:OTL PRC - [2014/07/11 16:10:54 | 000,689,032 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe PRC - [2014/07/11 16:10:35 | 000,535,936 | ---- | M] (Fuyu LIMITED) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe SRV - [2014/07/11 16:10:54 | 000,689,032 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014/07/11 16:10:35 | 000,535,936 | ---- | M] (Fuyu LIMITED) [Auto | Running] -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -- (WindowsMangerProtect) DRV - [2014/07/10 10:15:58 | 000,030,424 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files (x86)\SupTab\cfgdrv64.cfg -- (hjlkfdajklfed3dfa) IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3345030310-667290739-3674856495-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3345030310-667290739-3674856495-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE - HKU\S-1-5-21-3345030310-667290739-3674856495-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95 IE - HKU\S-1-5-21-3345030310-667290739-3674856495-1005\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKU\S-1-5-21-3345030310-667290739-3674856495-1005\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1405087781&from=smt&uid=ST9320320AS_5SX50Q95XXXX5SX50Q95&q={searchTerms} FF - prefs.js..browser.search.defaultenginename: "omiga-plus" FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9ywhgnh.default\extensions\faststartff@gmail.com [2014/07/11 16:10:13 | 000,000,000 | ---D | M] [2014/07/11 16:10:13 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9ywhgnh.default\extensions\faststartff@gmail.com [2011/03/22 01:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9ywhgnh.default\extensions\nostmp O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found. O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) O3:64bit: - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found O4 - HKLM..\RunOnce: [unlockrootwqme] File not found O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-21-3345030310-667290739-3674856495-1005..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S0].txt File not found O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynTPEnh.exe - Raccourci.lnk = File not found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL) - File not found :Files C:\ProgramData\IePluginServices C:\ProgramData\WindowsMangerProtect C:\Program Files (x86)\SupTab C:\Users\Admin\AppData\Roaming\omiga-plus ipconfig /flushdns /c :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] :Commands [emptytemp]