DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16635
Run by nibbz at 23:01:45 on 2013-07-18
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.5105.4176 [GMT -4:00]
.
AV: COMODO Antivirus *Disabled/Outdated* {458BB331-2324-0753-3D5F-1472EB102AC0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uDefault_Search_URL = hxxp://
www.google.com
mSearch Bar = hxxp://
www.google.com
mSearch Page = hxxp://
www.google.com
mDefault_Search_URL = hxxp://
www.google.com
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [cdloader] "C:\Users\nibbz\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [LGODDFU] blrun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} - hxxp://192.168.1.9:81/LvrWeb.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{07FEE089-0AB3-4836-8C6F-4FD7505E0D95} : DHCPNameServer = 192.168.1.1
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\nibbz\AppData\Roaming\Mozilla\Firefox\Profiles\qxl1gisf.default-1358222868749\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://us.yahoo.com?fr=fp-comodo
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\nibbz\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-28 21:35; {4cc4a13b-94a6-7568-370d-5f9de54a9c7f}; C:\Users\nibbz\AppData\Roaming\Mozilla\Firefox\Profiles\qxl1gisf.default-1358222868749\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2012-3-11 22736]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2012-3-11 38144]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-8-23 70352]
R2 tvnserver;TightVNC Server;C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe [2012-1-27 828944]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-16 676968]
S1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2012-8-3 35064]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2012-3-11 584056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-6-4 2095752]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-2-12 93072]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-30 19456]
S3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-6-29 15176]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2012-4-22 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2012-4-22 71168]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-30 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-10 1255736]
.
=============== File Associations ===============
.
.chm: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-07-19 02:54:11 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-19 00:12:01 -------- d-----w- C:\Windows\System32\MRT
2013-07-18 02:12:37 -------- d-----w- C:\Users\nibbz\AppData\Local\ArmA 2
2013-07-17 03:29:29 -------- d-----w- C:\Users\nibbz\AppData\Local\ArmA 2 OA
2013-07-17 03:29:29 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-07-16 18:07:37 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2637C75-4C45-4D29-881B-3E75A33CC0E4}\mpengine.dll
2013-07-15 21:34:10 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-15 21:34:09 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-15 21:34:09 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-15 21:34:09 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-15 21:34:09 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-15 21:34:09 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-15 21:34:09 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-15 21:34:08 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-15 21:34:08 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-15 21:34:06 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-15 21:34:06 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-15 21:34:00 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-15 21:33:58 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 21:33:58 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-15 21:33:58 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-15 21:33:58 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-15 21:33:58 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 21:33:06 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-15 21:33:06 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-01 01:09:17 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-07-01 01:09:16 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-30 05:30:31 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-06-30 05:30:31 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-06-30 05:30:31 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-06-30 05:30:31 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-06-30 05:27:58 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-30 05:25:49 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-06-30 05:25:49 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-06-30 05:25:49 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-06-30 05:25:49 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-06-30 05:25:49 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-06-30 05:25:49 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-06-30 05:25:49 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-06-30 05:19:33 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-06-30 05:19:33 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-06-30 05:19:33 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-06-30 05:19:33 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-06-30 05:19:14 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-06-30 05:19:14 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-06-30 05:19:04 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-06-30 05:19:04 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-06-30 05:17:56 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-06-30 05:15:54 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-30 05:15:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-30 05:15:38 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-06-30 05:15:26 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-06-30 05:15:25 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-06-30 05:15:15 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-30 05:15:15 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-30 05:15:08 67072 ----a-w- C:\Windows\splwow64.exe
2013-06-30 05:15:08 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-06-24 04:39:33 -------- d-----r- C:\Users\nibbz\Virtual Machines
2013-06-24 03:49:45 3584 ----a-w- C:\Windows\System32\drivers\fr-FR\vpchbus.sys.mui
2013-06-23 05:38:31 -------- d-----w- C:\Program Files\Windows XP Mode
2013-06-23 04:46:53 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-22 23:22:12 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-06-22 06:26:57 -------- d-sh--w- C:\$RECYCLE.BIN
.
==================== Find3M ====================
.
2013-06-30 05:27:58 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 04:46:50 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-23 04:46:50 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-14 23:56:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 23:56:09 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-14 23:12:16 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 12:37:19 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-06-05 12:37:19 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
.
============= FINISH: 23:01:50.98 ===============