DDS (Ver_10-10-05.

01) - FAT32x86
Run by Owner at 13:26:05.06 on Sat 10/09/2010
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3071.2532 [GMT 5.5:
30]
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4
BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469
C0}
============== Running Processes ===============
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\sttray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\Go
ogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\STacSV.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.
2.183.23\GoogleCrashHandler.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
d:\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\p
rogram files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\
kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\
program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\p
rogram files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\commo
n files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\owner\local settings\applicatio
n data\google\update\GoogleUpdate.exe" /c
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe
" -quiet
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NWEReboot]
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarIni
t
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp
.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusch
ed.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\
program files\microsoft office\office10\OSA.EXE
IE: &WordWeb... - c:\windows\wweb32.dll/lookup.html
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet
security 2009\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.e
xe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348
D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.d
ll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/j
install-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugi
n/1.4/jinstall-14_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/j
install-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/j
install-1_6_0_21-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common
files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kas
per~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\hc9dqemq.
default\
FF - prefs.js: browser.startup.homepage - www.google.co.in
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\owner\local settings\application data\goo
gle\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\moz
illa firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.x
n--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.x
n--mgberp4a5d4ar", true);
============= SERVICES / DRIVERS ===============
R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [20
08-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-10-9 226
832]
R2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky inte
rnet security 2009\avp.exe [2008-11-11 208616]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [200
8-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys
[2008-4-30 24592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c
:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\wind
ows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753
504]
=============== Created Last 30 ================
2010-10-09 07:13:51 71 ----a-w- c:\documents and settings\owner\
default.pls
2010-10-09 03:43:40 608448 ------w- c:\windows\system32\Comctl32.ocx
2010-10-09 03:43:40 -------- d-----w- c:\program files\ZakFrom
AnotherPlanet
2010-10-09 03:40:34 -------- d-----w- c:\windows\system32\Adob
e
2010-10-09 03:40:33 -------- d-----w- c:\program files\RomanWa
re
2010-10-09 03:38:31 839680 ----a-w- c:\windows\system32\lameACM.acm
2010-10-09 03:38:31 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-10-09 03:38:30 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-10-09 03:38:30 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-10-09 03:38:30 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-10-09 03:38:30 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-10-09 03:38:30 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-10-09 03:38:29 685056 ----a-w- c:\windows\system32\divx.dll
2010-10-09 03:38:28 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-10-09 03:38:23 -------- d-----w- c:\program files\K-Lite
Codec Pack
2010-10-09 03:22:30 -------- d-----w- c:\docume~1\owner\locals
~1\applic~1\Adobe
2010-10-09 03:01:36 124688 ----a-w- c:\windows\system32\MSWINSCK.ocx
2010-10-09 03:00:45 152848 ------w- c:\windows\system32\Comdlg32.ocx
2010-10-09 02:59:08 -------- d-----w- c:\docume~1\owner\applic
~1\DMCache
2010-10-08 19:22:22 -------- d-----w- c:\program files\Real Al
ternative
2010-10-08 19:22:22 -------- d-----w- c:\docume~1\owner\locals
~1\applic~1\Real
2010-10-08 19:19:14 -------- d-----w- c:\program files\Yahoo!
2010-10-08 19:15:55 -------- d-----w- c:\program files\Easy Vi
deo to Audio Converter
2010-10-08 19:14:42 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-08 19:14:42 423656 ----a-w- c:\windows\system32\deployJava1.
dll
2010-10-08 19:08:32 -------- d-----w- c:\docume~1\owner\locals
~1\applic~1\Mozilla
2010-10-08 19:05:47 -------- d-----w- c:\docume~1\owner\locals
~1\applic~1\Temp
2010-10-08 19:05:44 -------- d-----w- c:\docume~1\owner\locals
~1\applic~1\Google
2010-10-08 18:50:37 -------- d-----w- c:\windows\system32\Soft
wareDistribution
2010-10-08 18:46:51 97549 ----a-w- c:\windows\system32\drivers\klic
k.dat
2010-10-08 18:46:51 113933 ----a-w- c:\windows\system32\drivers\klin
.dat
2010-10-08 18:46:31 68128 --sha-w- c:\windows\system32\drivers\fidb
ox.dat
2010-10-08 18:46:31 16416 --sha-w- c:\windows\system32\drivers\fidb
ox2.dat
2010-10-08 18:46:31 1612 --sha-w- c:\windows\system32\drivers\fidb
ox.idx
2010-10-08 18:46:31 1136 --sha-w- c:\windows\system32\drivers\fidb
ox2.idx
2010-10-08 18:46:30 -------- d-----w- c:\program files\Kaspers
ky Lab
2010-10-08 18:46:30 -------- d-----w- c:\docume~1\alluse~1\app
lic~1\Kaspersky Lab
2010-10-08 18:45:36 -------- d-----w- c:\docume~1\alluse~1\app
lic~1\Kaspersky Lab Setup Files
2010-10-08 18:35:59 -------- d-----w- c:\docume~1\alluse~1\app
lic~1\NVIDIA Corporation
2010-10-08 18:35:51 -------- d-----w- c:\program files\NVIDIA
Corporation
2010-10-08 18:33:36 4864 ----a-r- c:\windows\system32\drivers\Port
Io.sys
2010-10-08 18:32:01 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-08 18:32:01 10604128 ----a-w- c:\windows\system32\driv
ers\nv4_mini.sys
2010-10-08 18:32:01 10604128 ----a-w- c:\windows\system32\dllc
ache\nv4_mini.sys
==================== Find3M ====================
2010-10-08 19:23:06 33808 ----a-w- c:\windows\system32\drivers\klbg
.sys
============= FINISH: 13:26:21.06 ===============