Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Help. Infected with Adware.Toolbar.Dealio
#1
Hello guys. I have this popping up all the time in ESET Nod32 Smart Security 5. This is getting me so I decided to try and get rid of it ASAP.

Code:
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi    a variant of Win32/Adware.Toolbar.Dealio application    connection terminated - quarantined    Threat was detected upon access to web by the application: C:\Users\Oliver Tran\AppData\Local\Temp\is-4TPQD.tmp\IObitToolbar-stub-1.exe.
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » searchsettings.exe    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » applicationupdater.exe.2AEA64FA_898D_4F2B_A6D4_6ACAB09B67CA    probably a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » widgitoolbarff.dll    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _82922E80A48FD1501F8DA1A21E54102F    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _727F1F0F250CAD0656B9C224EF5DDEB0    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _3546CD53BA1F5E261ABDEB7A35BAEAD3    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _D69AD6DD7F65D2B026E4B3D9F11B015F    a variant of Win32/Adware.Toolbar.Dealio application        
http://download.mybrowserbar.com/vkits/dlv1/685749/iobitToolbar.msi » MSI » Data1.cab » CAB » _452683817807F3F2D325B26379CF7B78    a variant of Win32/Adware.Toolbar.Dealio application

That is basically it. Please help me.
[Image: t5BWm.png]
Reply
#2
Hi,

Please download OTL from here: http://oldtimer.geekstogo.com/OTL.exe

to your Desktop. (If you already have it downloaded, then just follow the instructions below).

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
disk.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
usbstor.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


Click the Run Scan button.
Do not change any settings unless otherwise told to do so.
The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please upload the results to http://www.pastebin.com

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://www.itxassociates.com/ot-tools/OTL.scr
http://www.itxassociates.com/ot-tools/OTL.com
HJT Team. Deltron <3 RDCA <3 Quintus <3
Reply
#3
I hate that thing. It pisses me off.
Reply
#4
Here it is:

http://pastebin.com/MxSxhxVg

Thank you so much.
[Image: t5BWm.png]
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  I am Infected Give some good suggestions heartylover 11 4,657 03-12-2015, 03:19 AM
Last Post: TobyCordova
  Infected - Can't Start System Restore srcstcbstrd 2 1,716 08-17-2014, 11:39 PM
Last Post: Autopost
  [Think You're Infected?! LOOK HERE] Infested Cleaner [White Hat Heper] Infested Terran 11 5,145 02-08-2012, 08:39 PM
Last Post: AceInfinity
  i may be infected can you analyze this otl log please helpplease 6 3,149 11-23-2011, 08:58 PM
Last Post: Brandenx781
  Help I am infected. _BruTaL_ 3 2,400 06-09-2011, 05:09 AM
Last Post: Quintus

Forum Jump:


Users browsing this thread: 1 Guest(s)