needhelp51
Posts: 368 +0
Hello, this morning MSE antivirus was disabled. I try to enable it and it does not work. I performed MBAM and DDS. Weird event in Attach file regarding "a master explorer" trying to take over my network or something. Last few days, firewall gave me notices of new network detected when I connect to my usual network and nothing was changed on my side. Can someone please help make sure my machine is clean?
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.08.21.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: TOSHIBA-29519BD [administrateur]
2013-08-21 09:04:54
mbam-log-2013-08-21 (09-04-54).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 206280
Temps écoulé: 7 minute(s), 48 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Admin at 9:13:25 on 2013-08-21
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.3070.2180 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ================
.
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uInternet Connection Wizard,ShellNext = hxxp://shoptoshiba.ca/welcome
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SmoothView] c:\program files\toshiba\utilitaire de zoom toshiba\SmoothView.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\fichiers communs\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\fichie~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1368298732837
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1368300958171
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\fichiers communs\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\63496oaa.default\
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 211560]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2013-7-20 51144]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2013-4-15 18528]
R1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [2013-4-15 587352]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2013-4-15 32816]
R1 MpKsl198da584;MpKsl198da584;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\MpKsl198da584.sys [2013-8-21 29904]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2013-4-25 4801304]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2013-5-11 54760]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-4-18 1227800]
R2 SolutoLauncherService;Soluto Launcher Service;c:\program files\soluto\SolutoLauncherService.exe [2013-7-17 166976]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2013-7-17 796224]
R3 cpuz136;cpuz136;\??\c:\windows\temp\cpuz136\cpuz136_x32.sys --> c:\windows\temp\cpuz136\cpuz136_x32.sys [?]
R3 NETwLx32; Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows XP 32 bits ;c:\windows\system32\drivers\NETwLx32.sys [2013-5-11 6609920]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-4-18 16024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-4-18 659992]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2013-4-15 127192]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 SolutoRemoteService;Soluto Remote Service;c:\program files\soluto\SolutoRemoteService.exe [2013-7-17 1667072]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-08-21 11:57:42 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\MpKsl198da584.sys
2013-08-20 21:37:45 7166848 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\mpengine.dll
2013-08-19 00:40:48 7143960 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-17 13:58:42 49152 ----a-w- c:\windows\system32\pscVSWIA.dll
2013-08-17 13:58:42 339968 ----a-w- c:\windows\system32\pscUD112.dll
2013-08-17 13:58:37 53248 ----a-w- c:\windows\system32\pscND112.exe
2013-08-17 13:58:36 94208 ----a-w- c:\windows\system32\PSCLU112.dll
2013-08-17 13:58:09 -------- d-----w- c:\program files\Canon
2013-08-17 13:46:25 304128 ----a-w- c:\windows\IsUninst.exe
2013-08-17 13:46:23 -------- d-----w- c:\documents and settings\admin\WINDOWS
2013-07-30 13:01:27 -------- d-----w- c:\documents and settings\admin\application data\OpenOffice
2013-07-30 12:56:11 -------- d-----w- c:\program files\OpenOffice 4
.
==================== Find3M ====================
.
2013-07-26 02:47:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:04 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:04 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:54:53 385024 ------w- c:\windows\system32\html.iec
2013-07-18 00:49:08 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2013-07-15 23:50:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-15 23:50:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-08 20:59:42 587352 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-07-04 07:34:01 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33:59 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-19 01:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 15:16:22 32816 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16:20 18528 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15:48 35488 ----a-w- c:\windows\system32\cmdcsr.dll
2013-06-18 15:15:47 348584 ----a-w- c:\windows\system32\guard32.dll
2013-06-18 15:15:35 278232 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-06-18 15:15:34 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-06-13 01:48:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-13 01:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-13 01:48:00 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-13 01:35:55 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-05 09:08:39 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22:56 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-28 01:59:27 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 01:05:23 6656 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 9:14:54,51 ===============
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.08.21.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: TOSHIBA-29519BD [administrateur]
2013-08-21 09:04:54
mbam-log-2013-08-21 (09-04-54).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 206280
Temps écoulé: 7 minute(s), 48 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Admin at 9:13:25 on 2013-08-21
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.3070.2180 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ================
.
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uInternet Connection Wizard,ShellNext = hxxp://shoptoshiba.ca/welcome
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SmoothView] c:\program files\toshiba\utilitaire de zoom toshiba\SmoothView.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\fichiers communs\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\fichie~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1368298732837
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1368300958171
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\fichiers communs\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\63496oaa.default\
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 211560]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2013-7-20 51144]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2013-4-15 18528]
R1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [2013-4-15 587352]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2013-4-15 32816]
R1 MpKsl198da584;MpKsl198da584;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\MpKsl198da584.sys [2013-8-21 29904]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2013-4-25 4801304]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2013-5-11 54760]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-4-18 1227800]
R2 SolutoLauncherService;Soluto Launcher Service;c:\program files\soluto\SolutoLauncherService.exe [2013-7-17 166976]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2013-7-17 796224]
R3 cpuz136;cpuz136;\??\c:\windows\temp\cpuz136\cpuz136_x32.sys --> c:\windows\temp\cpuz136\cpuz136_x32.sys [?]
R3 NETwLx32; Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows XP 32 bits ;c:\windows\system32\drivers\NETwLx32.sys [2013-5-11 6609920]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-4-18 16024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-4-18 659992]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2013-4-15 127192]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 SolutoRemoteService;Soluto Remote Service;c:\program files\soluto\SolutoRemoteService.exe [2013-7-17 1667072]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-08-21 11:57:42 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\MpKsl198da584.sys
2013-08-20 21:37:45 7166848 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{921cdbe9-0ddb-4a2c-9679-fdac861af942}\mpengine.dll
2013-08-19 00:40:48 7143960 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-17 13:58:42 49152 ----a-w- c:\windows\system32\pscVSWIA.dll
2013-08-17 13:58:42 339968 ----a-w- c:\windows\system32\pscUD112.dll
2013-08-17 13:58:37 53248 ----a-w- c:\windows\system32\pscND112.exe
2013-08-17 13:58:36 94208 ----a-w- c:\windows\system32\PSCLU112.dll
2013-08-17 13:58:09 -------- d-----w- c:\program files\Canon
2013-08-17 13:46:25 304128 ----a-w- c:\windows\IsUninst.exe
2013-08-17 13:46:23 -------- d-----w- c:\documents and settings\admin\WINDOWS
2013-07-30 13:01:27 -------- d-----w- c:\documents and settings\admin\application data\OpenOffice
2013-07-30 12:56:11 -------- d-----w- c:\program files\OpenOffice 4
.
==================== Find3M ====================
.
2013-07-26 02:47:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:04 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:04 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:54:53 385024 ------w- c:\windows\system32\html.iec
2013-07-18 00:49:08 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2013-07-15 23:50:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-15 23:50:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-08 20:59:42 587352 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-07-04 07:34:01 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33:59 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-19 01:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 15:16:22 32816 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16:20 18528 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15:48 35488 ----a-w- c:\windows\system32\cmdcsr.dll
2013-06-18 15:15:47 348584 ----a-w- c:\windows\system32\guard32.dll
2013-06-18 15:15:35 278232 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-06-18 15:15:34 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-06-13 01:48:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-13 01:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-13 01:48:00 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-13 01:35:55 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-05 09:08:39 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22:56 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-28 01:59:27 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 01:05:23 6656 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 9:14:54,51 ===============