+- Support Forums (https://www.supportforums.net)
+-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87)
+--- Forum: Virus Protection, Removals, and HJT Team (https://www.supportforums.net/forumdisplay.php?fid=56)
+---- Forum: Virus Removal, Hijack This Logs, and Support (https://www.supportforums.net/forumdisplay.php?fid=48)
+---- Thread: Help. Infected with Adware.Toolbar.Dealio (/showthread.php?tid=23452)
Help. Infected with Adware.Toolbar.Dealio - Resistance - 11-26-2011
Hello guys. I have this popping up all the time in ESET Nod32 Smart Security 5. This is getting me so I decided to try and get rid of it ASAP.
Code:
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi a variant of Win32/Adware.Toolbar.Dealio application connection terminated - quarantined Threat was detected upon access to web by the application: C:\Users\Oliver Tran\AppData\Local\Temp\is-4TPQD.tmp\IObitToolbar-stub-1.exe.
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » searchsettings.exe a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » applicationupdater.exe.2AEA64FA_898D_4F2B_A6D4_6ACAB09B67CA probably a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » widgitoolbarff.dll a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _82922E80A48FD1501F8DA1A21E54102F a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _727F1F0F250CAD0656B9C224EF5DDEB0 a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _3546CD53BA1F5E261ABDEB7A35BAEAD3 a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _D69AD6DD7F65D2B026E4B3D9F11B015F a variant of Win32/Adware.Toolbar.Dealio application
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _452683817807F3F2D325B26379CF7B78 a variant of Win32/Adware.Toolbar.Dealio applicationThat is basically it. Please help me.
RE: Help. Infected with Adware.Toolbar.Dealio - Brandenx781 - 11-26-2011
Hi,
Please download OTL from here: http://oldtimer.geekstogo.com/OTL.exe
to your Desktop. (If you already have it downloaded, then just follow the instructions below).
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
Click the Run Scan button.
Do not change any settings unless otherwise told to do so.
The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please upload the results to http://www.pastebin.com
Note: in the event that OTL fails to run, please use alternate download links to try again:
http://www.itxassociates.com/ot-tools/OTL.scr
http://www.itxassociates.com/ot-tools/OTL.com
RE: Help. Infected with Adware.Toolbar.Dealio - New Jersey - 11-27-2011
I hate that thing. It pisses me off.
RE: Help. Infected with Adware.Toolbar.Dealio - Resistance - 11-27-2011
Here it is:
http://pastebin.com/MxSxhxVg
Thank you so much.