start
CreateRestorePoint:
CloseProcesses:
Task: {2EF90818-F912-4FA0-A757-B8D11B9D223C} - System32\Tasks\{C9BA5EFC-B4E2-4AD5-89F1-1D7E8265A59A} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-3.5\Uninstall.exe" -c /fromcontrolpanel=1
Task: {783EEEF6-5D19-4A2B-9FD1-EA79BB4FC254} - System32\Tasks\{450F8BDC-F738-42B2-B808-07D736866E1B} => pcalua.exe -a C:\Users\HP\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\...\Run: [99] => wscript.exe //B "C:\Users\HP\AppData\Roaming\99.vbs"
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\...\Run: [FLV Player] => C:\Users\HP\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\...\Policies\system: [DisableChangePassword] 0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409347771&from=smt&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409347771&from=smt&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409347771&from=smt&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409347771&from=smt&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX
HKU\S-1-5-21-1060501992-2510539462-3820372137-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1419333076&from=wpm12233&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409347771&from=smt&uid=HitachiXHTS547575A9E384_J2540054DWWV4EDWWV4EX&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1421900581&from=zbd1&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060501992-2510539462-3820372137-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Pas de fichier]
CHR HomePage: Default -> hxxp://v9.com?type=hp&ts=1450282448&from=mych123&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&z=7689b9247c38ee44813e896gbzcw4e9obbcofzaw9e
CHR StartupUrls: Default -> "hxxp://v9.com?type=hp&ts=1450282448&from=mych123&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&z=7689b9247c38ee44813e896gbzcw4e9obbcofzaw9e"
CHR DefaultSearchURL: Default -> hxxp://v9.com/web?type=ds&ts=1450282448&from=zzgbkk123&uid=hitachixhts547575a9e384_j2540054dwwv4edwwv4ex&z=7689b9247c38ee44813e896gbzcw4e9obbcofzaw9e&q={searchTerms}
CHR DefaultSearchKeyword: Default -> v9
CHR Extension: (Security Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-06-11]
CHR Extension: (Quick start) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-27]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-23]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-23]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-06-10] (Elex do Brasil Participações Ltda)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2015-12-09] (Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-06-10] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-06-10] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [108616 2015-06-10] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [50944 2015-06-10] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [102416 2015-06-10] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-04-17] (Elex do Brasil Participações Ltda)
S3 jmvzuncj; pas de ImagePath
C:\Program Files (x86)\globalUpdate
C:\Users\HP\AppData\Roaming\istartsurf
C:\Program Files (x86)\Plus-HD-3.5
2015-12-26 13:41 - 2014-12-23 12:12 - 00000000 ____D C:\Program Files (x86)\WinZipper
2015-12-10 19:11 - 2014-12-23 12:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\WinZipper
2014-08-21 11:47 - 2014-08-21 11:50 - 0001275 _____ () C:\Users\HP\AppData\Roaming\Bubble Dock.boostrap.log
2014-08-21 11:48 - 2014-08-21 11:49 - 0008997 _____ () C:\Users\HP\AppData\Roaming\Bubble Dock.installation.log
2014-08-21 11:47 - 2014-08-21 11:47 - 0000097 _____ () C:\Users\HP\AppData\Roaming\WindApp.boostrap.log
2014-08-21 11:49 - 2014-08-21 11:50 - 0000374 _____ () C:\Users\HP\AppData\Roaming\WindApp.installation.log
2013-12-06 23:29 - 2013-12-06 23:29 - 0493272 _____ () C:\Users\HP\AppData\Roaming\~lcbcixo.exe
C:\Users\HP\AppData\Roaming\99.vbs
C:\Users\HP\AppData\Local\WebPlayer
C:\Program Files (x86)\SaveSenseLive
C:\Program Files (x86)\Elex-tech
C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys
C:\Windows\System32\DRIVERS\iSafeNetFilter.sys
EmptyTemp:
end