Script ZHPFix [MD5.2AE149CA5B124D09BA1E76EA706D2095] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2466080] [PID.2896] =>Toolbar.Conduit G2 - GCE: Preference [User Data\Default] [aaaaabcbmongicmdegkmmfgdickgnnob] Movies Toolbar v.21.56092, (Désactivé) =>PUP.MoviesToolbar G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader v.1.3.3 (Désactivé) =>PUP.RealDeal G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.10.0 (Désactivé) =>Adware.MyWebSearch O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline O4 - GS\Desktop [Public]: ALDI Service Photo.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.aldiphoto.fr =>Hijacker.Browsers O4 - GS\Desktop [IUSR_NMPR]: HijackThis.lnk . (...) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (.not file.) O4 - GS\Desktop [IUSR_NMPR]: Continue Mipony Download Accelerator Installation.lnk . (...) -- C:\Users\CRICRI\AppData\Local\Temp\ICReinstall_DownloadAcceleratorSetup.exe (.not file.) O4 - GS\Accessories [CRICRI]: Run.lnk - Clé orpheline O20 - AppInit_DLLs: . (...) - C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (.not file.) =>Toolbar.Conduit O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit O36 - AppCertDlls: (x86) . (...) -- C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll =>PUP.Datamngr O36 - AppCertDlls: (x64) . (...) -- c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll =>PUP.Datamngr [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Adobe Updater] (...) -- C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [DriverMagic Scheduler] (...) -- C:\Program Files\SymplisIT\DriverMagic\DriverMagic\dmschedule.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance2013] (...) -- C:\Program Files\TuneUp Utilities 2013\OneClick.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{05029F16-8757-4749-93CD-A12148EFEBE4}] (...) -- C:\Windows\system32\Camcpl.cpl (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{12590891-EA90-431C-B229-939420BBCE3C}] (...) -- H:\monsetup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2E561819-1F18-46BA-B826-E71E52DB7B16}] (...) -- C:\Users\CRICRI\Downloads\spyblocker-c89.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{42A7F643-C642-4687-8554-C039E7BC60DA}] (...) -- C:\Users\CRICRI\Desktop\auxsetup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{64AAC35F-3988-4E27-B028-1E56151B2089}] (...) -- c:\Users\CRICRI\Downloads\VistumblerInstaller7.42.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{67BD3B34-F1BB-4898-AF47-197E74FDD53F}] (...) -- C:\Users\CRICRI\Desktop\dotnetfx3setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6C803886-2A77-46D4-AD94-AFA83BB38404}] (...) -- H:\browse.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7140F084-44A1-4A93-8A63-16A09EDBDAF8}] (...) -- H:\Driver\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{89EDC73B-E112-4C08-B4AC-9405543FE9B4}] (...) -- C:\Users\CRICRI\Downloads\mp3DC207.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B46EE25B-3D2E-4F9F-B84C-6A9F11183B30}] (...) -- C:\Users\CRICRI\Desktop\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{BE8FA941-2BA1-4C00-BB84-5392BC0710F2}] (...) -- C:\Users\CRICRI\Desktop\pilote_ati_catalyst_vista_7_x64_10.3_4234.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{E3AE6FFC-F965-49D3-8F85-B7DA7F0F416E}] (...) -- C:\Users\CRICRI\Downloads\lyricsplugin03.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FA241FFC-7EDB-4F74-BBC5-E8E57E1B5B32}] (...) -- C:\Users\CRICRI\Desktop\Vistumbler_v9-8.exe (.not file.) [0] O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM] -- {CC1C2EE8-8E03-4D79-9758-C208D4438A3E} =>PUP.QuickShare O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE} =>PUP.RealDeal O42 - Logiciel: Search Protect - (.Conduit.) [HKLM] -- SearchProtect =>Toolbar.Conduit HKCU\Software\DSiteProducts] =>Hijacker.DSite [HKCU\Software\Dashlane] =>Toolbar.Dashlane [HKLM\Software\Datamngr] =>PUP.Datamngr [HKLM\Software\EnigmaSoftwareGroup] O43 - CFD: 08/06/2013 - 10:13:13 - [29,241] ----D C:\Program Files\Enigma Software Group O43 - CFD: 17/04/2010 - 14:03:00 - [0] ----D C:\Program Files\Panda Security O43 - CFD: 06/02/2014 - 11:47:38 - [0] ----D C:\Program Files\RightSurf =>PUP.RightSurf O43 - CFD: 11/04/2014 - 12:51:25 - [12,536] ----D C:\Program Files\SearchProtect =>Toolbar.Conduit O43 - CFD: 06/06/2013 - 22:03:29 - [0] ----D C:\Program Files\Trend Micro O43 - CFD: 31/05/2013 - 21:35:11 - [0,370] ----D C:\Program Files\TrendMicro O43 - CFD: 12/12/2012 - 17:14:36 - [0] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} O43 - CFD: 12/12/2012 - 17:14:36 - [0] -SH-D C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} O43 - CFD: 12/12/2012 - 17:14:36 - [0] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 12/12/2012 - 17:14:36 - [0] -SH-D C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} O43 - CFD: 12/12/2012 - 17:14:38 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 12/12/2012 - 17:14:38 - [0] -SH-D C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} O43 - CFD: 24/02/2014 - 18:51:18 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 24/02/2014 - 16:55:32 - [0] ----D C:\Users\CRICRI\AppData\Roaming\DigitalSites =>Hijacker.DSite O43 - CFD: 17/12/2013 - 14:44:33 - [0,003] ----D C:\Users\CRICRI\AppData\Local\iLivid =>Adware.Bandoo O43 - CFD: 11/04/2014 - 12:51:43 - [0,212] ----D C:\Users\CRICRI\AppData\Local\SearchProtect =>Toolbar.Conduit O43 - CFD: 31/05/2013 - 21:35:11 - [0,002] ----D C:\Users\CRICRI\AppData\Roaming\Microsoft\Windows\Start Menu\P[HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>Toolbar.Conduit^ O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe O61 - LFC: 15/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_REPORT_P2336_T2716_D2014_04_15_T10_53_49.txt [7175] =>Toolbar.Conduit O61 - LFC: 15/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_REPORT_P6116_T3540_D2014_04_15_T14_14_15.txt [21560] =>Toolbar.Conduit O61 - LFC: 16/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_DUMP_P3728_T3204_D2014_04_16_T11_16_58.dmp [36104] =>Toolbar.Conduit O61 - LFC: 16/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_REPORT_P3728_T3204_D2014_04_16_T11_16_58.txt [30777] =>Toolbar.Conduit O61 - LFC: 17/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_DUMP_P2152_T3084_D2014_04_17_T11_04_18.dmp [35684] =>Toolbar.Conduit O61 - LFC: 17/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\CRASH_REPORT_P2152_T3084_D2014_04_17_T11_04_18.txt [27619] =>Toolbar.Conduit O61 - LFC: 17/04/2014 - 13:59:48 ---A- . (...) -- C:\Users\CRICRI\AppData\Local\SearchProtect\UI\rep\UIRepository.dat [462] =>Toolbar.Conduit O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar O90 - PUC: "B8713814E4D47A84297554B49AA067E0" . (.SweetPacks Toolbar for Internet Explorer 4.6.) -- C:\Windows\Installer\{4183178B-4D4E-48A7-9257-454BA90A760E}\ARPPRODUCTICON.exe =>PUP.SweetIM [MD5.F3E494BD7591BA95699216EEA2E686CE] [WIS][31/05/2013] (.Trend Micro Inc. - Trend Micro's HiJackThis.) -- C:\Windows\Installer\10d7cd7.msi [1093632] [MD5.968267B40708EB68733211E1A1B22E61] [WIS][11/08/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\34de7.msi [24576] =>Adware.Boxore [HKCR\CLSID\{EB59852D-B38E-4A4C-94BA-6731836E5538}] (PropertiesRIMDeviceManagerAbout Class) =>PUP.Manager SR - | Auto 30/03/2014 2466080 | (CltMngSvc) . (.Conduit.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob] =>PUP.MoviesToolbar^ [HKLM\Software\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji] =>PUP.RealDeal^ [HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^ [HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>Toolbar.Conduit^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}] =>PUP.QuickShare^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}] =>PUP.RealDeal^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit^ [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch [HKLM\Software\Classes\askibar.popswatterbarbutton] =>Toolbar.AskTBar [HKLM\Software\Classes\askibar.popswattersettingscontrol] =>Toolbar.AskTBar [HKLM\Software\Classes\asktoolbar.settingsplugin] =>Toolbar.AskTBar [HKLM\Software\Classes\Installer\Features\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM [HKCU\Software\APN DTX] =>Toolbar.Ask [HKLM\Software\DataMngr] =>Adware.Bandoo [HKCU\Software\Classes\MF] =>PUP.MediaFinder [HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\mysearchdial] =>Adware.MyWebSearch C:\Users\CRICRI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob =>PUP.MoviesToolbar^ C:\Users\CRICRI\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji =>PUP.RealDeal^ C:\Users\CRICRI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^ C:\Program Files\RightSurf =>PUP.RightSurf^ C:\Program Files\SearchProtect =>Toolbar.Conduit^ C:\Users\CRICRI\AppData\Roaming\DigitalSites =>Hijacker.DSite^ C:\Users\CRICRI\AppData\Local\iLivid =>Adware.Bandoo^ C:\Users\CRICRI\AppData\Local\SearchProtect =>Toolbar.Conduit^ C:\Users\CRICRI\AppData\Local\Software =>Adware.Boxore C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit^ [HKCU\Software\DSiteProducts] =>Hijacker.DSite^ [HKCU\Software\Dashlane] =>Toolbar.Dashlane^ [HKLM\Software\Datamngr] =>PUP.Datamngr^ C:\Windows\Installer\34de7.msi =>Adware.Boxore^ C:\Users\CRICRI\AppData\Local\Temp\nsd6D4D.exe =>Toolbar.Conduit C:\Users\CRICRI\AppData\Local\Temp\nsi7115.exe =>Toolbar.Conduit C:\Users\CRICRI\AppData\Local\Temp\nsn6B36.exe =>Toolbar.Conduit C:\Users\CRICRI\AppData\Local\Temp\nss6F3D.exe =>Toolbar.Conduit C:\Users\CRICRI\AppData\Local\Temp\sp-downloader.exe =>Toolbar.Conduit FirewallRaz EmptyFlash Emptytemp ShortcutFix