Has anyone heard of delta-homes.com? Is it a virus or a genuine site?
Look here: http://support.clean-mx.com/clean-mx/view_virusescontent.php?url=htxp%3A%2F%2Fwww.delta-homes.com%2F%3Futm_source%3Db%26utm_medium%3Dnewgdp%26utm_campaign%3DeXQ%26utm_content%3Dsc%26from%3Dnewgdp%26uid%3DWDCXWD3200BEVT-22ZCT0_WD-WXR1E30RZL46RZL46%26ts%3D1380344019
See javascript syntax errors here: http://jsunpack.jeek.org/?report=0235bb80c1fa5fbdb627aa3517759e7d799517c7
Encoded content → http://jsunpack.jeek.org/?report=4c0a2d7b77350eaacb6082a197872e4d6c7f66be
(jsunpack unpacker, view results in a sandboxed browser with NoScript and RequestPolicy extensions active, for security researchers and computer professionals)
code error:
info: [script] 127.0.0.1/static/js/base.js
info: [decodingLevel=0] found JavaScript
error: undefined variable conf.lang
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var conf.lang = 1; *
error: line:1: …^
info: [decodingLevel=1] found JavaScript
file: 49ffce08794ef0f0a56de80eab461f6a32e547f1: 18285 bytes
file: 847b40e71998543551461c5dcd240853f38d77b3: 228 bytes
- An intruder may remotely exploit this vulnerability to gain root privileges.
htxp://api.v9.com/data/?id=196&num=10 is suspicious misleading claims or unethical: http://www.mywot.com/en/scorecard/api.v9.com?utm_source=addon&utm_content=popup-donuts
polonus
it is a browser hijacker
Remove delta-homes.com virus (Removal Guide)
http://malwaretips.com/blogs/delta-homes-removal/
Thanks Pondus for the removal info,
Damian