I am here at Bleeping Computer because my Firefox has been infected with DELTA SEARCH HIJACK. I believe it came in when I was trying to download a font, and I was having trouble with it when the ‘delta search browser first appeared. I’ve kind of over-explained it, especially if someone is familiar with this particular issue, but I’ve been fighting it for four days, and the solutions I’ve received (predominantly through yahoo answers) have been incomplete and unhelpful, so I tried to write up as complete of an explanation as I could.
I can open Mozilla Firefox fine, but any additional tabs opened redirect to Delta Search (looks similar to google). Returns ads, tainted results, many say "we'd like to show you a description, but your computer won't let us"...not trusted.
Located several methods for removal, but they were located on Firefox after ‘delta search’ was loose, Some contain obvious spelling and/or grammar errors...I do not know if any of them can be trusted.
The removal instructions say go to add/remove programs list and uninstall any/all of the following: Delta Chrome Toolbar, Delta Toolbar, Yontoo, BrowserProtect, and Mixi.DJ. None of these are listed in my Add/Remove programs list. I cannot find these five items anywhere on my computer. As this is one of the first steps in the removal methods, and not one of them gives any alternative or suggestions on how to proceed from this point if these five items are not located, I’ve not taken a single step towards correcting this issue (hence my signing up here, which I have done through IE, btw).
My understanding (and I could be completely wrong, please correct me if I am) is that ‘delta search’ can record and alter accounts, passwords, login id’s, so I would not be able to access them anymore. I’m not as sure about this, but I believe even password protected documents on my computer may be at risk, if they are accessed through Firefox while the ‘delta search’ is still in place.
In some of the removal instructions (including some of those I’ve found on bleeping computer) they stress a couple of things to be wary of.
First, they say that this is not going to be a quick or easy fix, strongly suggest backing everything up just in case. I have no external backup capacity or ability at this time, and I’m very concerned that I may lose something of value.
Second, some of the instructions (which I cannot get to yet because of the earlier step to uninstall the five item names that I cannot find on my system) specifically instruct performing actions that may cause an error or alarm, and the instructions say to go ahead and perform that step anyway.
For someone that does not know what they are doing (me), and seeing some of the possible recovery methods that are already suspect due to their poorly written nature (misspellings, grammatical errors), or have suspicious looking descriptions (we'd like to show you a description, but your computer won't let us), and then to come across very specific instructions that are advocating performing some action that the computer itself advises against, the
paranoid hyper-vigilant and knowledge challenged user (again, me) may see what are really valid instructions as a request to ‘lower the drawbridge’, or to ‘drop the shields’, basically handing over my system to those responsible for the hijack in the first place.
Third, and this is more of a generalization than anything, but when I see lots of little tools or apps that are recommended for download in order to properly deal with issues like this, I get a bit suspicious that the initial issue (in my case the delta search hijack) is really nothing more than bait for a trap. And that is spawned completely out of my lack of knowledge...but I’d have to think that such things do exist.
As far as I can tell only Firefox is infested by the ‘delta search’. Internet Explorer does not APPEAR to be, but I have no idea. So this is what I’m hoping to find here in bleeping computer...
1) If no second tab is opened when using Firefox, is ‘delta search’ still a threat? Or does it need that additional tab opened in order to do what ever trouble it is designed to do?
2) If Firefox is not open, and I’m doing whatever (like writing this) with no open portals to the internets, am I still at risk of being hacked, or can I safely work offline and password protect all work before going online? Or does it require having a ‘delta search’ browser open on the screen? I had a bad thought that maybe it’s collecting data the entire time, but I won’t know that until I open a portal and it sends whatever it’s collected to whomever is at the other end of this thing...because if that’s the case my everythings are already compromised, I fear.
3) What is the actual scope of the danger with ‘delta search’? I’ve seen everything from a ‘minor inconvenience, nothing to worry over’, to ‘you are in imminent danger of having your entire system hijacked, including all accounts, passwords, and anything else that is resident’, and China will begin using my computer to hack into the Pentagon. What is the truth?
4) Is IE safe? With Firefox infected, is IE infected as well? If not, is IE in danger of being infected due to the immediacy of the ‘delta search’ malware inside Firefox? Or would ‘delta search’ have to piggy back it’s way into IE just as it did through Firefox?
5) I need very clear procedures to effectively and completely remove this from my system (keeping in mind one of the earliest steps in the solutions I’ve found to date is to uninstall item names that are not on my system, or are, just not under the item names I’ve been told to look for).
6) Finally, I’d like to increase my knowledge base regarding such things, in hopes of preventing future attacks, or at least recognize them earlier, and also have knowledgeable resources that I can trust and tap into when needed, and this is what I’m hoping the bleeping computer community can assist me with.
Sorry about the length of this, but I’ve been run around for four days now, and a bit frayed at the edges. I just wanted to be as specific as I could...trust me...my first draft of this request was over five pages long...
p.s. my system particulars, if needed...
MS Windows XP Home SP3
Intel Pentium 4 CPU 2.60GHz, 1.0GB RAM, NVIDIA GeForce 6200
Dell Dimension 8300
Other resources: Rkill, Ccleaner, Malwarebytes Anti-Malware, MS Security Essentials
If any additional info is needed, please do not hesitate to ask...
T.I.A., and peas on Earth...