Se connecter / S'enregistrer
Votre question
Résolu

infections storm alert, delta home

Tags :
  • Web
  • X86
  • Mysearchdial
  • Adware
  • Microsoft
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Mars 2015 13:52:15

AVANT PROPOS : Votre ordinateur est infecté par Delta Homes ? Sachez que vous pouvez supprimer définitivement ce logiciel indésirable. Cliquez ici pour suivre la procédure de désinstallation !


Bonjour, je suis infecté par storm alert, delta home et my search dial !
De plus, depuis peu, l’icône de chargement est en permanence à côté de la flèche de ma souris.
J'ai fais un scan malware bytes, voici le rapport.
Merci pour votre aide.
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/03/2015
Scan Time: 12:41:50
Logfile: rapport.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.11.04
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: matguil

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347184
Time Elapsed: 50 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 3792, , [92aef0541872de58f6891ef022e023dd]
PUP.Optional.StormAlert.A, C:\ProgramData\JitbVIQut\prGZNYvE.exe, 7204, , [b78957ed0f7b5cda02f1a75628d9e41c]
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 8588, , [6ed23b098406e84e9dd112a48281a35d]

Modules: 2
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, , [b48caf955634e94df4c5b7fbaf5433cd],

Registry Keys: 48
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [92aef0541872de58f6891ef022e023dd],
PUP.Optional.StormAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\prGZNYvE, , [b78957ed0f7b5cda02f1a75628d9e41c],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, , [61df053f2a60ae885a52a0827093cd33],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, , [61df053f2a60ae885a52a0827093cd33],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [4df333110c7ec4726a11121027dcad53],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [4df333110c7ec4726a11121027dcad53],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, , [a39d34102169e94d607aa1b5e51eb44c],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [7ec24ef66f1ba096316232ebb3504ab6],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [7ec24ef66f1ba096316232ebb3504ab6],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [340c370d4644fb3b59acd0d847bcb44c],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, , [56ea083ce3a70e28433a8647b84bd828],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [231def55b1d968ce9b1dc7eb1ce7c23e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [f64abc88afdb5fd7748e41b7669dc33d],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [d86811331674f046cfbc9f1b7c87b24e],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [eb557aca3d4d7cba3e7268c4af5658a8],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [73cd2024d7b356e0d5cc535b9073c13f],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [c47c32126129290df585c5537491ad53],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [211fb98b4f3bab8b1e478b204db6837d],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [0a36202499f186b0491ba3084bb8e41c],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [c57b291b5238a98d8f73a516bb4814ec],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [cc74a69eef9b1521f76b3378ac57b947],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [47f9ea5acdbdf145f073f4de4eb556aa],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [6ed23b098406e84e9dd112a48281a35d],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [211f59ebb4d6e4525c56b805c04360a0],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HomeTab, , [3b05b4908901f541d843ecef6d96ef11],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.com, , [8ab690b4a0ea70c611dd63aa32d3b44c],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SearchProtectWS, , [47f902425b2f9b9bf17757546c9732ce],
PUP.Optional.TNT.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TNT2, , [b68ac87c305afc3a8bbe2984d33059a7],
PUP.Optional.Wajam.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WajIntEnhance, , [98a8073d6e1ceb4b0999e2cc8f74e21e],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [ff4198ac1872ce68b1780129bf4659a7],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [76ca49fb0d7dd165f420a057f01351af],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [b7897acac4c6b87e2cc5b4584eb750b0],
PUP.Optional.Qone8, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [87b9ec58395105316a0fcd4b60a52cd4],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [10303a0a3159b68018ee2c7c41c2de22],
PUP.Optional.Iminent.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [1a26cf754c3edf57b993b2f5e71c1be5],
PUP.Optional.Iminent.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [251b2b1990fa74c288c537705ca733cd],
PUP.Optional.Linkey.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [162a3311e0aa84b2bd919413eb18fe02],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [0b35f153dfab999de76864439a69d42c],
PUP.Optional.Wajam.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [cc74ab99c7c386b0252bcbdcf80bea16],
PUP.Optional.IStart.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [013f172d4842ed4911e7dacda95a847c],
PUP.Optional.Wajam.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, , [e75957ed9eec092d21424c5fb74c817f],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [af91350fd2b8fd398ad84e84b74c1de3],

Registry Values: 14
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtD0CtAtAzz0EyCtBtD0FtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyByC0F0FyC0BtGtAyC0DyDtGtA0A0ByDtG0DyEtC0AtGyBtByCzzyC0CtAtCtCtB0DtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtD0BtAyC0FtCtGtAyCtAtDtGyByB0FtAtGyEtA0B0FtGyDyC0EyDtDyB0EyCzz0BzytD2Q&cr=429889050&ir=, , [340c370d4644fb3b59acd0d847bcb44c]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtD0CtAtAzz0EyCtBtD0FtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyByC0F0FyC0BtGtAyC0DyDtGtA0A0ByDtG0DyEtC0AtGyBtByCzzyC0CtAtCtCtB0DtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtD0BtAyC0FtCtGtAyCtAtDtGyByB0FtAtGyEtA0B0FtGyDyC0EyDtDyB0EyCzz0BzytD2Q&cr=429889050&ir=, , [20209ca8c6c4ca6c689df6b232d1da26]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, , [a69a2420d6b4e84eb550387032d1758b]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [9fa174d0a7e343f33dc8169220e3c040]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, , [d96758ecb8d2b38391747c2c52b1e020]
PUP.Optional.SearchEngine.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchengine@gmail.com, C:\Users\matguil\AppData\Roaming\Mozilla\Firefox\Profiles\vhuhpdxu.default\extensions\searchengine@gmail.com, , [ec5490b4fe8ce94dc28aa8914db80af6]
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|istart_ffnt@gmail.com, C:\Users\matguil\AppData\Roaming\Mozilla\Firefox\Profiles\vhuhpdxu.default\extensions\istart_ffnt@gmail.com, , [132d0d371c6e43f3101de6c14cb71fe1]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1R1Q1O0G2Z1I1E, , [b7897acac4c6b87e2cc5b4584eb750b0]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtD0CtAtAzz0EyCtBtD0FtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyByC0F0FyC0BtGtAyC0DyDtGtA0A0ByDtG0DyEtC0AtGyBtByCzzyC0CtAtCtCtB0DtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtD0BtAyC0FtCtGtAyCtAtDtGyByB0FtAtGyEtA0B0FtGyDyC0EyDtDyB0EyCzz0BzytD2Q&cr=429889050&ir=, , [10303a0a3159b68018ee2c7c41c2de22]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtD0CtAtAzz0EyCtBtD0FtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyCyByC0F0FyC0BtGtAyC0DyDtGtA0A0ByDtG0DyEtC0AtGyBtByCzzyC0CtAtCtCtB0DtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtD0BtAyC0FtCtGtAyCtAtDtGyByB0FtAtGyEtA0B0FtGyDyC0EyDtDyB0EyCzz0BzytD2Q&cr=429889050&ir=, , [ea56d76d45456cca0ff7b0f8e51eaa56]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, , [fc4456ee018954e2f6108f19a65df808]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [67d9ce76cac0340251b560486c97f20e]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, , [0937b78de7a365d1b353b1f758ab56aa]
PUP.Optional.IStart.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, , [013f172d4842ed4911e7dacda95a847c]

Registry Data: 17
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=..., Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=...),,[7bc578ccf1992e085ac4d70ec93cc838]
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=..., Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=...),,[a39d99abb7d3be782af7b92cff06a15f]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419023865&fro..., Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419023865&fro...),,[85bbad97d3b748ee4dd1aa2e9a6bfd03]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[47f93e06aedca69045d3c322aa5bf30d]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1419023865...{searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1419023865...{searchTerms}),,[ec54a99b395126105d30776008fd9967]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[52ee9aaa305a41f5ce46f0f5669f0bf5]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type=ds&ts=1419023865...{searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1419023865...{searchTerms}),,[7ec2d074107a9e98fe8f50871ee72fd1]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=..., Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=...),,[84bcb1934c3e60d61d017174c3428779]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=..., Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1426068334&from=...),,[b48c51f3c8c2b68070b19a4b9d686c94]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419023865&fro..., Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419023865&fro...),,[330d9fa5d3b71620f12d2eaa6a9b16ea]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[bc8497ad84065fd79d7bad380df828d8]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[4ff173d190fa1422f222f1f43ec7ce32]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=142606833...{searchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=142606833...{searchTerms}),,[63ddf351cfbbb68054c29e4760a59a66]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[ee52cf751f6b92a46baa8c5858adcb35]
PUP.Optional.Delta.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[112fe3612f5bd95dd94035b07194fb05]
PUP.Optional.Delta.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1426068334&from=..., Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1426068334&from=...),,[f34d0e36e2a8d1652ce90dd88a7b0cf4]
PUP.Optional.Delta.A, HKU\S-1-5-21-966393682-1345118548-1145124699-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=142606833...{searchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=142606833...{searchTerms}),,[ff41ff45cac0f54136e124c1b94ca15f]

Folders: 34
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.StormAlert.A, C:\Users\matguil\AppData\Local\StormAlert, , [a69a3e06b0da7abcd770229b986bcf31],
PUP.Optional.MySearchDial.A, C:\Users\matguil\AppData\Roaming\mysearchdial, , [6ad6b490ec9e280e26c6402a6b988878],
PUP.Optional.MySearchDial.A, C:\Users\matguil\AppData\Roaming\mysearchdial\icons_2.18.2.0, , [6ad6b490ec9e280e26c6402a6b988878],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [51ef79cb7b0f1c1a9781255d37cc03fd],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [51ef79cb7b0f1c1a9781255d37cc03fd],
PUP.Optional.SystemSpeedup, C:\Users\matguil\AppData\Roaming\systweak\ssd, , [57e90f35f397152107aedaa8df24a957],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [8fb1e064ef9b6bcb7b34207e6c97857b],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [8fb1e064ef9b6bcb7b34207e6c97857b],

Files: 70
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, , [92aef0541872de58f6891ef022e023dd],
PUP.Optional.StormAlert.A, C:\ProgramData\JitbVIQut\prGZNYvE.exe, , [b78957ed0f7b5cda02f1a75628d9e41c],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\JitbVIQut\dat\AOlcDaPtlA.dll, , [2f11df659eecb48206ceb12224e10000],
PUP.Optional.StormAlert.A, C:\ProgramData\JitbVIQut\dat\deHPXrNlGSz.exe, , [c779b094a3e7be782fc4ee0f10f119e7],
PUP.Optional.StormAlert.A, C:\ProgramData\JitbVIQut\dat\LTOxBiPfT.exe, , [56ea30145832fd39b43fc538c53c0cf4],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, , [b48caf955634e94df4c5b7fbaf5433cd],
PUP.Optional.StormAlert.A, C:\Users\matguil\AppData\Local\StormAlert\data2.dat, , [a69a3e06b0da7abcd770229b986bcf31],
PUP.Optional.WindowsMangerProtect.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [6ed23b098406e84e9dd112a48281a35d],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [51ef79cb7b0f1c1a9781255d37cc03fd],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\update.exe, , [51ef79cb7b0f1c1a9781255d37cc03fd],
PUP.Optional.SystemSpeedup, C:\Users\matguil\AppData\Roaming\systweak\ssd\SSDPTstub.exe, , [57e90f35f397152107aedaa8df24a957],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, , [8fb1e064ef9b6bcb7b34207e6c97857b],
PUP.Optional.QuickStart.A, C:\Users\matguil\AppData\Roaming\Mozilla\Firefox\Profiles\vhuhpdxu.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[e45c55efddad221470fc6bb5d432748c]
PUP.Optional.Delta.A, C:\Users\matguil\AppData\Roaming\Mozilla\Firefox\Profiles\vhuhpdxu.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.delta-homes.com/?type=hp&ts=1426068334&from=...");), ,[ae92083cf09a74c240d94dd421e56b95]

Physical Sectors: 0
(No malicious items detected)


(end)

Autres pages sur : infections storm alert delta home

a c 267 8 Sécurité
11 Mars 2015 15:22:50

Bonjour,


1/

  • Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

  • Une fois le scan terminé, choisis l'option "Nettoyer".

  • Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[s?].



  • 2/

    • Télécharge Farbar Recovery Scan Tool (de Farbar) sur ton Bureau.

      Attention : tu dois prendre la version compatible avec ton système : 32 ou 64 bits.

    • Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).

    • Coche la case Addition.txt.

    • Clique sur le bouton Scan.

    • Une fois le scan terminé, deux rapports FRST.txt et Addition.txt seront présents sur le Bureau.

    • Héberge les deux rapports sur pjjoint.malekal.com et copie-colle les liens fournis dans ta prochaine réponse.
    m
    0
    l
    11 Mars 2015 18:08:32

    Destrio5 a dit :
    Bonjour,


    1/

    • Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

    • Une fois le scan terminé, choisis l'option "Nettoyer".

    • Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[s?].



  • 2/

    • Télécharge Farbar Recovery Scan Tool (de Farbar) sur ton Bureau.

      Attention : tu dois prendre la version compatible avec ton système : 32 ou 64 bits.

    • Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).

    • Coche la case Addition.txt.

    • Clique sur le bouton Scan.

    • Une fois le scan terminé, deux rapports FRST.txt et Addition.txt seront présents sur le Bureau.

    • Héberge les deux rapports sur pjjoint.malekal.com et copie-colle les liens fournis dans ta prochaine réponse.



  • Rebonjour,
    J'ai fais la première étape avec adw cleaner et tout semble rentrer dans l'ordre. Voici le lien: http://pjjoint.malekal.com/files.php?id=20150311_h11x8m...

    Est-il nécessaire que je fasse la seconde étape si tout fonctionne correctement à nouveau ?
    Encore merci pour votre aide


    m
    0
    l
    Contenus similaires
    a c 267 8 Sécurité
    11 Mars 2015 20:30:27

    C'est préférable (pour voir s'il ne reste pas de mauvais éléments).
    m
    0
    l
    a c 267 8 Sécurité
    12 Mars 2015 17:57:30

    • Ouvre le Bloc-notes.
    • Copie-colle le texte encadré ci-dessous dans le Bloc-notes :

      start
      CloseProcesses:
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
      HKU\S-1-5-21-966393682-1345118548-1145124699-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
      SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-966393682-1345118548-1145124699-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
      CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1426068334&from=wpm03113&uid=HGSTXHTS545050A7E680_TMA55DTF256DTR256DTRX
      CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1426068334&from=wpm03113&uid=HGSTXHTS545050A7E680_TMA55DTF256DTR256DTRX"
      CHR DefaultSearchKeyword: Default -> delta-homes
      2015-03-11 11:06 - 2015-03-11 11:12 - 00000000 ____D () C:\Users\matguil\AppData\Everything
      2015-03-11 15:56 - 2014-12-19 22:19 - 00000000 ____D () C:\ProgramData\JitbVIQut
      end

    • Enregistre le fichier au même endroit que FRST sous le nom fixlist.txt
    • Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).
    • Clique sur Fix. Patiente le temps de la correction.

      Note : si l'outil a besoin d'un redémarrage, laisse le système redémarrer normalement, l'outil terminera son travail.

    • Une fois la correction terminée, un rapport Fixlog.txt sera présent dans le même dossier que FRST.
    • Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.
    m
    0
    l
    12 Mars 2015 19:07:29

    Destrio5 a dit :
    • Ouvre le Bloc-notes.
    • Copie-colle le texte encadré ci-dessous dans le Bloc-notes :

      start
      CloseProcesses:
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
      HKU\S-1-5-21-966393682-1345118548-1145124699-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
      SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-966393682-1345118548-1145124699-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
      CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1426068334&from=wpm03113&uid=HGSTXHTS545050A7E680_TMA55DTF256DTR256DTRX
      CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1426068334&from=wpm03113&uid=HGSTXHTS545050A7E680_TMA55DTF256DTR256DTRX"
      CHR DefaultSearchKeyword: Default -> delta-homes
      2015-03-11 11:06 - 2015-03-11 11:12 - 00000000 ____D () C:\Users\matguil\AppData\Everything
      2015-03-11 15:56 - 2014-12-19 22:19 - 00000000 ____D () C:\ProgramData\JitbVIQut
      end

    • Enregistre le fichier au même endroit que FRST sous le nom fixlist.txt
    • Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).
    • Clique sur Fix. Patiente le temps de la correction.

      Note : si l'outil a besoin d'un redémarrage, laisse le système redémarrer normalement, l'outil terminera son travail.

    • Une fois la correction terminée, un rapport Fixlog.txt sera présent dans le même dossier que FRST.
    • Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.



  • Ok, voici le lien:
    http://pjjoint.malekal.com/files.php?id=20150312_k5g6g1...
    m
    0
    l
    a c 267 8 Sécurité
    12 Mars 2015 19:41:27

    delta-homes apparaît encore sur Google Chrome ?
    m
    0
    l
    12 Mars 2015 20:35:03

    Destrio5 a dit :
    delta-homes apparaît encore sur Google Chrome ?


    Non, ça a l'air bon.
    m
    0
    l

    Meilleure solution

    a c 267 8 Sécurité
    12 Mars 2015 21:13:27

    Ok ;) 

    Pour finir :


    1/

    ---> Télécharge et installe CCleaner.
    * Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers temporaires de Windows datant de plus de 24 heures puis dans Surveillance, décoche les deux cases.
    * Va dans Nettoyeur et lance le nettoyage.


    2/

    ---> Télécharge DelFix sur ton Bureau puis lance-le.
    * Coche Purger la restauration système et laisse Supprimer les outils de désinfection coché.
    * Clique sur Exécuter.
    * Poste le rapport.


    ==Prévention==

    Adware Prevention permet de t'entraîner à ne pas accepter de PUPs / adwares lors d'installations de logiciels :
    http://security-x.fr/~guigui0001/

    http://www.malekal.com/2011/07/27/detection-puplpi-pote...

    Un dossier sur la prévention et sécurité sur Internet est disponible ici.


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu, clique sur un des boutons Sélectionner comme meilleure solution présents en bas de mes réponses.
    partage
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS