ScriptZHPFix [MD5.9E195DD48C0341CEB109B5DC567854E1] - (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files (x86)\Desk 365\desk365.exe [1013808] [PID.5704] =>Hijacker.22Find [MD5.39531D54F2AFA4473BB4A97F64E99271] - (.Cherished Technololgy LIMITED - WPM Service.) -- C:\ProgramData\WPM\wprotectmanager.exe [493568] [PID.7052] =>PUP.WpManager [MD5.D1EBE337782B1F32A52C0C80A98FC08B] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe [508016] [PID.5692] =>Trojan.SProtector [MD5.25FDF58009C2C666FE0A5BB7AA319447] - (.337 Technology Limited. - dsk service.) -- C:\Program Files (x86)\Desk 365\deskSvc.exe [425008] [PID.6156] =>Hijacker.22Find C:\Users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\prefs.js (.not file.) C:\Users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\zqzszc73.Utilisateur par défaut\prefs.js (.not file.) M3 - MFPP: Plugins - [Gilbert] -- C:\Users\Gilbert\AppData\Roaming\Mozilla\Firefox\Profiles\g7irig8w.default-1359471404277\searchplugins\01netcom-v1-customized-web-search.xml =>Toolbar.Conduit M3 - MFPP: Plugins - [Gilbert] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\QuickLaunch [Gilbert]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Gilbert\AppData\Local\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\QuickLaunch [Gilbert]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\QuickLaunch [Gilbert]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\TaskBar [Gilbert]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\Program [Gilbert]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\SystemTools [Gilbert]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\SendTo [Gilbert]: Desk 365.lnk . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files (x86)\Desk 365\desk365.exe =>Hijacker.22Find O4 - GS\Desktop [Gilbert]: chrome.exe - Incognito.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Gilbert\AppData\Local\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp O23 - Service: Desk 365 service (desksvc) . (.337 Technology Limited. - dsk service.) - C:\Program Files (x86)\Desk 365\deskSvc.exe =>Hijacker.22Find O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager [MD5.9E195DD48C0341CEB109B5DC567854E1] [APT] [Desk 365 RunAsStdUser] (.337 Technology Limited..) -- C:\Program Files (x86)\Desk 365\desk365.exe [1013808] =>Hijacker.22Find [MD5.00000000000000000000000000000000] [APT] [{0141E308-7199-42C1-A6F1-57E1E45619F5}] (...) -- C:\Program Files (x86)\1 Jeu par jour\Chronicles of Mystery - Le Secret du Monde Perdu\MystLauncher.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{C9DAB197-4412-469E-95D5-E057CA8E89F4}] (...) -- C:\Program Files (x86)\Micro Application\Voyage au Centre de la Terre\game.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D31C318B-ED9A-4E12-9417-6D3128EC20B2}] (...) -- C:\Program Files (x86)\Micro Application\Voyage au Centre de la Terre\game.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DF8F8B12-272B-47E4-925F-F7D942E7B9EE}] (...) -- C:\Program Files (x86)\Ares\Ares.exe (.not file.) [0] O42 - Logiciel: Desk 365 - (.337 Technology Limited..) [HKLM][64Bits] -- Desk 365 =>Hijacker.22Find O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>Trojan.SProtector O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager [HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager O43 - CFD: 01/02/2014 - 11:23:34 - [10,575] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find O43 - CFD: 01/02/2014 - 11:23:17 - [0,484] ----D C:\ProgramData\IePluginService =>Trojan.SProtector O43 - CFD: 01/02/2014 - 11:22:56 - [0,471] ----D C:\ProgramData\WPM =>PUP.WpManager O43 - CFD: 01/02/2014 - 11:23:43 - [14,008] ----D C:\Users\Gilbert\AppData\Roaming\Desk 365 =>Hijacker.22Find O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.awesomehp.com =>PUP.Awesomehp O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Gilbert\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (awesomehp) - http://www.awesomehp.com =>PUP.Awesomehp O69 - SBI: SearchScopes [HKCU] {4636A0CF-B34A-4C73-A012-78DBACCE3D14} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {4DBDCB1D-51B0-43A4-9969-4C565844B747} - (01NET.com V1 Customized Web Search) - http://search.conduit.com [MD5.3B503223EC29D09A341D6437C88D9CC9] [WIS][01/04/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\1485f7.msi [4475904] =>PUP.Dealio [MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\2e9d1e.msi [573440] =>Toolbar.DeltaSearch SR - | Auto 01/02/2014 493568 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager [HKLM\SYSTEM\CurrentControlSet\Services\desksvc] =>Hijacker.22Find^ [HKLM\SYSTEM\CurrentControlSet\Services\IePluginService] =>Trojan.SProtector^ [HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365] =>Hijacker.22Find^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>Trojan.SProtector^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365] =>Hijacker.22find [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio [HKCU\Software\IObit Apps] =>PUP.Dealio [HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio [HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj] =>PUP.Dealio [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk] =>PUP.Dealio [HKLM\Software\Wow6432Node\iWin.com Games] =>Adware.iWinArcade [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\85DE4D617B8CBA543B9328AE82F5D4D2] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF}] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\SlimShell.DLL] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{42227AF7-D349-45F7-9D8B-D369F7F6EDDE}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\AppID\{42227AF7-D349-45F7-9D8B-D369F7F6EDDE}] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{91733631-2B6B-4C9B-AA78-9C897B3BBC94}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\AppID\{91733631-2B6B-4C9B-AA78-9C897B3BBC94}] =>Toolbar.AVGSearch C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^ C:\ProgramData\IePluginService =>Trojan.SProtector^ C:\ProgramData\WPM =>PUP.WpManager^ C:\Users\Gilbert\AppData\Roaming\Desk 365 =>Hijacker.22Find^ C:\Program Files (x86)\Common Files\337 =>Hijacker.22find C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 =>Hijacker.22find C:\Users\Gilbert\AppData\Local\Temp\Desk365 =>Hijacker.22find C:\Program Files (x86)\Desk 365\desk365.exe =>Hijacker.22Find^ C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager^ C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector^ C:\Program Files (x86)\Desk 365\deskSvc.exe =>Hijacker.22Find^ [HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^ [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^ C:\Windows\Installer\1485f7.msi =>PUP.Dealio^ C:\Windows\Installer\2e9d1e.msi =>Toolbar.DeltaSearch^ FirewallRaz EmptyFlash Emptytemp ShortcutFix