[MD5.122A47B49993422F29B2A20D439E15CA] - (.Discordia, LTD - Data Manager.) -- C:\Program Files (x86)\Windows jZip Toolbar\Datamngr\datamngrUI.exe [1546648] [PID.4788] => Infection PUP (PUP.BearShare)*
[MD5.33F336F6FFF04A7FDA3A9FF9F0457D15] - (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBox.exe [1966936] [PID.5960] => Infection PUP (PUP.OfferBox)*
O2 - BHO: jZip Toolbar [64Bits] - {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Windows jZip Toolbar\Datamngr\ToolBar\jzipdtx.dll => Infection PUP (PUP.BearShare)*
O2 - BHO: UrlHelper Class [64Bits] - {41C4AA37-1DDD-4345-B8DC-734E4B38414D} . (.Discordia, LTD - IEHelper.) -- C:\Program Files (x86)\Windows jZip Toolbar\Datamngr\IEBHO.dll => Infection PUP (PUP.BearShare)*
O2 - BHO: OfferBox [64Bits] - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll => Infection PUP (PUP.OfferBox)*
O4 - HKLM\..\Wow6432Node\Run: [DATAMNGR] . (.Discordia, LTD - Data Manager.) -- C:\Program Files (x86)\Windows jZip Toolbar\Datamngr\datamngrUI.exe => Infection PUP (PUP.BearShare)*
O4 - GS\QuickLaunch: jZip.lnk . (.Bandoo media inc - jZip.) -- C:\Program Files (x86)\jZip\jZip.exe => Infection PUP (Adware.Bandoo)*
O20 - AppInit_DLLs: . (.Discordia, LTD - Data Manager.) - C:\Program Files (x86)\WIF0E7~1\Datamngr\x64\datamngr.dll => Infection PUP (PUP.BearShare)*
O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM][64Bits] -- {4BD271AB-66E2-4D58-AF88-80FE3B0770C4} => Infection PUP (PUP.OfferBox)
O42 - Logiciel: OfferBox Browser - (.Secure Digital Services Limited.) [HKLM][64Bits] -- OfferBox Browser => Infection PUP (PUP.OfferBox)*
[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*
[HKCU\Software\DataMngr_Toolbar] => Infection PUP (PUP.BearShare)*
[HKCU\Software\FissaSearch] => Infection PUP (PUP.OfferBox)
[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)*
[HKLM\Software\Wow6432Node\DataMngr] => Infection PUP (PUP.BearShare)*
[HKLM\Software\Wow6432Node\FissaSearch] => Infection PUP (PUP.OfferBox)
[HKLM\Software\Wow6432Node\OfferBox] => Infection PUP (PUP.OfferBox)*
O43 - CFD: 12/04/2011 - 19:35:36 - [3,430] ----D C:\Program Files (x86)\OfferBox => Infection PUP (PUP.OfferBox)*
O43 - CFD: 13/06/2012 - 18:17:39 - [0,024] ----D C:\Users\Xavier\AppData\Roaming\FissaSearch => Infection PUP (PUP.OfferBox)
O43 - CFD: 14/04/2013 - 17:41:08 - [0,309] --H-D C:\Users\Xavier\AppData\Roaming\OfferBox => Infection PUP (PUP.OfferBox)*
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} [DefaultScope] - (Search Results) -
http://dts.search-results.com => Infection PUP (Adware.IMBooster)*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] => Infection BT (Hijack.Browser)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] => Infection BT (Hijack.Browser)
[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*
[HKCU\Software\DataMngr_Toolbar] => Infection PUP (PUP.BearShare)*
[HKCU\Software\FissaSearch] => Infection PUP (PUP.OfferBox)
[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)*
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}] => Infection PUP (Adware.Bandoo)
C:\Program Files (x86)\OfferBox => Infection PUP (PUP.OfferBox)*
C:\Users\Xavier\AppData\Roaming\FissaSearch => Infection PUP (PUP.OfferBox)
C:\Users\Xavier\AppData\Roaming\OfferBox => Infection PUP (PUP.OfferBox)*
C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjeikeheijdjdfjbmknpefojickbkmom => Infection PUP (PUP.Offerbox)
O90 - PUC: "BA172DB42E6685D4FA8808EFB370074C" . (.Fissa.) -- C:\Windows\Installer\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}\ARPPRODUCTICON.exe => Infection PUP (PUP.OfferBox)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}] => Toolbar.jZip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}] => Toolbar.jZip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] => Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] => Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] => Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] => Toolbar.Bing
C:\Program Files (x86)\Windows jZip Toolbar => Windows jZip Toolbar
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job [346]
[MD5.00000000000000000000000000000000] [APT] [{069889F7-54DE-422F-BA5C-483C217F1332}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A04CC78C-AAC6-415A-97BE-3BA02CD1CE09}] (...) -- D:\AUTORUN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B7424B3C-3720-49BF-9884-8F7F5400C188}] (...) -- D:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BE513783-7F09-495D-A235-1A369E34BAE8}] (...) -- I:\netsetup.exe (.not file.) [0] =
[MD5.00000000000000000000000000000000] [APT] [{D263BA40-CBDC-469A-8821-BA094844B23E}] (...) -- D:\AUTORUN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6561586-8792-4D2E-8CC6-3E509E55CE39}] (...) -- D:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E7630879-FACD-4F12-995D-E2A0377C1E25}] (...) -- D:\AUTORUN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FAB39080-C1A9-473B-A23F-8DC8E46B9F6B}] (...) -- D:\setup.exe (.not file.) [0]
[HKCU\Software\AppDataLow\Software\jziptoolbar]
O90 - PUC: "656D68EC788C1FE42B7DA20157349546" . (.Face Filter.) -- C:\Windows\Installer\{CE86D656-C887-4EF1-B2D7-2A1075435964}\ARPPRODUCTICON.exe
FirewallRaz
EmptyFlash
Emptytemp
SysRestore