Script ZHPFix
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [ckdjndgfgjaglgcnllemofeepjeeaofa] Instant Savings App v.1.0, (Activé) =>Adware.InstantSavings
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.1.1 (Désactivé) =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
O1 - Hosts: 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa  =>Adware.InstantSavings
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
O4 - GS\QuickLaunch [Laura]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Program [Laura]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Program [Laura]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\SystemTools [Laura]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - HKLM\..\Wow6432Node\Run: [BrowserSafeguard] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (.not file.) =>PUP.BrowserSafeguard
O23 - Service: Update Jump Flip (Update Jump Flip) . (...) - C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (.not file.) =>PUP.JumpFlip
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\bench-sys.job   [344] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\bench-Updater removing.job   [288] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.)   [0]  =>Trojan.Keygen
[MD5.2064E97CF3396C4EC5A497CE49E4515F] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\Updater.exe   [254456]  =>PUP.GiganticSavings
[HKCU\Software\BearShare] =>PUP.BearShare
[HKLM\Software\Wow6432Node\BearShareSRTB] =>PUP.BearShare
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 29/01/2014 - 21:53:03 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 29/01/2014 - 22:00:41 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 29/01/2014 - 21:59:39 - [1,228] ----D C:\Users\Laura\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 29/01/2014 - 21:52:43 - [0,002] ----D C:\Users\Laura\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) --  C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9036AB99-C49E-4B1C-BB76-F61CD8B322C5}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{37E99F2B-E72E-4768-BEDF-04F09B64C632}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O87 - FAEL: "{BE97E544-044A-4ACD-8976-1BFD388E841C}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{C502C771-AE30-49C1-850F-01B4B664EECD}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (.not file.)
O87 - FAEL: "{5137BEC9-7A1A-4A59-BFD9-CEBDC64DFFB0}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{C491EF6E-57D5-41A7-95F3-5FB722378499}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{8DEBF4A4-EF00-4035-8438-900EF7D13E7A}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{584DDB28-0801-46B6-99A2-C0B46DF1CC9B}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{E9F76DF2-7352-4DCF-B7F3-CC2DCC707B02}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{CCD64847-8DE7-406E-9697-2D950EAD871E}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{FD87A1E4-D4D9-47A2-AB17-43E237D9B11E}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{357979BD-420C-4CA3-A626-51FB41F14B05}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (.not file.)
O87 - FAEL: "{ACA76622-F2BF-4E30-BB49-5242537D3C3C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{62A9B496-B2C3-494B-B994-DCD40F394DDF}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{25CE1C25-44B9-417F-A202-DA199F477927}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{325E749F-5B5D-4769-94CD-C02D33382BD4}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "TCP Query User{2CEAF970-D9FB-4D7A-9F7D-8F1B783F8E63}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\bearshare applications\bearshare\bearshare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "UDP Query User{ACF02443-D2E6-4F6B-9088-0D888B414385}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\bearshare applications\bearshare\bearshare.exe (.not file.) =>PUP.BearShare
SS - | Auto 10/07/1658 0 |  (Update Jump Flip) . (...) - C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe =>PUP.JumpFlip
[HKLM\Software\Google\Chrome\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa]   =>Adware.InstantSavings^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff]   =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip]   =>PUP.JumpFlip^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\Software\Wow6432Node\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}]   =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}]   =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}]   =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon   =>PUP.Mobogenie^
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa   =>Adware.InstantSavings^
C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff   =>Adware.MyWebSearch^
C:\ProgramData\IePluginService   =>Trojan.SProtector^
C:\ProgramData\WPM   =>PUP.WpManager^
C:\Users\Laura\AppData\Roaming\newnext.me   =>PUP.NextLive^
C:\Users\Laura\AppData\Local\BrowserSafeguard   =>PUP.BrowserSafeguard^
C:\ProgramData\Software   =>Adware.Boxore
C:\Users\Laura\AppData\Local\Software   =>Adware.Boxore
C:\Windows\Tasks\bench-sys.job   =>PUP.GiganticSavings^
C:\Windows\Tasks\bench-Updater removing.job   =>PUP.GiganticSavings^
C:\Program Files (x86)\Bench\Updater\Updater.exe   =>PUP.GiganticSavings^
[HKCU\Software\BearShare]   =>PUP.BearShare^
[HKLM\Software\Wow6432Node\BearShareSRTB]   =>PUP.BearShare^
[HKLM\Software\Wow6432Node\Wpm]   =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWPM]   =>PUP.WpManager^
C:\Program Files (x86)\Internet Explorer\cr_addon.crx   =>PUP.Babylon
FirewallRaz
EmptyFlash
Emptytemp
ShortcutFix