
DDS (Ver_09-03-16.01) - NTFSx86  
Run by ⮭ 㫠 at 15:24:15,81 on 03.04.2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional  5.1.2600.3.1251.7.1049.18.1535.1076 [GMT 4:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVerTV\QuickTV.exe
C:\MATLAB701\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\ \ \dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ru/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: gFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\progra~1\flashget\getflash.dll
TB: FlashGet Bar: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\progra~1\flashget\fgiebar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [EPSON Stylus Photo R200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [MOD] c:\program files\microangelo\muamgr.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\586b~1\5d29~1\4a66~1\60c2~1\quicktv.lnk - c:\program files\avertv\QuickTV.exe
IE: &  Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE:     FlashGet - c:\program files\flashget\jc_all.htm
IE:    FlashGet - c:\program files\flashget\jc_link.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\progra~1\flashget\flashget.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-4-16 112144]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-4-2 213520]
R1 uzmzntuz;AVZ-RK Kernel Driver;c:\windows\system32\drivers\uzmzntuz.sys [2009-4-3 11264]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files\abbyy finereader 9.0\NetworkLicenseServer.exe [2007-9-24 566560]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-3-25 24592]
R3 PhTVTune;Cap7134 TVTuner;c:\windows\system32\drivers\PhTVTune.sys [2008-8-31 35008]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-4-25 201992]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\nbservice.exe --> c:\program files\common files\nero\nero backitup 4\NBService.exe [?]

=============== Created Last 30 ================

2009-04-03 13:58	333,952	-c------	c:\windows\system32\dllcache\srv.sys
2009-04-03 13:58	455,296	-c------	c:\windows\system32\dllcache\mrxsmb.sys
2009-04-03 13:57	<DIR>	--d-h---	c:\windows\$hf_mig$
2009-04-03 13:57	337,408	-c------	c:\windows\system32\dllcache\netapi32.dll
2009-04-03 01:13	11,264	a-------	c:\windows\system32\drivers\uzmzntuz.sys
2009-04-02 20:54	101,287	a-------	c:\windows\system32\drivers\klin.dat
2009-04-02 20:54	89,601	a-------	c:\windows\system32\drivers\klick.dat
2009-04-02 20:53	1,899,552	a--sh---	c:\windows\system32\drivers\fidbox.dat
2009-04-02 20:53	303,136	a--sh---	c:\windows\system32\drivers\fidbox2.dat
2009-04-02 20:53	16,968	a--sh---	c:\windows\system32\drivers\fidbox.idx
2009-04-02 20:53	3,164	a--sh---	c:\windows\system32\drivers\fidbox2.idx
2009-04-02 20:53	<DIR>	--d-----	c:\program files\Kaspersky Lab
2009-04-02 20:53	<DIR>	--d-----	c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-04-02 20:43	<DIR>	--d-hr--	c:\documents and settings\ \Recent
2009-04-01 23:59	<DIR>	--d-----	c:\program files\ICQ6.5
2009-04-01 21:14	<DIR>	--d-----	c:\program files\QIP
2009-04-01 21:09	<DIR>	--d-----	c:\docume~1\586b~1\applic~1\QIP
2009-03-31 23:23	10,747,904	a-------	c:\documents and settings\ \ntuser.dat
2009-03-06 14:02	<DIR>	--d-----	c:\program files\HtmlReader

==================== Find3M  ====================

2009-04-02 21:21	33,808	a-------	c:\windows\system32\drivers\klbg.sys
2009-03-29 13:31	349,224	a-------	c:\windows\system32\perfh019.dat
2009-03-29 13:31	50,206	a-------	c:\windows\system32\perfc019.dat
2009-02-04 11:27	3,488,768	a-------	c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 09:57	11,702,272	a-------	c:\windows\system32\atioglxx.dll
2009-02-04 09:03	290,816	a-------	c:\windows\system32\atiok3x2.dll
2009-02-04 08:56	442,368	a-------	c:\windows\system32\ATIDEMGX.dll
2009-02-04 08:55	324,096	a-------	c:\windows\system32\ati2dvag.dll
2009-02-04 08:44	196,608	a-------	c:\windows\system32\atipdlxx.dll
2009-02-04 08:44	155,648	a-------	c:\windows\system32\Oemdspif.dll
2009-02-04 08:43	26,112	a-------	c:\windows\system32\Ati2mdxx.exe
2009-02-04 08:43	43,520	a-------	c:\windows\system32\ati2edxx.dll
2009-02-04 08:43	155,648	a-------	c:\windows\system32\ati2evxx.dll
2009-02-04 08:41	602,112	a-------	c:\windows\system32\ati2evxx.exe
2009-02-04 08:40	53,248	a-------	c:\windows\system32\ATIDDC.DLL
2009-02-04 08:30	3,884,768	a-------	c:\windows\system32\ati3duag.dll
2009-02-04 08:14	2,645,504	a-------	c:\windows\system32\ativvaxx.dll
2009-02-04 07:58	49,664	a-------	c:\windows\system32\amdpcom32.dll
2009-02-04 07:54	471,040	a-------	c:\windows\system32\atikvmag.dll
2009-02-04 07:53	122,880	a-------	c:\windows\system32\atiadlxx.dll
2009-02-04 07:52	17,408	a-------	c:\windows\system32\atitvo32.dll
2009-02-04 07:52	53,248	a-------	c:\windows\system32\drivers\ati2erec.dll
2009-02-04 07:46	626,688	a-------	c:\windows\system32\ati2cqag.dll
2009-02-04 07:44	307,200	a-------	c:\windows\system32\atiiiexx.dll
2009-02-04 06:43	45,056	a-------	c:\windows\system32\aticalrt.dll
2009-02-04 06:42	45,056	a-------	c:\windows\system32\aticalcl.dll
2009-02-04 06:40	3,244,032	a-------	c:\windows\system32\aticaldd.dll
2009-02-03 22:05	593,920	--------	c:\windows\system32\ati2sgag.exe
2008-09-28 21:14	32,768	a--sh---	c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092820080929\index.dat

============= FINISH: 15:24:46,29 ===============
