Malware and virus removal

chick247 · Apr 24, 2015

I am sorry to post this as I believe there are so many similar threads in the past, but I am not very good English, it is hard for me to go through all the threads. Apologies.

Right, my windows 8 computer has seemed to be infected. If I click linksks, a new tab opens saying 'powered by delta' and lot of pop ads come up all over the place. Also there are lot of highlighted links that don't look like links in articles.
I am not sure what security system I have got.
When I opened 'action center' and checked security,everything is on apart from 'network access protection'. I don't have any antivirus soft as I have been told that I don't need one with W8.
Here is the result of Tsg.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 5997 Mb
Graphics Card: Intel(R) HD Graphics, -1988 Mb
Hard Drives: C: Total - 76349 MB, Free - 36175 MB; D: Total - 621062 MB, Free - 616520 MB;
Motherboard: FUJITSU, FJNBB29
Antivirus: Windows Defender, Disabled

Thanks.

Added below.

I just used malwarebyte. I scanned 1st without my external HDD, and did it again with external HDD that is suspicious. I removed all the detected ones.This is the result.
1st)
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015/04/25
Scan Time: 6:20:50
Logfile: malwarebytelog.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.04.24.08
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Emi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 348791
Time Elapsed: 30 min, 47 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.PayByAds.A, C:\Users\Emi\AppData\Local\delta\delta\1.3.25.0\bdraw.exe, 3212, Delete-on-Reboot, [d791a5cb0783082e09300438679f3fc1]

Modules: 0
(No malicious items detected)

Registry Keys: 116
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [3434c0b0f2980d292ec80b7247bc32ce],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [3434c0b0f2980d292ec80b7247bc32ce],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [3434c0b0f2980d292ec80b7247bc32ce],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [38301f518ffb55e10bc3c6b89d66be42],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [38301f518ffb55e10bc3c6b89d66be42],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [38301f518ffb55e10bc3c6b89d66be42],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D}, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D}, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D}, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc.1, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.deltaESrvc, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.deltaESrvc.1, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.deltaESrvc.1, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd.1, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltadskBnd.1, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltadskBnd.1, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\escort.escortIEPane.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\escort.escortIEPane, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\escort.escortIEPane, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\escort.escortIEPane, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\escort.escortIEPane.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\escort.escortIEPane.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaHlpr.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaHlpr.1, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B}, Quarantined, [de8ab0c0127889ad2bca2c51e02301ff],
PUP.Optional.Babylon.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [452308685238b482396020244db63cc4],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}, Quarantined, [9ace99d7a4e66ec8bc2e6518f31026da],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Delta Chrome Toolbar, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [7aee313fcbbf54e2ee580beeb54ec53b],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\DELTA\DELTA\Instl, Quarantined, [392f115feb9f8caaae475dd0e81d55ab],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\eooncjejnppfjjklapaamhcd mjbilmde, Quarantined, [14549fd1a7e3fa3caf3ccd18ed166a96],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\DataMngr, Quarantined, [3a2e5c14fe8c3bfbd7ec76b2fd086d93],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\DataMngr_Toolbar, Quarantined, [2f397ef29eece84e6b5730f814f1a060],
PUP.Optional.Babylon.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\BABSOLUTION\Updater, Quarantined, [d98f78f83c4e36003d8984a5b253fe02],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\DELTA\DELTA, Quarantined, [4325ee825733d95d3134180f03028f71],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [0761cca418725ed8c652ed26788c718f],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\INSTALLCORE, Quarantined, [fa6e353b0b7fe55115d18f99c540fa06],
PUP.Optional.BProtector.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [e484fc74fd8dfd39ac5d37f58d78bf41],
PUP.Optional.KeepMySearch.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001_Classes\keepmysearch, Quarantined, [32368de3ec9e59dd5ac4b722de259769],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore.1, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaappCore, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaappCore, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\delta.deltaappCore.1, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\delta.deltaappCore.1, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\d, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\d, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\d, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\delta, Quarantined, [f375610f6f1b8babf044078b47bcba46],

Registry Values: 10
PUP.Optional.PayByAds.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|bdraw, C:\Users\Emi\AppData\Local\delta\delta\1.3.25.0\bdraw.exe, Quarantined, [d791a5cb0783082e09300438679f3fc1]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{82E1477C-B154-48D3-9891-33D83C26BCD3}, Delta Toolbar, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [90d8c2ae7f0b1e1818de0379bd4633cd],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, Quarantined, [4325ee825733d95d3134180f03028f71],
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\DELTA\DELTA|lastB, http://www1.delta-search.com/?babsrc...19357&tsp=4944, Quarantined, [0a5ea8c85139f83e08a6d25df70e8a76]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\INSTALLCORE|tb, 0H1K1F1Q1E1I1N2W0T0S0RtCtA, Quarantined, [fa6e353b0b7fe55115d18f99c540fa06]
PUP.BProtector, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?babsrc...19357&tsp=4944, Quarantined, [2a3e0070d2b84aec0db734f4ad587b85]
PUP.BProtector, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [ee7a17596e1cdf573a8bcf597c89d32d]
PUP.Optional.Delta.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CE682CD444997E95&affID=119357&tsp=4944 , Quarantined, [37314927dab0c86e149aef67fa0b3fc1]
PUP.Optional.Babylon.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, Quarantined, [ce9ae18f5f2b22142387ada9e421b14f]

Registry Data: 2
PUP.Optional.Babylon.A, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://isearch.babylon.com/?babsrc=H...19357&tsp=4944, Good: (www.google.com), Bad: (http://isearch.babylon.com/?babsrc=H...4944),Replaced,[e088bfb11872e254884d23e6fa0ca65a]
PUP.Optional.StartPage, HKU\S-1-5-21-583762345-3554541754-2422783226-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?babsrc...19357&tsp=4944, Good: (www.google.com), Bad: (http://www1.delta-search.com/?babsrc...4944),Replaced,[8cdc2f4111792412cabefe09e2241ae6]

Folders: 10
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\bh, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.BabSolution.A, C:\Users\Emi\AppData\Roaming\BabSolution\CR, Quarantined, [323673fd7f0bd0661f98792c54af8e72],
PUP.Optional.OnlySearch, C:\Users\Emi\AppData\Local\onlysearch, Quarantined, [640480f07e0c1a1c48e5b6f7c83b6898],
PUP.Optional.OnlySearch, C:\Users\Emi\AppData\Local\onlysearch\onlysearch, Quarantined, [640480f07e0c1a1c48e5b6f7c83b6898],
PUP.Optional.OnlySearch, C:\Users\Emi\AppData\Local\onlysearch\onlysearch\1.3.12.9, Quarantined, [640480f07e0c1a1c48e5b6f7c83b6898],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, Quarantined, [b0b8343c1971e254d258299ad72c39c7],

Files: 29
PUP.Optional.PayByAds.A, C:\Users\Emi\AppData\Local\delta\delta\1.3.25.0\bdraw.exe, Delete-on-Reboot, [d791a5cb0783082e09300438679f3fc1],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\deltasrv.exe, Quarantined, [e286ed83dfab999dbd86ed5ea75c738d],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll, Quarantined, [a3c5cfa1e8a2290d14e2f785897a50b0],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll, Quarantined, [8eda1c54e2a8b5818273d9a3fd06aa56],
PUP.Optional.Buenosearch.A, C:\Users\Emi\AppData\Local\Temp\bus8AE6\bbjoin.ex_, Quarantined, [32365917deac4aec36b5411c26dad32d],
PUP.Optional.KeepMySearch.SID.A, C:\Users\Emi\AppData\Local\Temp\busB2DB\join.exe, Quarantined, [90d8e48ced9db482f5db1230778f15eb],
PUP.Optional.OnlySearch.A, C:\Users\Emi\AppData\Local\Temp\busE7E1\update.exe, Quarantined, [fb6d78f84b3f95a1e7ad89d54eb254ac],
PUP.Optional.Babylon.A, C:\Windows\System32\Tasks\EPUPDATER, Quarantined, [d98fcfa12a603cfa60bd6292a85b649c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\Delta.ico, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\BabMaint.exe, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\BUSolution.dll, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\chu.js, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\GUninstaller.exe, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\SetupParams.ini, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Roaming\BabSolution\Shared\sqlite3.dll, Quarantined, [145474fcb5d58da909278abcf3127090],
PUP.Optional.BDraw.A, C:\Windows\System32\Tasks\bdraw, Quarantined, [b0b88de3503ad95d137a8fc801047090],
PUP.Optional.BDraw.A, C:\Windows\System32\Tasks\bdraw Updater, Quarantined, [82e65d13e4a62e0866274d0a48bd13ed],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaApp.dll, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\GUninstaller.exe, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.Delta.A, C:\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe, Quarantined, [f375610f6f1b8babf044078b47bcba46],
PUP.Optional.BabSolution.A, C:\Users\Emi\AppData\Roaming\BabSolution\CR\Delta.crx, Quarantined, [323673fd7f0bd0661f98792c54af8e72],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\background .js, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\delta128.p ng, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\delta48.pn g, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\manifest.j son, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\redirect.h tml, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.Delta.A, C:\Users\Emi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0\redirect.j s, Quarantined, [fc6c313f4e3cfc3af8e24e5f7c87e41c],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, Quarantined, [b0b8343c1971e254d258299ad72c39c7],

Physical Sectors: 0
(No malicious items detected)

(end)

2nd with an external HDD
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015/04/25
Scan Time: 6:59:30
Logfile: malwarebytescanresultwithexternalHDD.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.04.24.08
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Emi

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 348356
Time Elapsed: 33 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Any further action???

Thanks.

chick247 · May 7, 2015

OK, I think I have been very patient, but I am very surprised that nobody has given me any advice. Not helpful at all.

Log in or Sign up

Malware and virus removal

chick247 Thread Starter

chick247 Thread Starter

Welcome to Tech Support Guy!

In Progress File Encrypted - Virus & Other Malware Removal

Solved Possible Virus or Malware With Chromebook

Solved Virus or Malware????

In Progress Possible Virus or Malware problem

Solved I can't connect to Internet after malwarebytes scanning

Log in or Sign up

Malware and virus removal

chick247 Thread Starter

chick247 Thread Starter

Welcome to Tech Support Guy!

In Progress File Encrypted - Virus & Other Malware Removal

Solved Possible Virus or Malware With Chromebook

Solved Virus or Malware????

In Progress Possible Virus or Malware problem

Solved I can't connect to Internet after malwarebytes scanning

Useful Searches