Script ZHPFix O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DigitalSite.job [294] =>Hijacker.DSite [MD5.A6A9C1291B7762DBD95022AF71A6DD35] [APT] [DigitalSite] (...) -- C:\Users\MOI 2\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [101376] =>Hijacker.DSite O42 - Logiciel: Update for Zip Extractor - (...) [HKCU] -- DigitalSite =>Hijacker.DSite [HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals [HKCU\Software\DSiteProducts] =>Hijacker.DSite [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\BonanzaDealsLive] =>Adware.BonanzaDeals O43 - CFD: 31/10/2013 - 14:56:58 - [0,851] ----D C:\Program Files\BonanzaDeals =>Adware.BonanzaDeals O43 - CFD: 31/10/2013 - 15:55:23 - [0] ----D C:\Program Files\BonanzaDealsLive =>Adware.BonanzaDeals O43 - CFD: 31/10/2013 - 16:08:10 - [0,015] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 31/10/2013 - 14:49:46 - [0,075] ----D C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals O43 - CFD: 31/10/2013 - 14:49:22 - [0,097] ----D C:\Users\MOI 2\AppData\Roaming\DigitalSite =>Hijacker.DSite O43 - CFD: 31/10/2013 - 14:49:46 - [0] ----D C:\Users\MOI 2\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite] =>Hijacker.DSite^ [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox C:\Program Files\BonanzaDeals =>Adware.BonanzaDeals^ C:\Program Files\BonanzaDealsLive =>Adware.BonanzaDeals^ C:\Program Files\MyPC Backup =>PUP.MyPCBackup^ C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals^ C:\Users\MOI 2\AppData\Roaming\DigitalSite =>Hijacker.DSite^ C:\Users\MOI 2\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals^ C:\Windows\Tasks\DigitalSite.job =>Hijacker.DSite^ C:\Users\MOI 2\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe =>Hijacker.DSite^ [HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals^ [HKCU\Software\DSiteProducts] =>Hijacker.DSite^ [HKLM\Software\BonanzaDealsLive] =>Adware.BonanzaDeals^ O45 - LFCP:[MD5.0742EA5E336FEA250457D445ED45AFE8] - 06/02/2014 - 22:59:04 ---A- - C:\Windows\Prefetch\INSTALLER.EXE-BEFDFC46.pf O61 - LFC: 03/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000166.ldb [227] O61 - LFC: 06/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000177.ldb [231] O61 - LFC: 06/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 06/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [358] O61 - LFC: 06/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148] O61 - LFC: 06/02/2014 - 23:10:39 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000176 [1394] O4 - GS\Accessories [MOI 2]: Run.lnk - Clé orpheline O4 - GS\Desktop [MOI 2]: Gestionnaire de périphériques - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [MOI 2]: Run.lnk - Clé orpheline [HKLM\Software\Systweak] O43 - CFD: 31/10/2013 - 14:21:48 - [0] ----D C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F} O43 - CFD: 31/10/2013 - 14:21:53 - [0] ----D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} O43 - CFD: 31/10/2013 - 15:57:06 - [0] ----D C:\Users\MOI 2\AppData\Roaming\Systweak O45 - LFCP:[MD5.5B81EB07582BB6D855B243B003487305] - 01/02/2014 - 07:17:36 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.ED44FAD8BE1DBE86439A4FA3F3BD67C6] - 03/02/2014 - 07:45:08 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEBROKER.EXE-36CED48B.pf O45 - LFCP:[MD5.8374507FDC5D9DEE3F88142233023598] - 04/02/2014 - 12:23:02 ---A- - C:\Windows\Prefetch\32.0.1700.107_32.0.1700.102_C-795D19EF.pf O45 - LFCP:[MD5.E4BAD11BDCBCCB816718B953EFA3DE7A] - 04/02/2014 - 12:23:02 ---A- - C:\Windows\Prefetch\SETUP.EXE-82936E61.pf O45 - LFCP:[MD5.23D1107C6877FC50968B377BFDB86425] - 04/02/2014 - 12:23:13 ---A- - C:\Windows\Prefetch\SETUP.EXE-EC0C79A7.pf O45 - LFCP:[MD5.03019B81A88E48B69A812721694D6EC8] - 04/02/2014 - 19:03:10 ---A- - C:\Windows\Prefetch\SETUP.EXE-F3210A7A.pf O45 - LFCP:[MD5.D10D50A570F7E0AC5C6EB022E69DCE08] - 06/02/2014 - 12:49:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-1EF82A23.pf O45 - LFCP:[MD5.B3E7394486809E4662476A2A2BF9E871] - 06/02/2014 - 22:40:44 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1662156018-2916306828-1405465084-1000.db O45 - LFCP:[MD5.9FAE5E9702273A2AC835FD3F281969C4] - 06/02/2014 - 22:40:44 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1662156018-2916306828-1405465084-1000.db O45 - LFCP:[MD5.F1D37BFAB8D6E18B8973E738F5C22632] - 06/02/2014 - 23:09:23 ---A- - C:\Windows\Prefetch\LongTermHist.db.bt O45 - LFCP:[MD5.1ECBBE3CFC6E21B2178FA60A5CA8C877] - 06/02/2014 - 23:09:23 ---A- - C:\Windows\Prefetch\LongTermHist.db.dx O45 - LFCP:[MD5.070BB2EB9EC26C51F35EABC1E6C39283] - 29/01/2014 - 12:22:55 ---A- - C:\Windows\Prefetch\SETUP.EXE-BC85A5D3.pf O45 - LFCP:[MD5.6A538AD07BAEE643786B515E25CA60D9] - 29/01/2014 - 12:22:56 ---A- - C:\Windows\Prefetch\32.0.1700.102_32.0.1700.76_CH-51BF9E15.pf O45 - LFCP:[MD5.3D0394574503BE171FC3835F1A006349] - 29/01/2014 - 12:23:07 ---A- - C:\Windows\Prefetch\SETUP.EXE-0F5ABB73.pf O45 - LFCP:[MD5.CB8F633476F6B3B12CE8E63EF296F804] - 31/01/2014 - 09:40:55 ---A- - C:\Windows\Prefetch\ADOBEARMHELPER.EXE-E2AEAFD3.pf O45 - LFCP:[MD5.0663FC80BAC0BCED0F260B740ECEB946] - 31/01/2014 - 09:41:54 ---A- - C:\Windows\Prefetch\MSID35B.TMP-0CBB6CD5.pf O61 - LFC: 03/02/2014 - 23:10:44 ---A- . (...) -- C:\Users\MOI 2\AppData\Local\Temp\regle-lt4156370962859219698 [5450] O61 - LFC: 03/02/2014 - 23:10:44 --HA- . (...) -- C:\Users\MOI 2\AppData\Local\Temp\etilqs_Kc2kh6ysrCIxOrP [4] O61 - LFC: 03/02/2014 - 23:10:44 --HA- . (...) -- C:\Users\MOI 2\AppData\Local\Temp\etilqs_Kv9IfbPWuLwefx8 [4104] O61 - LFC: 03/02/2014 - 23:10:44 --HA- . (...) -- C:\Users\MOI 2\AppData\Local\Temp\etilqs_oqax0lAeu74qpBj [12304] [MD5.4B1B6BB20ACFC8B412EA3F54E1CFCEC9] [SPRF][30/10/2013] (...) -- C:\ProgramData\1383135964.bdinstall.bin [435527] FirewallRaz PROXYFix EmptyTemp EmptyFlash EmptyClsid