
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by malglaive (administrator) on MAISON-3BC09697 on 16-01-2014 17:04:00
Running from C:\Documents and Settings\malglaive\Mes documents\Downloads
Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CoolPic\ExtensionUpdaterService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [NextLive] - C:\Documents and Settings\malglaive\Application Data\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:1036;https=127.0.0.1:1036
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=irmsd0101aw&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CzzyD0AyB0AyC0CtByDtBtN0D0Tzu0CyByEtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1924408184&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101aw&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CzzyD0AyB0AyC0CtByDtBtN0D0Tzu0CyByEtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1924408184&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101aw&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CzzyD0AyB0AyC0CtByDtBtN0D0Tzu0CyByEtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1924408184&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101aw&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CzzyD0AyB0AyC0CtByDtBtN0D0Tzu0CyByEtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1924408184&ir=
BHO: Plus-HD-5.0 - {11111111-1111-1111-1111-110411771118} - C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bho.dll (Plus HD)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{502EA0B2-D100-4E28-891A-E73418FE1DF9}: [NameServer]192.168.1.1

Chrome: 
=======
CHR Extension: (Adblock Plus) - C:\Documents and Settings\malglaive\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_1 [2014-01-16]
CHR Extension: (Google Wallet) - C:\Documents and Settings\malglaive\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2014-01-16]
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Documents and Settings\malglaive\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0 [2014-01-16]
CHR Extension: (MySearchDial __MSG_newtab__) - C:\Documents and Settings\malglaive\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.1.1_0 [2014-01-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\MALGLA~1\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-09]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\MALGLA~1\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-09]

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-05-15] ()
R2 CoolPic Updater; C:\Program Files\CoolPic\ExtensionUpdaterService.exe [185856 2013-10-08] ()
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480 2013-07-09] (Garmin Ltd or its subsidiaries)
S3 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-11-30] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MDM; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-09-28] (AVG Technologies)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2012-12-21] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2012-12-21] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38440 2007-11-26] (Nero AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl4fbb02af; c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4ADE4FDD-B874-48E5-890E-83D7A8D8867C}\MpKsl4fbb02af.sys [40392 2014-01-16] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-12] ()
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-01] (AnchorFree Inc)
S1 AmdPPM; system32\DRIVERS\AmdPPM.sys [x]
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x32.sys [x]
S4 IntelIde; No ImagePath
S3 iSafeKrnl; \??\C:\Program Files\iSafe\iSafeKrnl.sys [x]
S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 Ser2pl; system32\DRIVERS\ser2pl.sys [x]
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 16:52 - 2014-01-16 16:52 - 00069592 _____ C:\Documents and Settings\malglaive\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-16 16:49 - 2014-01-16 16:49 - 00266208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-16 16:03 - 2014-01-16 17:00 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-16 16:03 - 2014-01-16 16:59 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2014-01-16 15:53 - 2014-01-16 15:53 - 00001708 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk
2014-01-16 14:24 - 2014-01-16 14:27 - 00000000 ____D C:\67a341a6802836b56e8254d7e51e31fd
2014-01-14 12:55 - 2014-01-16 16:43 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\Plus-HD-5.0
2014-01-14 12:52 - 2014-01-16 16:50 - 00001324 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-updater.job
2014-01-14 12:52 - 2014-01-16 16:49 - 00001126 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-enabler.job
2014-01-14 12:52 - 2014-01-14 13:13 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 12:52 - 2014-01-14 13:12 - 00000794 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2014-01-14 12:52 - 2014-01-14 13:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
2014-01-14 12:52 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-14 12:51 - 2014-01-16 16:49 - 00002088 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-firefoxinstaller.job
2014-01-14 12:51 - 2014-01-16 16:49 - 00001226 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-codedownloader.job
2014-01-14 12:50 - 2014-01-16 16:50 - 00001956 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-chromeinstaller.job
2014-01-14 12:49 - 2014-01-14 12:52 - 00000000 ____D C:\Program Files\Plus-HD-5.0
2014-01-10 20:51 - 2014-01-10 20:51 - 00000056 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-01-09 20:55 - 2014-01-16 16:52 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\newnext.me
2014-01-09 20:55 - 2014-01-09 20:55 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\cache
2014-01-09 20:55 - 2014-01-09 20:55 - 00000000 ____D C:\Documents and Settings\malglaive\.android
2014-01-09 20:54 - 2014-01-14 12:52 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\genienext
2014-01-09 20:54 - 2014-01-09 20:54 - 00000000 ____D C:\Documents and Settings\malglaive\Mes documents\Mobogenie
2014-01-09 20:53 - 2014-01-09 20:53 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\0F1F1C2Y1H1P1C0I0T
2014-01-09 20:51 - 2014-01-09 20:50 - 00351124 _____ C:\Documents and Settings\malglaive\Local Settings\Application Data\mysearchdial-speeddial.crx
2014-01-09 19:58 - 2014-01-09 19:58 - 00667816 _____ C:\Documents and Settings\malglaive\Bureau\malwarebytes-anti-malware.exe
2014-01-03 19:25 - 2014-01-15 20:11 - 00000000 ____D C:\Documents and Settings\malglaive\Tracing
2014-01-02 15:54 - 2014-01-02 15:54 - 00000730 _____ C:\Documents and Settings\malglaive\Bureau\WinRAR.lnk
2014-01-02 15:54 - 2014-01-02 15:54 - 00000000 ____D C:\Documents and Settings\malglaive\Menu Démarrer\Programmes\WinRAR
2014-01-02 15:54 - 2014-01-02 15:54 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
2014-01-02 12:34 - 2014-01-16 17:03 - 00000000 ____D C:\FRST
2014-01-02 11:27 - 2014-01-02 20:57 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-02 11:26 - 2014-01-02 11:26 - 00000000 ____D C:\Program Files\AVAST Software
2013-12-19 15:29 - 2013-12-19 15:29 - 00000000 ____D C:\Avenger
2013-12-18 23:28 - 2014-01-15 18:54 - 00000440 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{FCA9346C-2386-4839-8C1C-221FD44C3256}.job
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\eCyber
2013-12-18 22:34 - 2014-01-02 13:57 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\YAC
2013-12-18 19:37 - 2013-12-18 22:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\WPM

==================== One Month Modified Files and Folders =======

2014-01-16 17:03 - 2014-01-02 12:34 - 00000000 ____D C:\FRST
2014-01-16 17:00 - 2014-01-16 16:03 - 00000400 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-16 16:59 - 2014-01-16 16:03 - 00000366 ____H C:\WINDOWS\Tasks\MpIdleTask.job
2014-01-16 16:52 - 2014-01-16 16:52 - 00069592 _____ C:\Documents and Settings\malglaive\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-16 16:52 - 2014-01-09 20:55 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\newnext.me
2014-01-16 16:51 - 2010-01-06 13:49 - 01540307 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 16:50 - 2014-01-14 12:52 - 00001324 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-updater.job
2014-01-16 16:50 - 2014-01-14 12:50 - 00001956 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-chromeinstaller.job
2014-01-16 16:49 - 2014-01-16 16:49 - 00266208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-16 16:49 - 2014-01-14 12:52 - 00001126 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-enabler.job
2014-01-16 16:49 - 2014-01-14 12:51 - 00002088 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-firefoxinstaller.job
2014-01-16 16:49 - 2014-01-14 12:51 - 00001226 _____ C:\WINDOWS\Tasks\Plus-HD-5.0-codedownloader.job
2014-01-16 16:49 - 2013-06-03 19:31 - 00001058 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cac677a566efb8.job
2014-01-16 16:49 - 2009-06-24 16:59 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-16 16:49 - 2009-06-24 16:59 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-16 16:49 - 2009-06-24 15:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-16 16:46 - 2013-11-07 21:10 - 00000000 ____D C:\AdwCleaner
2014-01-16 16:43 - 2014-01-14 12:55 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\Plus-HD-5.0
2014-01-16 16:43 - 2009-06-24 15:08 - 00000000 ____D C:\Documents and Settings\malglaive
2014-01-16 16:42 - 2012-03-08 19:02 - 00000692 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2014-01-16 16:41 - 2009-07-28 13:05 - 00000000 ____D C:\Program Files\CCleaner
2014-01-16 16:35 - 2012-04-22 11:16 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-16 16:35 - 2009-06-24 15:08 - 00000000 ____D C:\Documents and Settings\malglaive\Bureau
2014-01-16 16:17 - 2009-07-09 13:05 - 00000000 ____D C:\Documents and Settings\malglaive\Bureau\INSTALL
2014-01-16 15:53 - 2014-01-16 15:53 - 00001708 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk
2014-01-16 15:53 - 2012-04-22 10:31 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2014-01-16 15:53 - 2009-06-24 16:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-01-16 15:52 - 2012-04-22 10:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2014-01-16 15:52 - 2004-08-05 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-16 15:35 - 2010-01-28 09:41 - 00032562 ____N C:\WINDOWS\SchedLgU.Txt
2014-01-16 15:26 - 2009-06-24 16:58 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2014-01-16 14:58 - 2013-06-17 19:45 - 00131072 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2014-01-16 14:58 - 2012-11-25 15:58 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-16 14:27 - 2014-01-16 14:24 - 00000000 ____D C:\67a341a6802836b56e8254d7e51e31fd
2014-01-16 14:27 - 2013-07-16 08:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 14:26 - 2009-06-24 09:36 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 20:41 - 2013-12-11 09:24 - 00000458 _____ C:\WINDOWS\Tasks\At2.job
2014-01-15 20:11 - 2014-01-03 19:25 - 00000000 ____D C:\Documents and Settings\malglaive\Tracing
2014-01-15 20:11 - 2009-07-09 13:05 - 00000000 ____D C:\Documents and Settings\malglaive\Bureau\ICONES INERTES
2014-01-15 20:11 - 2009-06-24 10:09 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2014-01-15 20:03 - 2010-07-13 10:01 - 00000000 ____D C:\Program Files\INFORAD
2014-01-15 18:54 - 2013-12-18 23:28 - 00000440 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{FCA9346C-2386-4839-8C1C-221FD44C3256}.job
2014-01-14 14:01 - 2013-12-11 09:24 - 00000458 _____ C:\WINDOWS\Tasks\At4.job
2014-01-14 13:13 - 2014-01-14 12:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 13:12 - 2014-01-14 12:52 - 00000794 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2014-01-14 13:12 - 2014-01-14 12:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
2014-01-14 13:12 - 2013-01-06 18:48 - 00578410 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1644491937-839522115-1004-0.dat
2014-01-14 13:12 - 2012-11-24 22:33 - 00288762 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-14 13:12 - 2009-06-24 15:08 - 00000284 ___SH C:\Documents and Settings\malglaive\ntuser.ini
2014-01-14 13:03 - 2013-11-13 14:04 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\Mobogenie
2014-01-14 13:02 - 2009-06-24 15:08 - 00000000 ___RD C:\Documents and Settings\malglaive\Menu Démarrer\Programmes
2014-01-14 12:52 - 2014-01-14 12:49 - 00000000 ____D C:\Program Files\Plus-HD-5.0
2014-01-14 12:52 - 2014-01-09 20:54 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\genienext
2014-01-14 12:48 - 2013-12-11 09:24 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\HpUpdate
2014-01-11 09:24 - 2013-12-11 09:24 - 00000458 _____ C:\WINDOWS\Tasks\At3.job
2014-01-10 20:51 - 2014-01-10 20:51 - 00000056 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-01-10 12:25 - 2013-11-13 14:04 - 00000290 _____ C:\Documents and Settings\malglaive\daemonprocess.txt
2014-01-09 20:58 - 2012-04-22 10:16 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-01-09 20:55 - 2014-01-09 20:55 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\cache
2014-01-09 20:55 - 2014-01-09 20:55 - 00000000 ____D C:\Documents and Settings\malglaive\.android
2014-01-09 20:54 - 2014-01-09 20:54 - 00000000 ____D C:\Documents and Settings\malglaive\Mes documents\Mobogenie
2014-01-09 20:53 - 2014-01-09 20:53 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\0F1F1C2Y1H1P1C0I0T
2014-01-09 20:50 - 2014-01-09 20:51 - 00351124 _____ C:\Documents and Settings\malglaive\Local Settings\Application Data\mysearchdial-speeddial.crx
2014-01-09 19:58 - 2014-01-09 19:58 - 00667816 _____ C:\Documents and Settings\malglaive\Bureau\malwarebytes-anti-malware.exe
2014-01-08 10:10 - 2013-12-11 09:24 - 00000458 _____ C:\WINDOWS\Tasks\At1.job
2014-01-08 09:06 - 2010-01-26 15:00 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\vlc
2014-01-06 19:22 - 2010-01-05 11:11 - 00002573 _____ C:\Documents and Settings\malglaive\Bureau\Microsoft Office Word 2003.lnk
2014-01-03 19:33 - 2012-04-22 19:05 - 00000000 ____D C:\Program Files\Windows Live
2014-01-03 19:33 - 2009-07-13 18:39 - 00000000 ____D C:\Program Files\Google
2014-01-03 19:33 - 2009-07-13 18:39 - 00000000 ____D C:\Documents and Settings\malglaive\Local Settings\Application Data\Google
2014-01-03 19:33 - 2009-07-13 18:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2014-01-02 20:57 - 2014-01-02 11:27 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-02 20:35 - 2013-02-21 20:16 - 00000000 ____D C:\Program Files\WinRAR
2014-01-02 16:42 - 2011-04-10 09:36 - 00000000 ____D C:\Documents and Settings\malglaive\Bureau\FILMS
2014-01-02 15:54 - 2014-01-02 15:54 - 00000730 _____ C:\Documents and Settings\malglaive\Bureau\WinRAR.lnk
2014-01-02 15:54 - 2014-01-02 15:54 - 00000000 ____D C:\Documents and Settings\malglaive\Menu Démarrer\Programmes\WinRAR
2014-01-02 15:54 - 2014-01-02 15:54 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
2014-01-02 13:57 - 2013-12-18 22:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\YAC
2014-01-02 13:57 - 2009-06-24 16:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer
2014-01-02 13:24 - 2009-07-13 18:39 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\Google
2014-01-02 11:26 - 2014-01-02 11:26 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-02 11:26 - 2013-11-15 18:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-12-31 19:21 - 2009-06-24 15:08 - 00000813 _____ C:\Documents and Settings\malglaive\Menu Démarrer\Programmes\Internet Explorer.lnk
2013-12-31 19:21 - 2009-06-24 15:08 - 00000748 _____ C:\Documents and Settings\malglaive\Menu Démarrer\Programmes\Outlook Express.lnk
2013-12-30 18:00 - 2012-05-11 08:00 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-12-30 17:54 - 2009-06-24 15:08 - 00000000 ___RD C:\Documents and Settings\malglaive\Menu Démarrer\Programmes\Accessoires
2013-12-30 12:59 - 2009-06-24 15:07 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-12-30 12:59 - 2009-06-24 15:07 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-12-30 12:59 - 2009-06-24 15:02 - 00000000 ____D C:\WINDOWS\Registration
2013-12-19 15:45 - 2009-06-24 16:49 - 00000000 ____D C:\WINDOWS\Help
2013-12-19 15:29 - 2013-12-19 15:29 - 00000000 ____D C:\Avenger
2013-12-19 15:29 - 2013-06-03 19:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
2013-12-19 00:00 - 2013-06-18 10:44 - 00000927 _____ C:\Documents and Settings\malglaive\Bureau\Google Chrome.lnk
2013-12-19 00:00 - 2009-07-09 12:53 - 00000757 _____ C:\Documents and Settings\malglaive\Bureau\Démarrer Internet Explorer.lnk
2013-12-19 00:00 - 2009-06-24 16:58 - 00000000 ____D C:\Program Files\Fichiers communs
2013-12-18 23:03 - 2009-06-24 15:08 - 00000000 __SHD C:\Documents and Settings\malglaive\Local Settings\Historique
2013-12-18 22:42 - 2013-06-03 19:31 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Documents and Settings\malglaive\Application Data\eCyber
2013-12-18 22:35 - 2011-06-11 00:58 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-12-18 22:35 - 2011-06-11 00:58 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-12-18 22:27 - 2013-12-18 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\WPM
2013-12-18 20:00 - 2013-06-03 10:55 - 00001573 _____ C:\Documents and Settings\All Users\Menu Démarrer\Configurer les programmes par défaut.lnk
2013-12-18 20:00 - 2009-06-24 15:04 - 00001609 _____ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Assistance à distance.lnk

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Documents and Settings\malglaive\Local Settings\Temp\92009uninstall.exe
C:\Documents and Settings\malglaive\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\malglaive\Local Settings\Temp\Sqlite3.dll
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-5d21fec3.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-b3d11515.exe
C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-f4fb1aca.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2004-08-05 13:00] - [2008-04-13 18:34] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174 

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2004-08-05 13:00] - [2008-04-13 18:33] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023 

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2004-08-05 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) 0203b1aad358f206cb0a3c1f93cce17a 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================