Adware/DealPly is a highly generic detection for a collection of Adware. Since this is a generic detection, malware that are detected as Adware/DealPly may have varying behaviour.
Below are examples of some of these behaviours:
- Samples that belong to this detection are usually installers with unwanted bundled applications. Some of these installers have been observed with misleading prompts and could force install unwanted components on the affected hosts.
- Below are some of the samples we have observed:
- Figure 1: Chrome Installer Bundled.
- Figure 2: Some Installer.
- Figure 3: Some of the installers only had blank window forms.
- Figure 4: MineCraft bundled Installer.
- Figure 5: Some of the installers will prompt the user into changing default search provider.
- Figure 6: Roblox Game Bundled Installer.
- Figure 7: Adobe Flash Bundled Installer.
- Figure 8: Adobe Flash Bundled Installer.
- Figure 9: LimeWire Bundled Installer.
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.