start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://isearch.omiga-plus.com/?type=...9G863DCG863DCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about_:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://isearch.omiga-plus.com/?type=...9G863DCG863DCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
http://isearch.omiga-plus.com/?type=...9G863DCG863DCX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422131263&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422131263&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422131263&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422131263&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-826106567-84020505-3709442446-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&ts=1422131322&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-826106567-84020505-3709442446-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&ts=1422131322&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-826106567-84020505-3709442446-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&ts=1422131322&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-826106567-84020505-3709442446-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&ts=1422131322&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-826106567-84020505-3709442446-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=ill&utm_campaign=install_ie&utm_content=ds&from=ill&uid=HitachiXHTS547575A9E384_J2190059G863DCG863DCX&ts=1422131322&type=default&q={searchTerms}
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Toolbar: HKU\S-1-5-21-826106567-84020505-3709442446-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
http://isearch.omiga-plus.com/?type=...9G863DCG863DCX
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
C:\Program Files (x86)\XTab\ProtectService.exe
2015-01-27 06:36 - 2015-01-27 06:36 - 00003292 _____ () C:\Windows\System32\Tasks\cfcNQFd7UjNAaAx
2015-01-27 06:35 - 2015-01-27 06:36 - 00000000 ____D () C:\Users\Utilisateur\AppData\Roaming\KLeHUMA
2015-01-27 06:35 - 2015-01-27 06:35 - 00003252 _____ () C:\Windows\System32\Tasks\OmdNNmbo1Gk39YQ
2015-01-27 06:35 - 2015-01-27 06:35 - 00000000 ____D () C:\Users\Utilisateur\AppData\Roaming\JUtU2Bf
2015-01-24 21:29 - 2015-01-24 21:29 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-24 21:28 - 2015-01-24 21:29 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-24 21:27 - 2015-01-24 21:27 - 00000000 ____D () C:\Users\Utilisateur\AppData\Roaming\omiga-plus
C:\Users\Invité\AppData\Local\Temp\jna1178497602362581442.dll
C:\Users\Invité\AppData\Local\Temp\jna1211039624642059220.dll
C:\Users\Invité\AppData\Local\Temp\jna1383442829726740788.dll
C:\Users\Invité\AppData\Local\Temp\jna1977359801693000870.dll
C:\Users\Invité\AppData\Local\Temp\jna2197120439133527894.dll
C:\Users\Invité\AppData\Local\Temp\jna2277595375658369167.dll
C:\Users\Invité\AppData\Local\Temp\jna243862197797001572.dll
C:\Users\Invité\AppData\Local\Temp\jna2775391479744641694.dll
C:\Users\Invité\AppData\Local\Temp\jna2986045107858454976.dll
C:\Users\Invité\AppData\Local\Temp\jna302632306526068263.dll
C:\Users\Invité\AppData\Local\Temp\jna3088985297609842968.dll
C:\Users\Invité\AppData\Local\Temp\jna3101714189133288450.dll
C:\Users\Invité\AppData\Local\Temp\jna3383510205279284931.dll
C:\Users\Invité\AppData\Local\Temp\jna3535304441280280684.dll
C:\Users\Invité\AppData\Local\Temp\jna3555880895728052267.dll
C:\Users\Invité\AppData\Local\Temp\jna3593623382484289948.dll
C:\Users\Invité\AppData\Local\Temp\jna3733126913726148884.dll
C:\Users\Invité\AppData\Local\Temp\jna3853132973065267832.dll
C:\Users\Invité\AppData\Local\Temp\jna4526913718526732086.dll
C:\Users\Invité\AppData\Local\Temp\jna4690766740122746062.dll
C:\Users\Invité\AppData\Local\Temp\jna4796243522659313016.dll
C:\Users\Invité\AppData\Local\Temp\jna4803330618200862042.dll
C:\Users\Invité\AppData\Local\Temp\jna487407568030564490.dll
C:\Users\Invité\AppData\Local\Temp\jna4972326363337868779.dll
C:\Users\Invité\AppData\Local\Temp\jna5173885497718265923.dll
C:\Users\Invité\AppData\Local\Temp\jna5312012197818223513.dll
C:\Users\Invité\AppData\Local\Temp\jna5443123851323268851.dll
C:\Users\Invité\AppData\Local\Temp\jna6030299832101186190.dll
C:\Users\Invité\AppData\Local\Temp\jna6039079445236765401.dll
C:\Users\Invité\AppData\Local\Temp\jna6144228763771653434.dll
C:\Users\Invité\AppData\Local\Temp\jna6507612878039814646.dll
C:\Users\Invité\AppData\Local\Temp\jna6512892731503540.dll
C:\Users\Invité\AppData\Local\Temp\jna6668123378812702523.dll
C:\Users\Invité\AppData\Local\Temp\jna6669292597080258531.dll
C:\Users\Invité\AppData\Local\Temp\jna675133829078794009.dll
C:\Users\Invité\AppData\Local\Temp\jna6909855156836057465.dll
C:\Users\Invité\AppData\Local\Temp\jna7141054312516992879.dll
C:\Users\Invité\AppData\Local\Temp\jna7276416725892100693.dll
C:\Users\Invité\AppData\Local\Temp\jna7380423035214835602.dll
C:\Users\Invité\AppData\Local\Temp\jna7505086486602767800.dll
C:\Users\Invité\AppData\Local\Temp\jna7904470647474757403.dll
C:\Users\Invité\AppData\Local\Temp\jna8152853060589444938.dll
C:\Users\Invité\AppData\Local\Temp\jna8154091721333926500.dll
C:\Users\Invité\AppData\Local\Temp\jna8300068673721323701.dll
C:\Users\Invité\AppData\Local\Temp\jna850836996284371671.dll
C:\Users\Invité\AppData\Local\Temp\jna856273129658999747.dll
C:\Users\Invité\AppData\Local\Temp\jna8646522272473181557.dll
C:\Users\Invité\AppData\Local\Temp\jna8678423693128416101.dll
C:\Users\Invité\AppData\Local\Temp\jna8763584822064213522.dll
C:\Users\Invité\AppData\Local\Temp\jna9188169647812234069.dll
C:\Users\Utilisateur\AppData\Local\Temp\Quarantine.exe
C:\Users\Utilisateur\AppData\Local\Temp\sqlite3.dll
omiga-plus uninstall (HKLM-x32\...\omiga-plus uninstall) (Version: - omiga-plus) <==== ATTENTION
Task: {0614440E-7C5A-4DD0-8D0E-5EDA16CD11BB} - System32\Tasks\TaskUserUpdate_wp => C:\Users\Utilisateur\AppData\Roaming\~jzpahob.exe
Task: {0A0D4383-4422-4142-96AC-74D1E439ADE6} - System32\Tasks\z2w4HN4zlt5lYuc => C:\Users\Utilisateur\AppData\Roaming\Sy7ws4c\9p6YvRm.exe [2014-11-27] ( )
Task: {0B7DD0A4-4FA8-430F-96D2-82B8F1BCB955} - System32\Tasks\WIN-statsAdmin => C:\Users\Utilisateur\AppData\Local\Microsoft\WinU\~zhtqkih.exe <==== ATTENTION
Task: {29D15C94-666B-4628-8423-DD8C2DC54FA3} - System32\Tasks\{DAB7ECE1-2FEC-49B1-BF01-54FCCA886AAB} => pcalua.exe -a C:\Users\Utilisateur\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=ill <==== ATTENTION
Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {62A5424B-4DC6-456F-A9CB-7A51F5181553} - System32\Tasks\{EDBF4801-BE88-432D-B9BB-68756DBECE25} => pcalua.exe -a C:\Users\Utilisateur\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=ill <==== ATTENTION
Task: {980B3EED-638E-4414-860E-0918AE14EF19} - System32\Tasks\cfcNQFd7UjNAaAx => C:\Users\Utilisateur\AppData\Roaming\KLeHUMA\yXPZePX.exe [2015-01-27] ( )
Task: {B5C3875C-B02C-448C-910C-BA8E552D38AF} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Utilisateur\AppData\Roaming\~zmyewko.exe
Task: {D0A49612-8ACB-4576-B0F4-3CB40B2A7AAD} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Utilisateur\AppData\Roaming\~lbojkhu.exe
Task: {F0B20AFD-324F-4955-BCD3-DB6DA5D6FDD8} - System32\Tasks\OmdNNmbo1Gk39YQ => C:\Users\Utilisateur\AppData\Roaming\JUtU2Bf\HM1ozPi.exe [2015-01-27] ( )
EmptyTemp:
Hosts:
End