61989 (B)
F-Secure	11.0.19100.45	Gen:Variant.Adware.61989
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.61989

reDk6QC5.x64.dll (MD5: 2a05aaa383857ecbdd6100c34595b5df) has been flagged by 45 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Trojan.Generic.11089445
AhnLab-V3	None	Trojan/Win32.Preloader
Avira AntiVir	7.11.149.28	ADWARE/Adware.Gen
Antiy-AVL	0.1.0.1	Trojan/Win32.SGeneric
avast!	8.0.1489.320	Win64:Adware-gen [Adw]
AVG	14.0.0.3931	Generic_r.GX
Baidu-International	3.5.1.41473	Adware.Win64.MultiPlug.A
Bitdefender	7.2	Trojan.Generic.11089445
Comodo Security	18259	ApplicUnwnt
Emsisoft Anti-Malware	3.0.0.596	Trojan.Generic.11089445 (B)
ESET-NOD32	9787	a variant of Win64/Adware.MultiPlug.A
F-Secure	11.0.19100.45	Trojan.Generic.11089445
G Data	24	Trojan.Generic.11089445
IKARUS anti.virus	T3.1.6.1.0	AdWare.MultiPlug
K7 AntiVirus	9.177.12041	Adware ( 004922f61 )
K7GW	9.177.12041	Adware ( 004922f61 )
Malwarebytes	1.75.0001	PUP.Optional.MultiPlug.A
McAfee	6.0.4.564	Mplug!2A05AAA38385
McAfee-GW-Edition	2013	Mplug!2A05AAA38385
MicroWorld-eScan	12.0.250.0	Trojan.Generic.11089445
Norman	7.04.04	Multiplug.A
nProtect	2014-05-11.01	Trojan.Generic.11089445
Panda Antivirus	10.0.3.5	Trj/CI.A
Qihoo-360	1.0.0.1015	Win32/Trojan.Adware.273
Rising Antivirus	25.0.0.11	PE:Adware.MultiPlug!6.166A
Sophos	4.98.0	MultiPlug
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
Symantec	20131.1.5.61	WS.Reputation.1
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.R0CBH06DC14
VIPRE Antivirus	29122	MPlug
ViRobot	2011.4.7.4223	Adware.Agent.474112
AegisLab	1.5	Troj.W32.Gen
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
Avira	7.11.177.134	TR/Crypt.EPACK.Gen2
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
Trend Micro	9.740.0.1012	TROJ_GEN.R0C1C0OIC14
Vba32 AntiVirus	3.12.26.3	AdWare.Agent
Bkav FE	1.3.0.4959	W32.ToolbarEscort.Adware
CAT-QuickHeal	14.00	AdWare.BHO.r6 (Not a Virus)
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.BHO.bdnc
NANO AntiVirus	0.28.0.60253	Riskware.Win32.BHO.dbdfeq
Dr.Web	7.00.9.04080	Trojan.Crossrider.8290
Tencent	1.0.0.1	Win32.Risk.Adware.Lmkl
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)

reDk6QC5.dll (MD5: ea89a5cfcf37d160e1b20b40e5111e89) has been flagged by 38 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Application.Generic.607493
Agnitum Outpost	5.5.1.3	PUA.MultiPlug!
AhnLab-V3	None	Adware/Win32.Graftor
Avira AntiVir	7.11.144.142	ADWARE/Adware.Gen
AVG	13.0.0.3169	Generic_r.GU
Baidu-International	3.5.1.41473	Adware.Win32.MultiPlug.N
Bitdefender	7.2	Application.Generic.607493
Comodo Security	18139	ApplicUnwnt.Win32.InstallRex.ALC
ESET-NOD32	9702	a variant of Win32/AdWare.MultiPlug.N
Fortinet FortiGate	4	Riskware/MultiPlug
F-Secure	11.0.19100.45	Application.Generic.607493
G Data	24	Application.Generic.607493
IKARUS anti.virus	T3.1.6.1.0	AdWare.MegaSearch
K7 AntiVirus	9.176.11806	Adware ( 004923a41 )
K7GW	9.176.11806	Adware ( 004923a41 )
Malwarebytes	1.75.0001	PUP.Optional.MultiPlug.A
McAfee	6.0.4.564	Adware-FHP
McAfee-GW-Edition	2013	Adware-FHP
MicroWorld-eScan	12.0.250.0	Application.Generic.607493
NANO AntiVirus	0.28.0.59288	Riskware.Win32.MultiPlug.cvyxyu
Panda Antivirus	10.0.3.5	Trj/CI.A
Rising Antivirus	25.0.0.11	PE:Malware.Adware!6.1293
Sophos	4.98.0	MultiPlug
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.R047H06CO14
VIPRE Antivirus	28442	JustPlugIt (fs)
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Generic.a.(kcloud)
Symantec	20131.1.5.61	Trojan.Gen.2
Trend Micro	9.740-1012	ADW_MULTIPLG
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
Qihoo-360	1.0.0.1015	Win32/Trojan.Adware.814
Tencent	1.0.0.1	Win64.Adware.Multiplug.Hqlt
Bkav FE	1.3.0.4959	W32.MultiPlugCP.Adware
Norman	7.03.02	Multiplug.A
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.MegaSearch.at
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.61989 (B)

2Xv.x64.dll (MD5: bab49b61943c026b825a714d2175635a) has been flagged by 32 scanners:

Scanner Software	Version	Result
AhnLab-V3	None	Trojan/Win32.Preloader
Avira AntiVir	7.11.138.26	ADWARE/Adware.Gen
AVG	13.0.0.3169	Generic_r.GX
Baidu-International	3.5.1.41473	Adware.Win64.MultiPlug.40
Comodo Security	17963	ApplicUnwnt
ESET-NOD32	9568	a variant of Win64/Adware.MultiPlug.A
G Data	24	Win64.Trojan.Multiplug.B
IKARUS anti.virus	T3.1.5.6.0	not-a-virus:AdWare.Win32.MegaSearch
K7 AntiVirus	9.176.11510	Adware ( 004922f61 )
K7GW	9.176.11510	Adware ( 004922f61 )
Malwarebytes	1.75.0001	PUP.Optional.MultiPlug.A
McAfee	6.0.4.564	RDN/Generic PUP.x!brl
McAfee-GW-Edition	2013	RDN/Generic PUP.x!brl
Norman	7.03.02	Multiplug.A
Qihoo-360	1.0.0.1015	Win32/Trojan.Adware.273
Sophos	4.98.0	MultiPlug
SUPERAntiSpyware	5.6.0.1032	Adware.Multiplug/Variant
Trend Micro	9.740-1012	ADW_MULTIPLG
TrendMicro-HouseCall	9.700-1001	ADW_MULTIPLG
VIPRE Antivirus	27584	Win64.Adware.MultiPlug
avast!	8.0.1489.320	Win32:Dropper-gen [Drp]
AVware	1.5.0.16	Trojan.Win32.Generic!BT
Fortinet FortiGate	5.1.152.0	Riskware/MultiPlug
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.MegaSearch.at
Panda Antivirus	10.0.3.5	Trj/Genetic.gen
Symantec	20131.1.5.61	Adware.BL
Antiy-AVL	1.0.0.1	Trojan/Win32.SGeneric
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.61989
Bitdefender	7.2	Gen:Variant.Adware.61989
Emsisoft Anti-Malware	3.0.0.600	Gen:Variant.Adware.61989 (B)
F-Secure	11.0.19100.45	Gen:Variant.Adware.61989
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.61989

Software Details

URL:: https://justplug.it
Support:: –
Installation path:: C:\ProgramData\cheapme
Uninstaller:: "C:\ProgramData\ChEapMe\o.exe" /s /n /C:"ExecuteCommands;UninstallCommands" ""
Size:: 1.00 MB
Language:: English

ChEapMe Executable Details

Primary executable:: o.exe
Name:: ChEapMe
Path:: C:\ProgramData\cheapme\o.exe
MD5:: e25e25ae7a8968c6ebd55c4705380920
SHA-1:: –
SHA-256:: –

Files installed by ChEapMe

File Type	Filename	MD5
EXE	1.exe Malware	1b63b4e4fe4be0d8607d362c3d2f2677
EXE	L.exe	851d6860dab7f0bc2f746da33c3019bc
DLL	1.dll Adware	938a58a18228d9c556965deb4f74e494
DLL	wzya.x64.dll	bc62ff4aee6ae5c809ee40635db67480
DLL	wzya.dll	665f040875b4e851a6b06d9c70a7d099
DLL	wT.dll	dc4675dde55ea3b6e7ac8c0ae99580b4
DLL	reDk6QC5.x64.dll Malware	2a05aaa383857ecbdd6100c34595b5df
DLL	reDk6QC5.dll Adware	ea89a5cfcf37d160e1b20b40e5111e89
DLL	o.x64.dll	ba83f90acbe4b889f0bd3cf373a17e2a
DLL	o.dll	cd9aab0f06554578af17b69df6d22fc6

Repair ChEapMe

Having issues with ChEapMe?

We recommend Fortect System Repair to automatically fix these issues

Download Now

Popularity

19% of users keep ChEapMe installed

Overall Rating

Bad

Geography Distribution